prosody
26a004c96ef8
spec/scansion/keep_full_sub_req.scs
Software / code / prosody
File
spec/scansion/keep_full_sub_req.scs @ 12694:26a004c96ef8
util.paseto: Implementation of PASETO v4.public tokens
PASETO provides an alternative to JWT with the promise of fewer implementation
pitfalls. The v4.public algorithm allows asymmetric cryptographically-verified
token issuance and validation.
In summary, such tokens can be issued by one party and securely verified by
any other party independently using the public key of the issuer. This has a
number of potential applications in a decentralized network and ecosystem such
as XMPP. For example, such tokens could be combined with XEP-0317 to allow
hats to be verified even in the context of a third-party MUC service.
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Fri, 24 Jun 2022 17:03:28 +0100 |
| parent | 10515:35bf3b80480f |
line wrap: on
line source
# server MUST keep a record of the complete presence stanza comprising the subscription request (#689) [Client] Alice jid: pars-a@localhost password: password [Client] Bob jid: pars-b@localhost password: password [Client] Bob's phone jid: pars-b@localhost/phone password: password --------- Alice connects Alice sends: <presence to="${Bob's JID}" type="subscribe"> <preauth xmlns="urn:xmpp:pars:0" token="1tMFqYDdKhfe2pwp" /> </presence> Alice disconnects Bob connects Bob sends: <presence/> Bob receives: <presence from="${Bob's full JID}"/> Bob receives: <presence from="${Alice's JID}" type="subscribe"> <preauth xmlns="urn:xmpp:pars:0" token="1tMFqYDdKhfe2pwp" /> </presence> Bob disconnects # Works if they reconnect too Bob's phone connects Bob's phone sends: <presence/> Bob's phone receives: <presence from="${Bob's phone's full JID}"/> Bob's phone receives: <presence from="${Alice's JID}" type="subscribe"> <preauth xmlns="urn:xmpp:pars:0" token="1tMFqYDdKhfe2pwp" /> </presence> Bob's phone disconnects
