Mercurial > prosody-modules
view mod_lib_ldap/README.markdown @ 5264:d3ebaef1ea7a
mod_http_oauth2: Correctly verify OAuth client credentials on revocation
Makes no sense to validate against username and password here, or using
a token to revoke another token, or itself?
In fact, upon further discussion, why do you need credentials to revoke
a token? If you are not supposed to have the token, revoking it seems
the most responsible thing to do with it, so it should be allowed, while
if you are supposed to have it, you should be allowed to revoke it.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Tue, 21 Mar 2023 21:57:18 +0100 |
| parents | 79b9bd84b91c |
| children |
line wrap: on
line source
--- labels: summary: Library module for LDAP ... Introduction ============ This module is used by other modules to access an LDAP server. It's pretty useless on its own; you should use it if you want to write your own LDAP-related module, or if you want to use one of mine ([mod\_auth\_ldap2](mod_auth_ldap2.html), [mod\_storage\_ldap](mod_storage_ldap.html)). Installation ============ Simply copy ldap.lib.lua into your Prosody installation's plugins directory. Configuration ============= Configuration for this module (and all modules that use it) goes into the *ldap* section of your prosody.cfg.lua file. Each plugin that uses it may add their own sections; this plugin relies on the following keys: - hostname - Where your LDAP server is located - bind\_dn - The DN to perform queries as - bind\_password - The password to use for queries - use\_tls - Whether or not TLS should be used to connect to the LDAP server - user.usernamefield - The LDAP field that contains a user's username - user.basedn - The base DN for user records API === ldap.getconnection() -------------------- Returns an LDAP connection object corresponding to the configuration in prosody.cfg.lua. The connection object is a [LuaLDAP](http://www.keplerproject.org/lualdap/) connection. ldap.getparams() ---------------- Returns the LDAP configuration provided in prosody.cfg.lua. Use this if you want to stick some configuration information for your module into the LDAP section in the configuration file. ldap.bind(username, password) ----------------------------- Verifies that *username* and *password* bind ok. **NOTE**: This does not bind the current LDAP connection to the given username! ldap.singlematch(query) ----------------------- Used to fetch a single LDAP record given an LDAP query. A convenience function. ldap.filter.combine\_and(...) ----------------------------- Takes a list of LDAP filter expressions and returns a filter expression that results in the intersection of each given expression (it ANDs them together). More Information ================ For more information, please consult the README.html file under prosody-modules/mod\_lib\_ldap.