Mercurial > prosody-modules
view mod_disable_tls/README.markdown @ 5390:f2363e6d9a64
mod_http_oauth2: Advertise the currently supported id_token signing algorithm
This field is REQUIRED. The algorithm RS256 MUST be included, but isn't
because we don't implement it, as that would require implementing a pile
of additional cryptography and JWT stuff. Instead the id_token is
signed using the client secret, which allows verification by the client,
since it's a shared secret per OpenID Connect Core 1.0 ยง 10.1 under
Symmetric Signatures.
OpenID Connect Discovery 1.0 has a lot of REQUIRED and MUST clauses that
are not supported here, but that's okay because this is served from the
RFC 8414 OAuth 2.0 Authorization Server Metadata .well-known endpoint!
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sun, 30 Apr 2023 16:13:40 +0200 |
parents | 4d73a1a6ba68 |
children |
line wrap: on
line source
--- labels: - 'Stage-Beta' summary: Disable TLS on certain client ports ... Introduction ============ This module can be used to prevent Prosody from offering TLS on client ports that you specify. This can be useful to work around buggy clients when transport security is not required. Configuration ============= Load the module, and set `disable_tls_ports` to a list of ports: disable_tls_ports = { 5322 } Don't forget to add any extra ports to c2s\_ports, so that Prosody is actually listening for connections! Compatibility ============= ----- ------- 0.9 Works ----- -------