Mercurial > prosody-modules

view mod_http_oauth2/README.markdown @ 5307:2bb27dfd10d5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_client_management: Use grant id from key This is a minor tweak - it's faster and preserves compatibility with older data formats (that we don't necessarily want to be compatible with, but some of us have messy data stores and it pays to be a little more robust).
author Matthew Wild <mwild1@gmail.com>
date Thu, 06 Apr 2023 15:20:25 +0100
parents 3235b8bd1e55
children 80ecba092027
line wrap: on
line source

---
labels:
- Stage-Alpha
summary: 'OAuth2 API'
rockspec:
  build:
    copy_directories:
    - html
...

Introduction
============

This module is a work-in-progress intended for developers only!

Configuration
=============

Dynamic client registration enabled by configuring a JWT key. Algorithm
defaults to *HS256*.

```lua
oauth2_registration_key = "securely generated JWT key here"
oauth2_registration_algorithm = "HS256"
oauth2_registration_options = { default_ttl = 60 * 60 * 24 * 90 }
```

Various flows can be disabled and enabled with
`allowed_oauth2_grant_types` and `allowed_oauth2_response_types`:

```lua
allowed_oauth2_grant_types = {
	"authorization_code"; -- authorization code grant
	"password"; -- resource owner password grant
}

allowed_oauth2_response_types = {
	"code"; -- authorization code flow
    -- "token"; -- implicit flow disabled by default
}
```


Compatibility
=============

Requires Prosody 0.12+ or trunk.