Mercurial > prosody-modules

view mod_http_oauth2/html/device.html @ 5617:d8622797e315

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2: Shorten default token validity periods With refresh tokens, short lifetime for access tokens is not a problem. The arbitrary choice of one hour seems reasonable. RFC 6749 has it as example value. One week for refresh tokens matching the default archive retention period. This means that a client that remains unused for one week will have to sign in again. An actively used client will continually push that forward with each used refresh token.
author Kim Alvefur <zash@zash.se>
date Mon, 24 Jul 2023 01:30:14 +0200
parents 1893ae742f66
children 8de02381e80a
line wrap: on
line source

<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>{site_name} - Authorize{client&d} Device</title>
<link rel="stylesheet" href="style.css">
</head>
<body>
	<main>
	<h1>{site_name}</h1>
	<fieldset>
	<legend>Device Authorization</legend>
	{error&<div class="error">
		<p>{error.text}</p>
	</div>}
{client&
	<p>Authorization completed. You can go back to
	<em>{client.client_name}</em>.</p>}
{client~
	<p>Enter the code to continue.</p>
	<form method="get">
		<input type="text" name="user_code" placeholder="XXXX-XXXX" aria-label="user-code" required >
		<input type="submit" value="Continue">
	</form>}
	</fieldset>
	</main>
</body>
</html>