author | Matthew Wild <mwild1@gmail.com> |
Tue, 12 Mar 2024 14:07:00 +0000 | |
changeset 5868 | b5a110544fd4 |
parent 5598 | e9af6abf2b1e |
permissions | -rw-r--r-- |
5298
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
1 |
--- |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 |
labels: |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 |
- Stage-Beta |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
4 |
summary: "Manage clients with access to your account" |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 |
rockspec: |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 |
dependencies: |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
7 |
- mod_sasl2_fast |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 |
--- |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
9 |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
10 |
This module allows a user to identify what currently has access to their |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
11 |
account. |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
12 |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
13 |
This module depends on [mod_sasl2_fast] and mod_tokenauth (bundled with |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
14 |
Prosody). Both will be automatically loaded if this module is loaded. |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
15 |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
16 |
## Configuration |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
17 |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
18 |
| Name | Description | Default | |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
19 |
|---------------------------|--------------------------------------------------------|-----------------| |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
20 |
| enforce_client_ids | Only allow SASL2-compatible clients | `false` | |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
21 |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
22 |
When `enforce_client_ids` is not enabled, the client listing may be less accurate due to legacy clients, |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
23 |
which can only be tracked by their resource, which is public information, not necessarily unique to a |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
24 |
client instance, and is also exposed to other XMPP entities the user communicates with. |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
25 |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
26 |
When `enforce_client_ids` is enabled, clients that don't support SASL2 and provide a client id will be |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
27 |
denied access. |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
28 |
|
5318
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
29 |
## Shell usage |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
30 |
|
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
31 |
You can use this module via the Prosody shell. For example, to list a user's |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
32 |
clients: |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
33 |
|
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
34 |
```shell |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
35 |
prosodyctl shell user clients user@example.com |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
36 |
``` |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
37 |
|
5598
e9af6abf2b1e
mod_client_management: Add shell command to revoke client access
Kim Alvefur <zash@zash.se>
parents:
5318
diff
changeset
|
38 |
To revoke access from particular client: |
e9af6abf2b1e
mod_client_management: Add shell command to revoke client access
Kim Alvefur <zash@zash.se>
parents:
5318
diff
changeset
|
39 |
|
e9af6abf2b1e
mod_client_management: Add shell command to revoke client access
Kim Alvefur <zash@zash.se>
parents:
5318
diff
changeset
|
40 |
```shell |
e9af6abf2b1e
mod_client_management: Add shell command to revoke client access
Kim Alvefur <zash@zash.se>
parents:
5318
diff
changeset
|
41 |
prosodyctl shell user revoke_client user@example.com grant/xxxxx |
e9af6abf2b1e
mod_client_management: Add shell command to revoke client access
Kim Alvefur <zash@zash.se>
parents:
5318
diff
changeset
|
42 |
``` |
e9af6abf2b1e
mod_client_management: Add shell command to revoke client access
Kim Alvefur <zash@zash.se>
parents:
5318
diff
changeset
|
43 |
|
5298
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
44 |
## Compatibility |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
45 |
|
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
46 |
Requires Prosody trunk (as of 2023-03-29). Not compatible with Prosody 0.12 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
47 |
and earlier. |
5318
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
48 |
|
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
49 |
## Developers |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
50 |
|
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
51 |
### Protocol |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
52 |
|
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
53 |
#### Listing clients |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
54 |
|
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
55 |
To list clients that have access to the user's account, send the following |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
56 |
stanza: |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
57 |
|
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
58 |
```xml |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
59 |
<iq id="p" type="get"> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
60 |
<list xmlns="xmpp:prosody.im/protocol/manage-clients"/> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
61 |
</iq> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
62 |
``` |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
63 |
|
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
64 |
The server will respond with a list of clients: |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
65 |
|
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
66 |
```xml |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
67 |
<iq id="p" to="mattj-gajim@auth2.superxmpp.com/gajim.UYJKBHKT" type="result" xmlns="jabber:client"> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
68 |
<clients xmlns="xmpp:prosody.im/protocol/manage-clients"> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
69 |
<client connected="true" id="client/zeiP41HLglIu" type="session"> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
70 |
<first-seen>2023-04-06T14:26:08Z</first-seen> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
71 |
<last-seen>2023-04-06T14:37:25Z</last-seen> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
72 |
<auth> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
73 |
<password/> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
74 |
</auth> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
75 |
<user-agent> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
76 |
<software>Gajim</software> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
77 |
<uri>https://gajim.org/</uri> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
