Mercurial > prosody-modules
annotate mod_http_auth_check/README.markdown @ 5418:f2c7bb3af600
mod_http_oauth2: Add role selector to consent page
List includes all roles available to the user, if more than one.
Defaults to either the first role in the scope string or the users
primary role.
Earlier draft listed all roles, but having options that can't be
selected is bad UX and the entire list of all roles on the server could
be long, and perhaps even sensitive.
Allows e.g. picking a role with fewer permissions than what might
otherwise have been selected.
UX wise, doing this with more checkboxes or possibly radio buttons would
have been confusion and/or looked messier.
Fixes the previous situation where unselecting a role would default to
the primary role, which could be more permissions than requested.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Fri, 05 May 2023 01:23:13 +0200 |
| parents | c4db126a9f04 |
| children |
| rev | line source |
|---|---|
|
2884
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
1 --- |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
2 labels: |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
3 summary: 'Test account credentials using HTTP' |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
4 ... |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
5 |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
6 Introduction |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
7 ------------ |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
8 |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
9 This module lets you test whether a set of credentials are valid, |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
10 using Prosody's configured authentication mechanism. |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
11 |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
12 This is useful as an easy way to allow other (e.g. non-XMPP) applications |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
13 to authenticate users using their XMPP credentials. |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
14 |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
15 Syntax |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
16 ------ |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
17 |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
18 To test credentials, issue a simple GET request with HTTP basic auth: |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
19 |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
20 GET /auth_check HTTP/1.1 |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
21 Authorization: Basic <base64(jid:password)> |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
22 |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
23 Prosody will return a 2xx code on success (user exists and credentials are |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
24 correct), or 401 if the credentials are invalid. Any other code may be returned |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
25 if there is a problem handling the request. |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
26 |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
27 ### Example usage |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
28 |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
29 Here follows some example usage using `curl`. |
|
16e9f37b3f82
mod_http_auth_check: New HTTP module to test user credentials
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
diff
changeset
|
30 |
|
3448
c4db126a9f04
Fix http_auth_check example in README
Nicolas Cedilnik <nicoco@nicoco.fr>
parents:
2884
diff
changeset
|
31 curl http://prosody.local:5280/auth_check -u user@example.com:secr1t |