File

mod_tokenauth: Support for creating sub-tokens Properties of sub-tokens: - They share the same id as their parent token - Sub-tokens may not have their own sub-tokens (but may have sibling tokens) - They always have the same or shorter lifetime compared to their parent token - Revoking a parent token revokes all sub-tokens - Sub-tokens always have the same JID as the parent token - They do not have their own 'accessed' property - accessing a sub-token updates the parent token's accessed time Although this is a generic API, it is designed to at least fill the needs of OAuth2 refresh + access tokens (where the parent token is the refresh token and the sub-tokens are access tokens).

This file documents the structure of the roster object.

table roster {
  [string bare_jid] = roster_item
}

table roster_item {
  string subscription = "none" | "to" | "from" | "both"
  string name = Opaque string set by client. (optional)
  set groups = a set of opaque strings set by the client
  boolean ask = nil | "subscribe" - a value of true indicates subscription is pending
}

The roster is available as
 hosts[host].sessions[username].roster
and a copy is made to session.roster for all sessions.

All modifications to a roster should be done through the rostermanager.