labels:
...
This is an experimental authentication modules that connects Prosody to JetBrains Hub.
When a user attempts to authenticate to Prosody, this module will ask Hub if their credentials are correct and verify that they are a member of atleast one of the specified groups.
To get this up and running you're going to need to get Hub itself up and running. Documentation for installation can be found here.
Once your Hub installation is up and running we need to create a new service
in Hub that will allows us to query it. To start you'll need to access the
services page of your Hub instance. If you Hub is running on hub.example.com
you can find it at https://hub.example.com/hub/services
.
Once you're on the services page, go ahead and click New service...
. You
really only need to set a name for this service, but adding a Home URL
will
make it so people can access it from the Hub interface. But that's really only
necessary if you have some HTTP setup in your Prosody install.
Once you've created the service all we need to talk to it is the ID
of the
client and it's secret. When the service is created it has a random secret
that isn't shown, so go ahead and click the Change...
button next to
Secret
. Please note, that this is the only time that Hub will show the
secret, so be sure to store it.
Now that the service is configured in Hub we can go ahead and configure the Prosody module to talk to it.
VirtualHost "example.com"
authentication = "jetbrains_hub"
jetbrains_hub_url = "https://hub.example.com/hub"
jetbrains_hub_scopes = "0-0-0-0-0"
jetbrains_hub_client_id = "Client ID"
jetbrains_hub_client_secret = "Client Secret Key"
jetbrains_hub_groups = {"Registered Users"}
jetbrains_hub_url
is the url to the root of your Hub installation. In the
example above, hub is running on HTTPS at hub.example.com
with it's normal
path of /hub
.
jetbrains_hub_scopes
is the ID of the Hub service itself. In my experience
this is always 0-0-0-0-0
but you can double check by going to
https://hub.example.com/hub/services/jetbrains-hub-service
. You want the
value from the ID
field.
jetbrains_hub_client_id
and hub_client_secret
are the values for the
service ID and secret that were created in the prerequisites section.
jetbrains_hub_groups
is a table of hub group names that are allowed to access
the server. You must specify at least one group. If you want to allow anyone
that can authenticate to Hub, then you can set it to Registered Users
like
the example above.
Requires Prosody trunk.