diff options
author | Pablo Polvorin <ppolvorin@process-one.net> | 2016-06-29 06:22:28 +0300 |
---|---|---|
committer | Pablo Polvorin <ppolvorin@process-one.net> | 2016-06-29 06:22:28 +0300 |
commit | ce0d1704c6cc167c8bc891587952f78c55f979ad (patch) | |
tree | 6d33c26754f187e01fea7c3bd9ff14b46c54ba3c /src/mod_http_api.erl | |
parent | 3446aba753625060af68396c6edd8e76a4950a61 (diff) |
Allow generation of oauth tokens from command line16.06
Oauth tokens can be generated for commands (scopes) having admin|user|open
policy. Restricted commands are not available as those are only usable
from ejabberdctl command line.
Four new commands are available:
$ejabberdctl oauth_issue_token "stats;get_roster"
Generates a token authorized to call both stats and get_roster
commands. Note scopes must be separated by semicolon.
$ejabberdctl oauth_list_tokens
List tokens generated from the command line, with their scope
and expirity time.
$ejabberdctl oauth_list_scopes
List scopes available
$ejabberdctl oauth_revoke_token "Lbs7qdJfdKXOWzVrArgyckY055tE1xnt"
Revokes the given token
Diffstat (limited to 'src/mod_http_api.erl')
-rw-r--r-- | src/mod_http_api.erl | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/mod_http_api.erl b/src/mod_http_api.erl index aadf09974..595c121cd 100644 --- a/src/mod_http_api.erl +++ b/src/mod_http_api.erl @@ -157,8 +157,10 @@ check_permissions2(#request{auth = HTTPAuth, headers = Headers}, Call, _) end; {oauth, Token, _} -> case oauth_check_token(Call, Token) of - {ok, User, Server} -> + {ok, user, {User, Server}} -> {ok, {User, Server, {oauth, Token}, Admin}}; + {ok, server_admin} -> %% token whas generated using issue_token command line + {ok, admin}; false -> false end; |