mod_http_oauth2: Fix authorization code logic I have no idea what it did before or if it even worked. RFC 6749 section 4.1.2 says: > A maximum authorization code lifetime of 10 minutes is RECOMMENDED. So this should prevent use of codes older than 10 minutes and remove them from the cache some time after they expire.

---
summary: Remote Roster Management
...

Introduction
============

This module adds support for [XEP-0321: Remote Roster Management] which
is commonly used to allow components such as transports to modify the
rosters of local users.