author | Kim Alvefur <zash@zash.se> |
Tue, 21 Mar 2023 21:57:18 +0100 | |
changeset 5268 | d3ebaef1ea7a |
parent 5216 | 3235b8bd1e55 |
child 5317 | 80ecba092027 |
permissions | -rw-r--r-- |
3907
cfeb93b80621
mod_http_oauth2: OAuth2 API (work in progress for developers only)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
1 |
--- |
cfeb93b80621
mod_http_oauth2: OAuth2 API (work in progress for developers only)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 |
labels: |
cfeb93b80621
mod_http_oauth2: OAuth2 API (work in progress for developers only)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 |
- Stage-Alpha |
cfeb93b80621
mod_http_oauth2: OAuth2 API (work in progress for developers only)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
4 |
summary: 'OAuth2 API' |
5216
3235b8bd1e55
mod_http_oauth2: Include html templates in package for plugin installer
Kim Alvefur <zash@zash.se>
parents:
5201
diff
changeset
|
5 |
rockspec: |
3235b8bd1e55
mod_http_oauth2: Include html templates in package for plugin installer
Kim Alvefur <zash@zash.se>
parents:
5201
diff
changeset
|
6 |
build: |
3235b8bd1e55
mod_http_oauth2: Include html templates in package for plugin installer
Kim Alvefur <zash@zash.se>
parents:
5201
diff
changeset
|
7 |
copy_directories: |
3235b8bd1e55
mod_http_oauth2: Include html templates in package for plugin installer
Kim Alvefur <zash@zash.se>
parents:
5201
diff
changeset
|
8 |
- html |
3907
cfeb93b80621
mod_http_oauth2: OAuth2 API (work in progress for developers only)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
9 |
... |
cfeb93b80621
mod_http_oauth2: OAuth2 API (work in progress for developers only)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
10 |
|
cfeb93b80621
mod_http_oauth2: OAuth2 API (work in progress for developers only)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
11 |
Introduction |
cfeb93b80621
mod_http_oauth2: OAuth2 API (work in progress for developers only)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
12 |
============ |
cfeb93b80621
mod_http_oauth2: OAuth2 API (work in progress for developers only)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
13 |
|
cfeb93b80621
mod_http_oauth2: OAuth2 API (work in progress for developers only)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
14 |
This module is a work-in-progress intended for developers only! |
cfeb93b80621
mod_http_oauth2: OAuth2 API (work in progress for developers only)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
15 |
|
cfeb93b80621
mod_http_oauth2: OAuth2 API (work in progress for developers only)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
16 |
Configuration |
cfeb93b80621
mod_http_oauth2: OAuth2 API (work in progress for developers only)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
17 |
============= |
cfeb93b80621
mod_http_oauth2: OAuth2 API (work in progress for developers only)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
18 |
|
5201
164a9875935b
mod_http_oauth2/README: Document config options
Kim Alvefur <zash@zash.se>
parents:
4927
diff
changeset
|
19 |
Dynamic client registration enabled by configuring a JWT key. Algorithm |
164a9875935b
mod_http_oauth2/README: Document config options
Kim Alvefur <zash@zash.se>
parents:
4927
diff
changeset
|
20 |
defaults to *HS256*. |
164a9875935b
mod_http_oauth2/README: Document config options
Kim Alvefur <zash@zash.se>
parents:
4927
diff
changeset
|
21 |
|
164a9875935b
mod_http_oauth2/README: Document config options
Kim Alvefur <zash@zash.se>
parents:
4927
diff
changeset
|
22 |
```lua |
164a9875935b
mod_http_oauth2/README: Document config options
Kim Alvefur <zash@zash.se>
parents:
4927
diff
changeset
|
23 |
