Skip to content
/ mod_auth_oauth Public

An authentication module for Prosody using a OAuth 2.0 backend such as Keycloak

License

MIT license
18 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

rgrunbla/mod_auth_oauth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
mod_auth_oauth.lua
mod_auth_oauth.lua
 
 

Repository files navigation

mod_auth_oauth

This module is unmaintained, so it's up for grab. Have a fork that is maintained ? Telle me in some issue and i'll redirect to it, or I can trensfer this one.

An authentication module for Prosody using a OAuth 2.0 backend such as Keycloak, that supports SASL OAUTHBEARER and PLAIN mechanisms.

When PLAIN is used, the username and password are checked by retrieving a token using the oauth_url_token endpoint.

When OAUTHBEARER is used, the token is checked against the oauth_url_userinfo endpoint.

Dependencies - Important

This module depends on mod_sasl_oauthbearer in which the password = saslprep(password); has been removed.

Configuration

authentication = "oauth"

oauth_host = "keycloak.domain.tld"
oauth_url_token = "https://keycloak.domain.tld/auth/realms/master/protocol/openid-connect/token"
oauth_url_userinfo = "https://keycloak.domain.tld/auth/realms/master/protocol/openid-connect/userinfo"
oauth_client_id = "CLIENT_ID"
oauth_client_secret = "CLIENT_SECRET"

About

An authentication module for Prosody using a OAuth 2.0 backend such as Keycloak

Resources

Readme

License

MIT license
Activity

Stars

18 stars

Watchers

6 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages