Matthew Wild <mwild1@gmail.com> [Wed, 01 Mar 2023 13:02:51 +0000] rev 12918
mod_tokenauth: Add some sanity checking of the new optional parameters
Matthew Wild <mwild1@gmail.com> [Wed, 01 Mar 2023 13:01:21 +0000] rev 12917
mod_tokenauth: Add 'purpose' constraint
This allows tokens to be tied to specific purposes/protocols. For example, we
shouldn't (without specific consideration) allow an OAuth token to be dropped
into a slot expecting a FAST token.
While FAST doesn't currently use mod_tokenauth, it and others may do in the
future. It's better to be explicit about what kind of token code is issuing or
expecting.
Matthew Wild <mwild1@gmail.com> [Wed, 01 Mar 2023 12:56:08 +0000] rev 12916
mod_saslauth: Support for SASL handlers forcing a specific resource
The token layer supports tokens that are tied to a given resource.
Matthew Wild <mwild1@gmail.com> [Wed, 01 Mar 2023 12:55:00 +0000] rev 12915
util.sasl: Add SASL OAUTHBEARER mechanism (RFC 7628)
Kim Alvefur <zash@zash.se> [Thu, 23 Feb 2023 18:39:02 +0100] rev 12914
mod_admin_adhoc: Add XEP-0133 commands to Disable and Re-Enable users
Enables UI in clients supporting XEP-0050
Kim Alvefur <zash@zash.se> [Thu, 23 Feb 2023 18:11:15 +0100] rev 12913
CHANGES: Mention new ability to disable and enable user accounts
Kim Alvefur <zash@zash.se> [Thu, 23 Feb 2023 18:10:06 +0100] rev 12912
mod_admin_shell: Add commands to disable and enable accounts
First proper UI to enable/disable, allowing it to be tested.
Kim Alvefur <zash@zash.se> [Thu, 23 Feb 2023 16:28:57 +0100] rev 12911
mod_c2s: Disconnect accounts when they are disabled
We decided that at the first stage, accounts that are disabled should
simply be prevented from authenticating, thus they should also be
prevented from having connected sessions. Since this is aimed to be a
moderation action for cases of abuse, they shouldn't be allowed to
continue being connected.
Kim Alvefur <zash@zash.se> [Thu, 23 Feb 2023 16:25:31 +0100] rev 12910
core.usermanager: Fire events when enabling and disabling users
Allow modules to act on this state change, e.g. kick accounts etc.
Kim Alvefur <zash@zash.se> [Thu, 23 Feb 2023 16:24:41 +0100] rev 12909
core.usermanager: Add methods for enabling and disabling users
Calling into the auth module, where available.