oauth2_registration_key = "securely generated JWT key here" |
164a9875935b
mod_http_oauth2/README: Document config options
Kim Alvefur <zash@zash.se>
parents:
4927
diff
changeset
|
24 |
oauth2_registration_algorithm = "HS256" |
164a9875935b
mod_http_oauth2/README: Document config options
Kim Alvefur <zash@zash.se>
parents:
4927
diff
changeset
|
25 |
oauth2_registration_options = { default_ttl = 60 * 60 * 24 * 90 } |
164a9875935b
mod_http_oauth2/README: Document config options
Kim Alvefur <zash@zash.se>
parents:
4927
diff
changeset
|
26 |
``` |
164a9875935b
mod_http_oauth2/README: Document config options
Kim Alvefur <zash@zash.se>
parents:
4927
diff
changeset
|
27 |
|
164a9875935b
mod_http_oauth2/README: Document config options
Kim Alvefur <zash@zash.se>
parents:
4927
diff
changeset
|
28 |
Various flows can be disabled and enabled with |
164a9875935b
mod_http_oauth2/README: Document config options
Kim Alvefur <zash@zash.se>
parents:
4927
diff
changeset
|
29 |
`allowed_oauth2_grant_types` and `allowed_oauth2_response_types`: |
164a9875935b
mod_http_oauth2/README: Document config options
Kim Alvefur <zash@zash.se>
parents:
4927
diff
changeset
|
30 |
|
164a9875935b
mod_http_oauth2/README: Document config options
Kim Alvefur <zash@zash.se>
parents:
4927
diff
changeset
|
31 |
```lua |
164a9875935b
mod_http_oauth2/README: Document config options
Kim Alvefur <zash@zash.se>
parents:
4927
diff
changeset
|
32 |
allowed_oauth2_grant_types = { |
164a9875935b
mod_http_oauth2/README: Document config options
Kim Alvefur <zash@zash.se>
parents:
4927
diff
changeset
|
33 |
"authorization_code"; -- authorization code grant |
164a9875935b
mod_http_oauth2/README: Document config options
Kim Alvefur <zash@zash.se>
parents:
4927
diff
changeset
|
34 |
"password"; -- resource owner password grant |
164a9875935b
mod_http_oauth2/README: Document config options
Kim Alvefur <zash@zash.se>
parents:
4927
diff
changeset
|
35 |
} |
164a9875935b
mod_http_oauth2/README: Document config options
Kim Alvefur <zash@zash.se>
parents:
4927
diff
changeset
|
36 |
|
164a9875935b
mod_http_oauth2/README: Document config options
Kim Alvefur <zash@zash.se>
parents:
4927
diff
changeset
|
37 |
allowed_oauth2_response_types = { |
164a9875935b
mod_http_oauth2/README: Document config options
Kim Alvefur <zash@zash.se>
parents:
4927
diff
changeset
|
38 |
"code"; -- authorization code flow |
164a9875935b
mod_http_oauth2/README: Document config options
Kim Alvefur <zash@zash.se>
parents:
4927
diff
changeset
|
39 |
-- "token"; -- implicit flow disabled by default |
164a9875935b
mod_http_oauth2/README: Document config options
Kim Alvefur <zash@zash.se>
parents:
4927
diff
changeset
|
40 |
} |
164a9875935b
mod_http_oauth2/README: Document config options
Kim Alvefur <zash@zash.se>
parents:
4927
diff
changeset
|
41 |
``` |
164a9875935b
mod_http_oauth2/README: Document config options
Kim Alvefur <zash@zash.se>
parents:
4927
diff
changeset
|
42 |
|
3907
cfeb93b80621
mod_http_oauth2: OAuth2 API (work in progress for developers only)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
43 |
|
cfeb93b80621
mod_http_oauth2: OAuth2 API (work in progress for developers only)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
44 |
Compatibility |
cfeb93b80621
mod_http_oauth2: OAuth2 API (work in progress for developers only)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
45 |
============= |
cfeb93b80621
mod_http_oauth2: OAuth2 API (work in progress for developers only)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
46 |
|
4927
df3d521e3c39
mod_http_oauth2/README: Update Compatibility section to mention 0.12
Kim Alvefur <zash@zash.se>
parents:
3907
diff
changeset
|
47 |
Requires Prosody 0.12+ or trunk. |