prosody-modules: mod_auth_http_async/mod_auth_http_async.lua@5e8dec076afc (annotated)

1421 295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	1	-- Prosody IM
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	2	-- Copyright (C) 2008-2013 Matthew Wild
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	3	-- Copyright (C) 2008-2013 Waqas Hussain
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	4	-- Copyright (C) 2014 Kim Alvefur
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	5	--
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	6	-- This project is MIT/X11 licensed. Please see the
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	7	-- COPYING file in the source package for more information.
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	8	--
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	9
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	10	local new_sasl = require "util.sasl".new;
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	11	local base64 = require "util.encodings".base64.encode;
2163 5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1943 diff changeset	12	local have_async, async = pcall(require, "util.async");
1421 295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	13	local http = require "net.http";
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	14
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	15	local log = module._log;
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	16	local host = module.host;
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	17
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	18	local api_base = module:get_option_string("http_auth_url", ""):gsub("$host", host);
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	19	if api_base == "" then error("http_auth_url required") end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	20
1942 cfe73f64ad29 mod_auth_http_async: Fix syntax error Kim Alvefur <zash@zash.se> parents: 1936 diff changeset	21	local function async_http_request(url, ex)
2163 5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1943 diff changeset	22	local wait, done = async.waiter();
1931 439711709d29 mod_auth_http_async: Wrap up async http request in a function Kim Alvefur <zash@zash.se> parents: 1753 diff changeset	23	local content, code, request, response;
1934 95bbf3c4aa27 mod_auth_http_async: Don't set global Kim Alvefur <zash@zash.se> parents: 1931 diff changeset	24	local function cb(content_, code_, request_, response_)
1931 439711709d29 mod_auth_http_async: Wrap up async http request in a function Kim Alvefur <zash@zash.se> parents: 1753 diff changeset	25	content, code, request, response = content_, code_, request_, response_;
439711709d29 mod_auth_http_async: Wrap up async http request in a function Kim Alvefur <zash@zash.se> parents: 1753 diff changeset	26	done();
439711709d29 mod_auth_http_async: Wrap up async http request in a function Kim Alvefur <zash@zash.se> parents: 1753 diff changeset	27	end
1935 bd5412eb0a6d mod_auth_http_async: Actually do the HTTP request Kim Alvefur <zash@zash.se> parents: 1934 diff changeset	28	http.request(url, ex, cb);
1931 439711709d29 mod_auth_http_async: Wrap up async http request in a function Kim Alvefur <zash@zash.se> parents: 1753 diff changeset	29	wait();
439711709d29 mod_auth_http_async: Wrap up async http request in a function Kim Alvefur <zash@zash.se> parents: 1753 diff changeset	30	return content, code, request, response;
439711709d29 mod_auth_http_async: Wrap up async http request in a function Kim Alvefur <zash@zash.se> parents: 1753 diff changeset	31	end
439711709d29 mod_auth_http_async: Wrap up async http request in a function Kim Alvefur <zash@zash.se> parents: 1753 diff changeset	32
1421 295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	33	local provider = {};
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	34
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	35	function provider.test_password(username, password)
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	36	log("debug", "test password for user %s at host %s", username, host);
2163 5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1943 diff changeset	37	local url = api_base:gsub("$user", username);
5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1943 diff changeset	38	local ex = {
1931 439711709d29 mod_auth_http_async: Wrap up async http request in a function Kim Alvefur <zash@zash.se> parents: 1753 diff changeset	39	headers = { Authorization = "Basic "..base64(username..":"..password); };
2163 5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1943 diff changeset	40	}
5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1943 diff changeset	41	if (have_async) then
5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1943 diff changeset	42	local _, code = async_http_request(url, ex);
5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1943 diff changeset	43	if code >= 200 and code <= 299 then
5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1943 diff changeset	44	module:log("debug", "HTTP auth provider confirmed valid password");
5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1943 diff changeset	45	return true;
5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1943 diff changeset	46	else
5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1943 diff changeset	47	module:log("debug", "HTTP auth provider returned status code %d", code);
5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1943 diff changeset	48	end
1421 295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	49	else
2163 5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1943 diff changeset	50	local ok, err = http.request(url, ex, function(body, code)
5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1943 diff changeset	51	if code >= 200 and code <= 299 then
5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1943 diff changeset	52	module:log("debug", "HTTP auth provider confirmed valid password");
5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1943 diff changeset	53	else
5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1943 diff changeset	54	module:log("debug", "HTTP auth provider returned status code %d", code);
5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1943 diff changeset	55	end
5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1943 diff changeset	56	end);
5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1943 diff changeset	57	if ok then
5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1943 diff changeset	58	return true;
5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1943 diff changeset	59	end
1421 295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	60	end
2163 5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1943 diff changeset	61	return nil, "Auth failed. Invalid username or password.";
1421 295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	62	end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	63
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	64	function provider.set_password(username, password)
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	65	return nil, "Changing passwords not supported";
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	66	end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	67
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	68	function provider.user_exists(username)
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	69	return true;
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	70	end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	71
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	72	function provider.create_user(username, password)
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	73	return nil, "User creation not supported";
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	74	end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	75
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	76	function provider.delete_user(username)
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	77	return nil , "User deletion not supported";
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	78	end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	79
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	80	function provider.get_sasl_handler()
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	81	return new_sasl(host, {
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	82	plain_test = function(sasl, username, password, realm)
1943 54f9e8663139 mod_auth_http_async: Correctly pass password to provider.test_password (thanks mother) Kim Alvefur <zash@zash.se> parents: 1942 diff changeset	83	return provider.test_password(username, password), true;
1421 295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	84	end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	85	});
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	86	end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	87
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	88	module:provides("auth", provider);

author	JC Brand <jcbrand@minddistrict.com>
	Fri, 15 Apr 2016 13:45:01 +0000
changeset 2163	5e8dec076afc
parent 1943	54f9e8663139
child 2446	b2a198665946
permissions	-rw-r--r--