Mercurial > prosody-modules
view mod_http_auth_check/README.markdown @ 5643:73c3d5bfce3e
mod_http_oauth2: Allow 'login_hint' as a substitute for OIDC 'select_account' prompt
If the OIDC 'prompt' parameter does not contain the 'select_account'
then it wants us to skip account selection, which means we have to
figure which account to authenticate somehow. One way could be have
this stored in a cookie from a previous successful login. Another way
would be to have the account passed as a hint, which is what we add
here.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sat, 09 Sep 2023 21:42:24 +0200 |
| parents | c4db126a9f04 |
| children |
line wrap: on
line source
--- labels: summary: 'Test account credentials using HTTP' ... Introduction ------------ This module lets you test whether a set of credentials are valid, using Prosody's configured authentication mechanism. This is useful as an easy way to allow other (e.g. non-XMPP) applications to authenticate users using their XMPP credentials. Syntax ------ To test credentials, issue a simple GET request with HTTP basic auth: GET /auth_check HTTP/1.1 Authorization: Basic <base64(jid:password)> Prosody will return a 2xx code on success (user exists and credentials are correct), or 401 if the credentials are invalid. Any other code may be returned if there is a problem handling the request. ### Example usage Here follows some example usage using `curl`. curl http://prosody.local:5280/auth_check -u user@example.com:secr1t