Mercurial > prosody-modules
view mod_s2s_auth_compat/README.markdown @ 5222:578a72982bb2
mod_http_oauth2: Separate extracting credentials from requests and verifying
The token endpoint also uses Basic auth, but the password would be the
client_secret, so we need to verify against that instead of using
test_password(). Splitting this up here avoids code duplication.
Possibly this new function could go into util.http...
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Tue, 07 Mar 2023 15:18:41 +0000 |
parents | 4d73a1a6ba68 |
children |
line wrap: on
line source
--- labels: summary: Workaround for servers doing EXTERNAL without proper stream headers ... Introduction ============ This module is a workaround for servers that try to do s2s authentication with certificates and SASL EXTERNAL, but do not send correct stream headers. Notably Openfire versions since 3.7 or 3.8.