Mercurial > prosody-modules
comparison mod_muc_http_auth/README.md @ 4695:4b3f054666e6
mod_muc_http_auth: External auth services might need to check on the nickname as well
| author | Seve Ferrer <seve@delape.net> |
|---|---|
| date | Tue, 21 Sep 2021 14:00:01 +0200 |
| parents | 9606e7a63a69 |
| children | 0a0334a3a784 |
comparison
equal
deleted
inserted
replaced
| 4694:6c57b9e31586 | 4695:4b3f054666e6 |
|---|---|
| 1 # Introduction | 1 # Introduction |
| 2 | 2 |
| 3 This module externalizes MUC authorization via HTTP. | 3 This module externalizes MUC authorization via HTTP. |
| 4 Whenever a user wants to join a MUC, an HTTP GET request is made to `authorization_url` | 4 Whenever a user wants to join a MUC, an HTTP GET request is made to `authorization_url` |
| 5 with the user bare jid (`userJID`) and the MUC jid (`mucJID`) as GET parameters. | 5 with the user's bare jid (`userJID`), the MUC jid (`mucJID`) and the user's nickname (`nickname`) as GET parameters. |
| 6 Example: | 6 Example: |
| 7 `https://www.prosody.im/users/can-join/?userJID=romeo@example.com&mucJID=teaparty@chat.example.com` | 7 `https://www.prosody.im/users/can-join/?userJID=romeo@example.com&mucJID=teaparty@chat.example.com&nickname=Romeo` |
| 8 | 8 |
| 9 This allows an external service to decide whether a user is authorized to join a MUC or not. | 9 This allows an external service to decide whether a user is authorized to join a MUC or not. |
| 10 | 10 |
| 11 When a user is authorized to join a MUC, this module expects the following JSON payload: | 11 When a user is authorized to join a MUC, this module expects the following JSON payload: |
| 12 ``` | 12 ``` |
| 39 | 39 |
| 40 ## Settings | 40 ## Settings |
| 41 | 41 |
| 42 |Name |Description |Default | | 42 |Name |Description |Default | |
| 43 |-----|------------|--------| | 43 |-----|------------|--------| |
| 44 |muc_http_auth_url| URL of the external HTTP service to which send `userJID` and `mucJID` in a GET request | "" | | 44 |muc_http_auth_url| URL of the external HTTP service to which send `userJID`, `mucJID` and `nickname` in a GET request | "" | |
| 45 |muc_http_auth_enabled_for| List of MUC names (node part) to enable this module for | nil | | 45 |muc_http_auth_enabled_for| List of MUC names (node part) to enable this module for | nil | |
| 46 |muc_http_auth_disabled_for| List of MUC names (node part) to disable this module for | nil | | 46 |muc_http_auth_disabled_for| List of MUC names (node part) to disable this module for | nil | |
| 47 |muc_http_auth_insecure| Disable certificate verification for request. Only intended for development of the external service. | false | | 47 |muc_http_auth_insecure| Disable certificate verification for request. Only intended for development of the external service. | false | |
| 48 |muc_http_auth_authorization_header| Value of the Authorization header if requested by the external HTTP service. Example: `Basic dXNlcm5hbWU6cGFzc3dvcmQ=`| nil | | 48 |muc_http_auth_authorization_header| Value of the Authorization header if requested by the external HTTP service. Example: `Basic dXNlcm5hbWU6cGFzc3dvcmQ=`| nil | |
| 49 | 49 |