view mod_http_pep_avatar/README.markdown @ 5447:aa4828f040c5

mod_http_oauth2: Enforce client scope restrictions in authorization When registering a client, a scope field can be included as a promise to only ever use those. Here we enforce that promise, if given, ensuring a client can't request or be granted a scope it didn't provide in its registration. While currently there is no restrictions at registration time, this could be changed in the future in various ways.
author Kim Alvefur <zash@zash.se>
date Thu, 11 May 2023 19:33:44 +0200
parents 451514e2d369
children
line wrap: on
line source

---
summary: Serve PEP avatars from HTTP
---

# Introduction

This module serves avatars from local users who have published
[XEP-0084: User Avatar] via [PEP][doc:modules:mod_pep].

# Configuring

Simply load the module. Avatars are then available at
`http://<host>:5280/pep_avatar/<username>`

    modules_enabled = {
        ...
        "http_pep_avatar";
    }

# Access

Users must [configure] their Avatar PEP nodes to be public, otherwise
access is denied.

# Compatibility

  ------- ---------------
  trunk   Works
  0.11    Works
  0.10    Does not work
  ------- ---------------

[configure]: https://xmpp.org/extensions/xep-0060.html#owner-configure