mod_http_oauth2: Fix incorrect function name (thanks Zash/luacheck)

mod_cloud_notify: Add note about Lua version requirements to README

mod_cloud_notify: Log warning when used on Lua 5.1

mod_http_oauth2: Remove authorization codes after use RFC 6749 section 4.1.2 says: > The client MUST NOT use the authorization code more than once. Thus we clear it from the cache after use.

mod_http_oauth2: Fix authorization code logic I have no idea what it did before or if it even worked. RFC 6749 section 4.1.2 says: > A maximum authorization code lifetime of 10 minutes is RECOMMENDED. So this should prevent use of codes older than 10 minutes and remove them from the cache some time after they expire.

mod_http_oauth2: Include html templates in package for plugin installer luarocks needs this extra metadata

mod_conversejs: This one weird trick updates options on reload Options queried from the config in get_converse_options() would take effect immediately after Prosody reloads the config. Including 'conversejs_options' in this behaviour by simply moving a line seems worth it.

mod_http_oauth2: Switch to '303 See Other' redirects This is the recommendation by draft-ietf-oauth-v2-1-07 section 7.5.2. It is the only redirect code that guarantees the user agent will use a GET request, rather than re-submitting a POST request to the new URL. The latter would be bad for us, as we are encoding auth tokens in the form data.

mod_http_oauth2: Allow non-HTTPS on localhost URLs This is the recommended behaviour (draft-ietf-oauth-v2-1-07 section 7.5.1).

mod_http_oauth2: Add authentication, consent and error pages