view mod_auth_imap/README.markdown @ 5264:d3ebaef1ea7a

mod_http_oauth2: Correctly verify OAuth client credentials on revocation Makes no sense to validate against username and password here, or using a token to revoke another token, or itself? In fact, upon further discussion, why do you need credentials to revoke a token? If you are not supposed to have the token, revoking it seems the most responsible thing to do with it, so it should be allowed, while if you are supposed to have it, you should be allowed to revoke it.
author Kim Alvefur <zash@zash.se>
date Tue, 21 Mar 2023 21:57:18 +0100
parents b97a2ffef87f
children
line wrap: on
line source

---
labels:
- 'Stage-Alpha'
- 'Type-Auth'
summary: IMAP authentication module
rockspec:
  build:
    modules:
      mod_auth_imap: auth_imap/mod_auth_imap.lua
      mod_auth_imap.sasl_imap: auth_imap/sasl_imap.lib.lua
...

Introduction
============

This is a Prosody authentication plugin which uses a generic IMAP server
as the backend.

Configuration
=============

  option                            type      default
  --------------------------------- --------- --------------------------------
  imap\_auth\_host                  string    localhost
  imap\_auth\_port                  number    nil
  imap\_auth\_realm                 string    Same as the sasl\_realm option
  imap\_auth\_service\_name         string    nil
  auth\_append\_host                boolean   false
  auth\_imap\_verify\_certificate   boolean   true
  auth\_imap\_ssl                   table     A SSL/TLS config