Mercurial > prosody-modules

view mod_audit_tokens/mod_audit_tokens.lua @ 5956:97375a78d2b5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2: Reject URLs with 'userinfo' part (thanks mimi89999) The LuaSocket parser supports these but they're deprecated without replacement by RFC 3986 > Use of the format "user:password" in the userinfo field is deprecated Allowing it in OAuth2 URLs is probably bad from a security perspective.
author Kim Alvefur <zash@zash.se>
date Thu, 29 Aug 2024 16:02:46 +0200
parents c89077b4f46e
children
line wrap: on
line source

local jid = require"util.jid";

module:depends("audit");
-- luacheck: read globals module.audit

module:hook("token-grant-created", function(event)
	module:audit(jid.join(event.username, event.host), "token-grant-created", {
	});
end)

module:hook("token-grant-revoked", function(event)
	module:audit(jid.join(event.username, event.host), "token-grant-revoked", {
	});
end)

module:hook("token-revoked", function(event)
	module:audit(jid.join(event.username, event.host), "token-revoked", {
	});
end)