Mercurial > prosody-modules
view mod_deny_omemo/mod_deny_omemo.lua @ 5617:d8622797e315
mod_http_oauth2: Shorten default token validity periods
With refresh tokens, short lifetime for access tokens is not a problem.
The arbitrary choice of one hour seems reasonable. RFC 6749 has it as
example value.
One week for refresh tokens matching the default archive retention
period. This means that a client that remains unused for one week will
have to sign in again. An actively used client will continually push
that forward with each used refresh token.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Mon, 24 Jul 2023 01:30:14 +0200 |
parents | 2ad35f08bd57 |
children |
line wrap: on
line source
local st = require "util.stanza"; local omemo_namespace_prefix = "eu.siacs.conversations.axolotl." module:hook("iq/bare/http://jabber.org/protocol/pubsub:pubsub", function (event) local origin, stanza = event.origin, event.stanza; local node = stanza.tags[1].tags[1].attr.node; if node and node:sub(1, #omemo_namespace_prefix) == omemo_namespace_prefix then origin.send(st.error_reply(stanza, "cancel", "item-not-found", "OMEMO is disabled")); return true; end end, 10);