prosody-modules
f2363e6d9a64
mod_s2s_smacks_timeout/README.md
Software / code / prosody-modules
File
mod_s2s_smacks_timeout/README.md @ 5390:f2363e6d9a64
mod_http_oauth2: Advertise the currently supported id_token signing algorithm
This field is REQUIRED. The algorithm RS256 MUST be included, but isn't
because we don't implement it, as that would require implementing a pile
of additional cryptography and JWT stuff. Instead the id_token is
signed using the client secret, which allows verification by the client,
since it's a shared secret per OpenID Connect Core 1.0 § 10.1 under
Symmetric Signatures.
OpenID Connect Discovery 1.0 has a lot of REQUIRED and MUST clauses that
are not supported here, but that's okay because this is served from the
RFC 8414 OAuth 2.0 Authorization Server Metadata .well-known endpoint!
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sun, 30 Apr 2023 16:13:40 +0200 |
| parent | 4981:f0fe95f9e21c |
| child | 5788:78368d2865dd |
line wrap: on
line source
# Introduction This module closes s2s connections when [mod_smacks][doc:modules:mod_smacks] reports that a connection has not received a timely acknowledgement as requested, indicating that the connection is broken or the remote server is not responding. With the connection closed, the next stanza to be directed to that server will trigger Prosody to establish a new connection, instead of queueing it on the potentially broken connection. This should prevent messages from being stuck in a queue for a potentially long time before being bounced back to the sender as delivery failure reports. Normally the amount of time it takes for a broken connection to time out is determined by TCP. If this is deemed sensible behavior then it will likely be merged into Prosody itself somewhere.
