Hi,
I just noticed that XMPP has published the following extension https://xmpp.org/extensions/xep-0493.html. Allowing authentications onto OAuth providers via XMPP.
Are there currently any future plans to integrate this extension into Openfire? Is it even possible seeing that the current authentication process does not support this in any way?
Thanks in advance!
Hi Yorben!
To my knowledge, there aren’t any concrete plans to get this implemented in Openfire, but I’m not ruling out that there will be. That mostly depends on the perceived desire from the community, versus resources available to do the work. 
Openfire’s authentication process is SASL-based. That’s very flexible - although limitations do apply (specifically when integrating with some third-party user stores). Still, there’s a lot that can be done. I’ve seen proprietary OAUTHBEARER and other authentication mechanisms being added in the past.
Hey Guus,
I tried implementing an OAuthProvider for Openfire 4.7.5 but I’m struggling with the fact that the AuthFactory requires an username and password parameter. When logging in with OAuth2 I have access to neither… Any ideas there?
Kind regards!
That requires me to spend a considerable amount of time of getting myself familiar again with all of the details - not something that I have high on my priority list at the moment, I’m afraid.
There is a similar XEP-0070: Verifying HTTP Requests via XMPP that you can try yourself here https://demo.agayon.be/
The Gajim and Psi support it natively.
The spec author is also author of Prosody and Snikket. So it may be worth to check if the XEP or something like that is implemented there. I found only the topic with some additional thoughts