Mercurial > prosody-modules
view mod_unsubscriber/mod_unsubscriber.lua @ 5617:d8622797e315
mod_http_oauth2: Shorten default token validity periods
With refresh tokens, short lifetime for access tokens is not a problem.
The arbitrary choice of one hour seems reasonable. RFC 6749 has it as
example value.
One week for refresh tokens matching the default archive retention
period. This means that a client that remains unused for one week will
have to sign in again. An actively used client will continually push
that forward with each used refresh token.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Mon, 24 Jul 2023 01:30:14 +0200 |
parents | e00dc913d965 |
children |
line wrap: on
line source
assert(module:get_host_type() == "component", "This module should be loaded as a Component"); local st = require "util.stanza"; module:hook("presence/bare", function(event) local origin, stanza = event.origin, event.stanza; if stanza.attr.type == "probe" then -- they are subscribed and want our current presence -- tell them we denied their subscription local reply = st.reply(stanza) reply.attr.type = "unsubcribed"; origin.send(reply); return true; elseif stanza.attr.type == nil then -- they think we are subscribed and sent their current presence -- tell them we unsubscribe local reply = st.reply(stanza) reply.attr.type = "unsubcribe"; origin.send(reply); return true; end -- fall trough to default error end);