Mercurial > prosody-modules
view mod_http_oauth2/README.markdown @ 5199:f48628dc83f1
mod_http_oauth2: Separate client_secret verification key from JWT key
Allows configuring a real JWT key directly in the config, but
the client_secret will be different per host.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Fri, 03 Mar 2023 22:48:59 +0100 |
parents | 164a9875935b |
children | 3235b8bd1e55 |
line wrap: on
line source
--- labels: - Stage-Alpha summary: 'OAuth2 API' ... Introduction ============ This module is a work-in-progress intended for developers only! Configuration ============= Dynamic client registration enabled by configuring a JWT key. Algorithm defaults to *HS256*. ```lua oauth2_registration_key = "securely generated JWT key here" oauth2_registration_algorithm = "HS256" oauth2_registration_options = { default_ttl = 60 * 60 * 24 * 90 } ``` Various flows can be disabled and enabled with `allowed_oauth2_grant_types` and `allowed_oauth2_response_types`: ```lua allowed_oauth2_grant_types = { "authorization_code"; -- authorization code grant "password"; -- resource owner password grant } allowed_oauth2_response_types = { "code"; -- authorization code flow -- "token"; -- implicit flow disabled by default } ``` Compatibility ============= Requires Prosody 0.12+ or trunk.