mod_http_oauth2: Support HTTP Basic auth on token endpoint This is described in RFC 6749 section 2.3.1 and draft-ietf-oauth-v2-1-07 2.3.1 as the recommended way to transmit the client's credentials. The older spec even calls it the "client password", but the new spec clarifies that this is just another term for the client secret.

---
labels:
- 'Stage-Alpha'
summary: Implements BOSH pre-bind
...

For why this can be useful, see
https://metajack.im/2009/12/14/fastest-xmpp-sessions-with-http-prebinding/

# To enable this module

Add `"http_prebind"` to `modules_enabled` on an anonymous virtual host.

This only works on anonymous ones for now.