mod_http_oauth2

Introduction

This module is a work-in-progress intended for developers only!

Configuration

Dynamic client registration enabled by configuring a JWT key. Algorithm defaults to HS256.

oauth2_registration_key = "securely generated JWT key here"
oauth2_registration_algorithm = "HS256"
oauth2_registration_options = { default_ttl = 60 * 60 * 24 * 90 }

Various flows can be disabled and enabled with allowed_oauth2_grant_types and allowed_oauth2_response_types:

allowed_oauth2_grant_types = {
    "authorization_code"; -- authorization code grant
    "password"; -- resource owner password grant
}

allowed_oauth2_response_types = {
    "code"; -- authorization code flow
    -- "token"; -- implicit flow disabled by default
}

Compatibility

Requires Prosody 0.12+ or trunk.


Installation

With the plugin installer in Prosody 0.12 you can use:

sudo prosodyctl install --server=https://modules.prosody.im/rocks/ mod_http_oauth2

For earlier versions see the documentation for installing 3rd party modules