File

README @ 5623:59d5fc50f602

mod_http_oauth2: Implement refresh token rotation Makes refresh tokens one-time-use, handing out a new refresh token with each access token. Thus if a refresh token is stolen and used by an attacker, the next time the legitimate client tries to use the previous refresh token, it will not work and the attack will be noticed. If the attacker does not use the refresh token, it becomes invalid after the legitimate client uses it. This behavior is recommended by draft-ietf-oauth-security-topics
author Kim Alvefur <zash@zash.se>
date Sun, 23 Jul 2023 02:56:08 +0200
parent 2936:4fed2379f5be
line wrap: on
line source

prosody-modules
===============

*Add-on modules for Prosody IM Server*

--------------------------------------------------------------------------

Community repository for non-core, unofficial and/or experimental plugins 
for [Prosody][].

If you are a developer and would like to host your Prosody module in this 
repository, or want to contribute to existing modules, simply introduce 
yourself and request commit access on our [mailing list][].

Notes for users
----------------

There are lots of fun and exciting modules to be found here, we know 
you'll like it.  However please note that each module is in a different 
state of development.  Some are proof-of-concept, others are quite stable 
and ready for production use.  Be sure to read the wiki page of any 
module before installing it on your server.

We are working on methods to easily download and install modules from 
this repository.  In the meantime most modules are either a single file 
and easy to install, or contain installation instructions on their wiki 
page.  You can browse the files stored in this repository at 
<https://hg.prosody.im/prosody-modules>.

[Prosody]: https://prosody.im/
[mailing list]: https://prosody.im/discuss