prosody-modules
4d6af8950016
mod_auth_oauthbearer/README.markdown

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

File

mod_auth_oauthbearer/README.markdown @ 5170:4d6af8950016

mod_muc_moderation: Derive role from reserved nickname if occupant When using a different client to moderate than the one used to participate in the chat, e.g. a command line tool like clix, there's no occupant and no role to use in the permission check. Previously the default role based on affiliation was used. Now if you are present in the room using your reserved nick, the role you have there is used in the permission check instead of the default affiliation-derived role.
author Kim Alvefur <zash@zash.se>
date Sun, 19 Feb 2023 18:17:37 +0100
parent 3116:1a1affd22f74
line wrap: on
line source

---
labels:
- 'Type-Auth'
summary: OAuth authentication
...

Introduction
============

This is an authentication module for the SASL OAUTHBEARER mechanism, as provided by `mod_sasl_oauthbearer`.

You can use this to log in via OAuth, for example if you want your user's to log in with Github, Twitter, Reddit etc.

The XMPP client needs get an OAuth token from the provider (e.g. Github) and send that to Prosody.
This module will then verify that token by calling the `oauth_url` you've configured.

Configuration
=============

Per VirtualHost, you'll need to supply your OAuth client Id, secret and the URL which
Prosody must call in order to verify the OAuth token it receives from the XMPP client.

For example, for Github:

	oauth_client_id = "13f8e9cc8928b3409822"
	oauth_client_secret = "983161fd3ah608ea7ef35382668aad1927463978"
	oauth_url = "https://api.github.com/applications/{{oauth_client_id}}/tokens/{{password}}";

	authentication = "oauthbearer"