Mercurial > prosody-modules

view mod_post_msg/README.markdown @ 5682:527c747711f3

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2: Limit revocation to clients own tokens in strict mode RFC 7009 section 2.1 states: > The authorization server first validates the client credentials (in > case of a confidential client) and then verifies whether the token was > issued to the client making the revocation request. If this > validation fails, the request is refused and the client is informed of > the error by the authorization server as described below. The first part was already covered (in strict mode). This adds the later part using the hash of client_id recorded in 0860497152af It still seems weird to me that revoking a leaked token should not be allowed whoever might have discovered it, as that seems the responsible thing to do.
author Kim Alvefur <zash@zash.se>
date Sun, 29 Oct 2023 11:30:49 +0100
parents 5e8b54deeb30
children
line wrap: on
line source

---
summary: 'Receives HTTP POST request, parses it and relays it into XMPP.'
---

Introduction
============

Sometimes it's useful to have different interfaces to access XMPP.

This module allows sending XMPP
[`<message>`](https://xmpp.org/rfcs/rfc6121.html#message) stanzas via a
simple HTTP API.

Example usage
-------------

    curl http://example.com:5280/msg/user -u me@example.com:mypassword -H "Content-Type: text/plain" -d "Server@host has just crashed!"

This would send a message to user\@example.com from me\@example.com

Details
=======

URL format
----------

    /msg/ [recipient [@host] ].

The base URL defaults to `/msg`. This can be configured via Prosodys
[HTTP path settings][doc:http].

Authentication
--------------

Authentication is done by HTTP Basic.

    Authentication: Basic BASE64( "username@virtualhost:password" )

Payload formats
---------------

Supported formats are:

`text/plain`
:   The HTTP body is used as plain text message payload, in the `<body>`
    element.

`application/x-www-form-urlencoded`
:   Allows more fields to be specified.

`application/json`
:   Similar to form data.

Which one is selected via the `Content-Type` HTTP header.

### Data fields

The form data and JSON formats allow the following fields:

`to`
:   Can be used instead of having the receiver in the URL.

`type`
:   [Message type.](https://xmpp.org/rfcs/rfc6121.html#message-syntax-type)

`body`
:   Plain text message payload which goes in the `<body>` element.

Acknowledgements
================

Some code originally borrowed from mod\_webpresence

See also
========

[mod_rest] is a more advanced way to send messages and more via HTTP,
with a very similar API.