Mercurial > prosody-modules
comparison mod_auth_oauth_external/README.md @ 5346:d9bc8712a745
mod_auth_oauth_external: Allow setting identity instead of discovery URL
Shorter and the .well-known part is, well, well-known.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 16 Mar 2023 13:04:13 +0100 |
| parents | 3390bb2f9f6c |
| children | a0074038696f |
comparison
equal
deleted
inserted
replaced
| 5345:3390bb2f9f6c | 5346:d9bc8712a745 |
|---|---|
| 18 Alternatively for legacy clients, Prosody receives the users username | 18 Alternatively for legacy clients, Prosody receives the users username |
| 19 and password and retrieves a token itself, then proceeds as above. | 19 and password and retrieves a token itself, then proceeds as above. |
| 20 | 20 |
| 21 # Configuration | 21 # Configuration |
| 22 | 22 |
| 23 `oauth_external_issuer` | |
| 24 : Optional URL string representing the Authorization server identity. | |
| 25 | |
| 23 `oauth_external_discovery_url` | 26 `oauth_external_discovery_url` |
| 24 : Optional URL string pointing to [OAuth 2.0 Authorization Server | 27 : Optional URL string pointing to [OAuth 2.0 Authorization Server |
| 25 Metadata](https://oauth.net/2/authorization-server-metadata/). Lets | 28 Metadata](https://oauth.net/2/authorization-server-metadata/). Lets |
| 26 clients discover where they should retrieve access tokens from if | 29 clients discover where they should retrieve access tokens from if |
| 27 they don't have one yet. | 30 they don't have one yet. Default based on `oauth_external_issuer` is |
| 31 set, otherwise empty. | |
| 28 | 32 |
| 29 `oauth_external_validation_endpoint` | 33 `oauth_external_validation_endpoint` |
| 30 : URL string. The token validation endpoint, should validate the token | 34 : URL string. The token validation endpoint, should validate the token |
| 31 and return a JSON structure containing the username of the user | 35 and return a JSON structure containing the username of the user |
| 32 logging in the field specified by `oauth_external_username_field`. | 36 logging in the field specified by `oauth_external_username_field`. |