This is a plugin of XOAUTH2 mechanism for Cyrus SASL, extending cyrus-sasl-xoauth2 to have the following features;
-
Server side
JWT is verified by the issuer's public key using SciTokens
-
Client side
The username is taken from the JWT's user claim instead of the input.
- cyrus-sasl-devel
- scitokens-cpp-devel
- libsasl2-dev, sasl2-bin
- libscitokens-dev
./autogen.sh
./configure --libdir=$(pkg-config --variable=libdir libsasl2)
make
sudo make install
sasl_plugin_dir=$(pkg-config --variable=libdir libsasl2)/sasl2
-
${sasl_plugin_dir}/{service_name}.conf:mech_list: xoauth2 xoauth2_scope: xxxx xoauth2_aud: xxxx xoauth2_user_claim: xxxx xoauth2_issuers: xxxx
-
${sasl_plugin_dir}/{service_name}.conf:xoauth2_user_claim: xxxx