Software / code / prosody-modules
Changeset
6048:cce76628c83a
mod_auth_oauth_external: Reword 'How it works'
Hopefully more readable.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 07 Nov 2024 23:33:49 +0100 |
| parents | 6047:8c3bacf3549e |
| children | 6049:491c56449a76 |
| files | mod_auth_oauth_external/README.md |
| diffstat | 1 files changed, 7 insertions(+), 5 deletions(-) [+] |
line wrap: on
line diff
--- a/mod_auth_oauth_external/README.md Thu Nov 07 22:50:10 2024 +0100 +++ b/mod_auth_oauth_external/README.md Thu Nov 07 23:33:49 2024 +0100 @@ -11,12 +11,14 @@ # How it works -Clients retrieve tokens somehow, then show them to Prosody, which asks -the Authorization server to validate them, returning info about the user -back to Prosody. +Using OAuth 2.0 in XMPP is explained in [XEP-0493: OAuth Client Login]. +Clients pass tokens from the Authorization Server to Prosody, which +attempts to validate the tokens using the configured validation +endpoint. -Alternatively for legacy clients, Prosody receives the users username -and password and retrieves a token itself, then proceeds as above. +Legacy clients have to use SASL PLAIN, where Prosody receives the users +username and password and attempts to validate this using the OAuth 2 +resource owner password grant. # Configuration
