Mercurial > prosody-modules

view mod_sasl2/README.md @ 5617:d8622797e315

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2: Shorten default token validity periods With refresh tokens, short lifetime for access tokens is not a problem. The arbitrary choice of one hour seems reasonable. RFC 6749 has it as example value. One week for refresh tokens matching the default archive retention period. This means that a client that remains unused for one week will have to sign in again. An actively used client will continually push that forward with each used refresh token.
author Kim Alvefur <zash@zash.se>
date Mon, 24 Jul 2023 01:30:14 +0200
parents 5b77f4720bfe
children
line wrap: on
line source

---
labels:
- Stage-Beta
summary: "XEP-0388: Extensible SASL Profile"
---

Implementation of [XEP-0388: Extensible SASL Profile]. **Note: At the time of
writing (Nov 2022) the version of the XEP implemented by this module is still
working its way through the XSF standards process. See [PR #1214](https://github.com/xsf/xeps/pull/1214)
for the current status.**

## Configuration

This module honours the same configuration options as Prosody's existing
[mod_saslauth](https://prosody.im/doc/modules/mod_saslauth).

## Developers

mod_sasl2 provides some events you can hook to affect aspects of the
authentication process:

- `advertise-sasl-features`
- `sasl2/c2s/success`
  - Priority 1000: Session marked as authenticated, success response created (`event.success`)
  - Priority -1000: Success response sent to client
  - Priority -1500: Updated <stream-features/> sent to client
- `sasl2/c2s/failure`
- `sasl2/c2s/error`