Stephen Paul Weber <singpolyma@singpolyma.net> [Sat, 06 May 2023 19:42:08 -0500] rev 5655
mod_pubsub_subscription: support subscribing from a bare JID
Allow subscribing from a bare JID on the component instead of only the component
host, useful for subscribing to whitelist access model nodes that want to see
a particular JID in the from.
Stephen Paul Weber <singpolyma@singpolyma.net> [Sat, 06 May 2023 19:40:23 -0500] rev 5654
merge
Stephen Paul Weber <singpolyma@singpolyma.net> [Wed, 22 Feb 2023 22:47:45 -0500] rev 5653
mod_muc_restrict_avatars: Block MUC participant avatars for non-members
Kim Alvefur <zash@zash.se> [Sun, 17 Sep 2023 13:36:30 +0200] rev 5652
misc/mtail: Start of an mtail config
Stashing it here in case anyone wants to continue working on it.
Currently it's only counting log messages by level.
Due to the permissions set by systemd on Prosody logs, mtail never
managed to start correctly until permissions were manually relaxed.
Kim Alvefur <zash@zash.se> [Mon, 11 Sep 2023 18:03:18 +0200] rev 5651
mod_muc_moderation: Mention that it works with mod_storage_xmlarchive (thanks Menel)
Kim Alvefur <zash@zash.se> [Mon, 11 Sep 2023 10:48:31 +0200] rev 5650
mod_http_oauth2: Apply refresh token ttl to refresh token instead of grant
The intent in 59d5fc50f602 was for refresh tokens to extend the lifetime
of the grant, but the refresh token ttl was applied to the grant and
mod_tokenauth does not change it, leading to the grant expiring
regardless of refresh token usage.
This makes grant lifetimes unlimited, which seems to be standard
practice in the wild.
Kim Alvefur <zash@zash.se> [Mon, 11 Sep 2023 10:19:38 +0200] rev 5649
mod_client_management: Show grant expiry in shell command
I want to know when my OAuth2 grant expires and that it really is
extended by refreshing.
Kim Alvefur <zash@zash.se> [Sat, 09 Sep 2023 22:51:25 +0200] rev 5648
mod_http_oauth2: Tweak wording in README to point out that this is an AS
Kim Alvefur <zash@zash.se> [Sat, 09 Sep 2023 21:42:24 +0200] rev 5647
mod_http_oauth2: Allow 'login_hint' as a substitute for OIDC 'select_account' prompt
If the OIDC 'prompt' parameter does not contain the 'select_account'
then it wants us to skip account selection, which means we have to
figure which account to authenticate somehow. One way could be have
this stored in a cookie from a previous successful login. Another way
would be to have the account passed as a hint, which is what we add
here.
Kim Alvefur <zash@zash.se> [Sun, 27 Aug 2023 09:49:35 +0200] rev 5646
mod_http_oauth2: Remove broken in-CSS templating
Because util.interpolation with a "%b{}" pattern only matches the outer
brackets, so variables inside them would not work unless the pattern is
changed (also considered).