Software /
code /
prosody-modules
File
mod_auth_any/mod_auth_any.lua @ 5624:d8622797e315
mod_http_oauth2: Shorten default token validity periods
With refresh tokens, short lifetime for access tokens is not a problem.
The arbitrary choice of one hour seems reasonable. RFC 6749 has it as
example value.
One week for refresh tokens matching the default archive retention
period. This means that a client that remains unused for one week will
have to sign in again. An actively used client will continually push
that forward with each used refresh token.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Mon, 24 Jul 2023 01:30:14 +0200 |
parent | 2439:1f7820f68868 |
line wrap: on
line source
-- Prosody IM -- Copyright (C) 2008-2010 Matthew Wild -- Copyright (C) 2008-2010 Waqas Hussain -- -- This project is MIT/X11 licensed. Please see the -- COPYING file in the source package for more information. -- -- luacheck: ignore 212 local datamanager = require "util.datamanager"; local new_sasl = require "util.sasl".new; local host = module.host; local provider = { name = "any" }; function provider.test_password(username, password) return true; end function provider.set_password(username, password) local account = datamanager.load(username, host, "accounts"); if account then account.password = password; return datamanager.store(username, host, "accounts", account); end return nil, "Account not available."; end function provider.user_exists(username) return true; end function provider.create_user(username, password) return datamanager.store(username, host, "accounts", {password = password}); end function provider.delete_user(username) return datamanager.store(username, host, "accounts", nil); end function provider.get_sasl_handler() local getpass_authentication_profile = { plain_test = function(sasl, username, password, realm) return true, true; end }; return new_sasl(module.host, getpass_authentication_profile); end module:add_item("auth-provider", provider);