Software /
code /
prosody
File
doc/roster_format.txt @ 12997:0a56b84ec4ad
mod_tokenauth: Support for creating sub-tokens
Properties of sub-tokens:
- They share the same id as their parent token
- Sub-tokens may not have their own sub-tokens (but may have sibling tokens)
- They always have the same or shorter lifetime compared to their parent token
- Revoking a parent token revokes all sub-tokens
- Sub-tokens always have the same JID as the parent token
- They do not have their own 'accessed' property - accessing a sub-token
updates the parent token's accessed time
Although this is a generic API, it is designed to at least fill the needs of
OAuth2 refresh + access tokens (where the parent token is the refresh token
and the sub-tokens are access tokens).
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Sun, 26 Mar 2023 16:46:48 +0100 |
parent | 132:9a4aa57af367 |
line wrap: on
line source
This file documents the structure of the roster object. table roster { [string bare_jid] = roster_item } table roster_item { string subscription = "none" | "to" | "from" | "both" string name = Opaque string set by client. (optional) set groups = a set of opaque strings set by the client boolean ask = nil | "subscribe" - a value of true indicates subscription is pending } The roster is available as hosts[host].sessions[username].roster and a copy is made to session.roster for all sessions. All modifications to a roster should be done through the rostermanager.