78 |
<device>Juliet's laptop</device> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
79 |
</user-agent> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
80 |
</client> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
81 |
<client connected="false" id="grant/HjEEr45_LQr" type="access"> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
82 |
<first-seen>2023-03-27T15:16:09Z</first-seen> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
83 |
<last-seen>2023-03-27T15:37:24Z</last-seen> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
84 |
<user-agent> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
85 |
<software>REST client</software> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
86 |
</user-agent> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
87 |
</client> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
88 |
</clients> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
89 |
</iq> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
90 |
``` |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
91 |
|
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
92 |
On the `<client/>` tag most things are self-explanatory. The following attributes |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
93 |
are defined: |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
94 |
|
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
95 |
- 'connected': a boolean that reflects whether this client has an active session |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
96 |
on the server (i.e. this includes connected and "hibernating" sessions). |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
97 |
- 'id': an opaque reference for the client, which can be used to revoke access. |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
98 |
- 'type': either `"session"` if this client is known to have an active or inactive |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
99 |
client session on the server, or "access" if no session has been established (e.g. |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
100 |
it may have been granted access to the account, but only used non-XMPP APIs or |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
101 |
never logged in). |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
102 |
|
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
103 |
The `<first-seen/>` and `<last-seen/>` elements contain timestamps that reflect |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
104 |
when a client was first granted access to the user's account, and when it most |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
105 |
recently used that access. For active sessions, it may reflect the current |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
106 |
time or the time of the last login. |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
107 |
|
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
108 |
The `<user-agent/>` element contains information about the client software. It |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
109 |
may contain any of three optional child elements, each containing text content: |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
110 |
|
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
111 |
- `<software/>` - the name of the software |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
112 |
- `<uri/>` - a URI/URL for the client, such as a homepage |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
113 |
- `<device/>` - a human-readable identifier/name for the device where the client |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
114 |
runs |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
115 |
|
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
116 |
The `<auth/>` element lists the known authentication methods that the client |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
117 |
has used to gain access to the account. The following elements are defined: |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
118 |
|
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
119 |
- `<password/>` - the client has presented a valid password |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
120 |
- `<grant/>` - the client has a valid authorization grant (e.g. via OAuth) |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
121 |
- `<fast/>` - the client has active FAST tokens |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
122 |
|
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
123 |
#### Revoking access |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
124 |
|
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
125 |
To revoke a client's access, send a `<revoke/>` element with an 'id' attribute |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
126 |
containing one of the client ids fetched from the list: |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
127 |
|
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
128 |
```xml |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
129 |
<iq id="p" type="set"> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
130 |
<revoke xmlns="xmpp:prosody.im/protocol/manage-clients" id="grant/HjEEr45_LQr" /> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
131 |
</iq> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
132 |
``` |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
133 |
|
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
134 |
The server will respond with an empty result if the revocation succeeds: |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
135 |
|
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
136 |
```xml |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
137 |
<iq id="p" type="result" /> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
138 |
``` |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
139 |
|
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
140 |
If the client has previously authenticated with a password, there is no way to |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
141 |
revoke access except by changing the user's password. If you request |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
142 |
revocation of such a client, the server will respond with a 'service-unavailable' |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
143 |
error, with the 'password-reset-required' application error: |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
144 |
|
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
145 |
```xml |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
146 |
<iq id="p" type="error"> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
147 |
<error type="cancel"> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
148 |
<service-unavailable xmlns="xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'"> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
149 |
<password-reset-required xmlns="xmpp:prosody.im/protocol/manage-clients"/> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
150 |
</error> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
151 |
</iq> |
7c123d3285de
mod_client_management: README: Update docs to detail shell and XMPP interfaces
Matthew Wild <mwild1@gmail.com>
parents:
5298
diff
changeset
|
152 |
``` |