Mercurial > prosody-modules
view mod_pubsub_post/README.markdown @ 3501:1df139b157fb
mod_pubsub_post: Add support for WebSub authentication
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Fri, 24 Aug 2018 14:52:09 +0200 |
parents | 0992c0398783 |
children | 42e9e3c5eb02 |
line wrap: on
line source
# Introduction Lets you easily publish data to PubSub using a HTTP POST request. The payload can be Atom feeds, arbitrary XML, or arbitrary JSON. The type should be indicated via the `Content-Type` header. ``` {.bash} curl http://localhost:5280/pubsub_post/princely_musings \ -H "Content-Type: application/json" \ --data-binary '{"musing":"To be, or not to be: that is the question"}' ``` - JSON data is wrapped in a [XEP-0335] container. - An Atom feed may have many `<entry>` and each one is published as its own PubSub item. - Other XML is simply published to a randomly named item as-is. # Configuration ## Authentication Authentication can be handled in two different ways. ### None ``` {.lua} pubsub_post_actor = "superuser" ``` The module uses an internal actor that has all privileges and can always do everything. It is strongly suggested that you do not expose this to the Internet. *Maybe* it shouldn't be the default... ### IP ``` {.lua} pubsub_post_actor = "request.ip" ``` Uses the IP address from the HTTP request as actor, which means this pseudo-JID must be given a 'publisher' affiliation. This should work nicely with the `autocreate_on_publish` setting, where the first actor to attempt to publish to a non-existant node becomes owner of it, which includes publishing rights. ## WebSub ``` {.lua} -- Per node secrets pubsub_post_secrets = { my_node = "shared secret" } -- Same secret for all nodes pubsub_post_secret = "shared secret" ``` This enables the [WebSub](https://www.w3.org/TR/2018/REC-websub-20180123/) [Authenticated Content Distribution](https://www.w3.org/TR/2018/REC-websub-20180123/#authenticated-content-distribution) authentication method, where payloads are signed using a shared secret. ## Setting up affiliations Prosodys PubSub module supports [setting affiliations via XMPP](https://xmpp.org/extensions/xep-0060.html#owner-affiliations), in trunk since [revision 384ef9732b81](https://hg.prosody.im/trunk/rev/384ef9732b81). It can however be done from another plugin: ``` {.lua} local mod_pubsub = module:depends("pubsub"); local pubsub = mod_pubsub.service; pubsub:create("princely_musings", true); pubsub:set_affiliation("princely_musings", true, "127.0.0.1", "publisher"); ```