Software / code / prosody-modules
Changeset
6342:3eb0255b41b3
mod_http_oauth2: Update README to mention XEP-0493
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Tue, 15 Jul 2025 23:06:10 +0200 |
| parents | 6341:3f0970babd67 |
| children | 6343:6f4469d97349 |
| files | mod_http_oauth2/README.md |
| diffstat | 1 files changed, 3 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/mod_http_oauth2/README.md Tue Jul 15 21:56:56 2025 +0200 +++ b/mod_http_oauth2/README.md Tue Jul 15 23:06:10 2025 +0200 @@ -275,9 +275,9 @@ OAuth supports "scopes" as a way to grant clients limited access. -There are currently no standard scopes defined for XMPP. This is -something that we intend to change, e.g. by definitions provided in a -future XEP. This means that clients you authorize currently have to +[XEP-0493: OAuth Client Login] describes using OAuth 2.0 / OpenID Connect with XMPP. +This module does not yet support [the scopes defined](https://xmpp.org/extensions/xep-0493.html#oauth-scopes). +This means that clients you authorize currently have to choose between unrestricted access to your account (including the ability to change your password and lock you out!) and zero access. So, for now, while using OAuth clients can prevent leaking your password to
