Mercurial > prosody-modules
view mod_http_oauth2/README.markdown @ 5246:fd0d25b42cd9
mod_http_oauth2: Validate all URIs against client_uri in client registration
Validating against all redirect URIs didn't work for OOB-only clients,
which happens to be what I was testing with.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sun, 12 Mar 2023 12:06:44 +0100 |
parents | 3235b8bd1e55 |
children | 80ecba092027 |
line wrap: on
line source
--- labels: - Stage-Alpha summary: 'OAuth2 API' rockspec: build: copy_directories: - html ... Introduction ============ This module is a work-in-progress intended for developers only! Configuration ============= Dynamic client registration enabled by configuring a JWT key. Algorithm defaults to *HS256*. ```lua oauth2_registration_key = "securely generated JWT key here" oauth2_registration_algorithm = "HS256" oauth2_registration_options = { default_ttl = 60 * 60 * 24 * 90 } ``` Various flows can be disabled and enabled with `allowed_oauth2_grant_types` and `allowed_oauth2_response_types`: ```lua allowed_oauth2_grant_types = { "authorization_code"; -- authorization code grant "password"; -- resource owner password grant } allowed_oauth2_response_types = { "code"; -- authorization code flow -- "token"; -- implicit flow disabled by default } ``` Compatibility ============= Requires Prosody 0.12+ or trunk.