mod_block_registrations: Refresh Compatibility section Update to use currently supported Prosody versions.

mod_block_registrations: Update description expansion of default list The default got a lot longer in 368bf9b06484, a bit too long to fit comfortably in this table.

mod_http_oauth2: Bail out of implicit flow on invalid or missing redirect Probably hasn't been tested, and maybe never will since it's disabled and more or less deprecated in OAuth 2.1

mod_http_oauth2: Fix error if no scopes requested granted_scopes would be nil but the later code expects an array

mod_http_oauth2: Add role selector to consent page List includes all roles available to the user, if more than one. Defaults to either the first role in the scope string or the users primary role. Earlier draft listed all roles, but having options that can't be selected is bad UX and the entire list of all roles on the server could be long, and perhaps even sensitive. Allows e.g. picking a role with fewer permissions than what might otherwise have been selected. UX wise, doing this with more checkboxes or possibly radio buttons would have been confusion and/or looked messier. Fixes the previous situation where unselecting a role would default to the primary role, which could be more permissions than requested.

mod_http_oauth2: Refactor scope handling into smaller functions Goal is to put a dropdown on the consent page with your allowed roles. Smaller functions make it easier to reuse. Readability may be improved slightly as well.

mod_http_oauth2: Add option for specifying TTL of registered clients Meant to simplify configuration, since TTL vs ignoring expiration is expected to be the main thing one would want to configure. Unsure what the implications of having unlimited lifetime of clients are, given no way to revoke them currently, short of rotating the signing secret. On one hand, it would be annoying to have the client expire. On the other hand, it is trivial to re-register it.

mod_strict_https: Add way to disable redirect Since Prosody 0.12+ does not listen on unencrypted http anymore, this is likely to cause trouble. Especially since the URL construction is problematic and awkward.

mod_strict_https: Refresh README

mod_prometheus: Wrap pointer to mod_http_openmetrics in a box