prosody-modules: mod_auth_http_async/mod_auth_http_async.lua@62480053c87b (annotated)

1421 295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	1	-- Prosody IM
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	2	-- Copyright (C) 2008-2013 Matthew Wild
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	3	-- Copyright (C) 2008-2013 Waqas Hussain
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	4	-- Copyright (C) 2014 Kim Alvefur
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	5	--
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	6	-- This project is MIT/X11 licensed. Please see the
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	7	-- COPYING file in the source package for more information.
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	8	--
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	9
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	10	local new_sasl = require "util.sasl".new;
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	11	local base64 = require "util.encodings".base64.encode;
2163 5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1943 diff changeset	12	local have_async, async = pcall(require, "util.async");
1421 295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	13
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	14	local log = module._log;
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	15	local host = module.host;
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	16
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	17	local api_base = module:get_option_string("http_auth_url", ""):gsub("$host", host);
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	18	if api_base == "" then error("http_auth_url required") end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	19
2633 a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	20	local provider = {};
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	21
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	22	-- globals required by socket.http
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	23	if rawget(_G, "PROXY") == nil then
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	24	rawset(_G, "PROXY", false)
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	25	end
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	26	if rawget(_G, "base_parsed") == nil then
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	27	rawset(_G, "base_parsed", false)
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	28	end
2815 39156d6f7268 mod_auth_http_async: Allow LuaSocket to pollute the global scope (fixes #1033) Kim Alvefur <zash@zash.se> parents: 2754 diff changeset	29	if not have_async then -- FINE! Set your globals then
39156d6f7268 mod_auth_http_async: Allow LuaSocket to pollute the global scope (fixes #1033) Kim Alvefur <zash@zash.se> parents: 2754 diff changeset	30	prosody.unlock_globals()
39156d6f7268 mod_auth_http_async: Allow LuaSocket to pollute the global scope (fixes #1033) Kim Alvefur <zash@zash.se> parents: 2754 diff changeset	31	require "ltn12"
39156d6f7268 mod_auth_http_async: Allow LuaSocket to pollute the global scope (fixes #1033) Kim Alvefur <zash@zash.se> parents: 2754 diff changeset	32	require "socket"
39156d6f7268 mod_auth_http_async: Allow LuaSocket to pollute the global scope (fixes #1033) Kim Alvefur <zash@zash.se> parents: 2754 diff changeset	33	require "socket.http"
39156d6f7268 mod_auth_http_async: Allow LuaSocket to pollute the global scope (fixes #1033) Kim Alvefur <zash@zash.se> parents: 2754 diff changeset	34	require "ssl.https"
39156d6f7268 mod_auth_http_async: Allow LuaSocket to pollute the global scope (fixes #1033) Kim Alvefur <zash@zash.se> parents: 2754 diff changeset	35	prosody.lock_globals()
39156d6f7268 mod_auth_http_async: Allow LuaSocket to pollute the global scope (fixes #1033) Kim Alvefur <zash@zash.se> parents: 2754 diff changeset	36	end
2633 a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	37
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	38	local function async_http_auth(url, username, password)
2815 39156d6f7268 mod_auth_http_async: Allow LuaSocket to pollute the global scope (fixes #1033) Kim Alvefur <zash@zash.se> parents: 2754 diff changeset	39	module:log("debug", "async_http_auth()");
2634 96eb1c4f9ff7 mod_auth_http_async: Use "net.http" for async case. JC Brand <jc@opkode.com> parents: 2633 diff changeset	40	local http = require "net.http";
2163 5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1943 diff changeset	41	local wait, done = async.waiter();
1931 439711709d29 mod_auth_http_async: Wrap up async http request in a function Kim Alvefur <zash@zash.se> parents: 1753 diff changeset	42	local content, code, request, response;
2633 a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	43	local ex = {
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	44	headers = { Authorization = "Basic "..base64(username..":"..password); };
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	45	}
1934 95bbf3c4aa27 mod_auth_http_async: Don't set global Kim Alvefur <zash@zash.se> parents: 1931 diff changeset	46	local function cb(content_, code_, request_, response_)
1931 439711709d29 mod_auth_http_async: Wrap up async http request in a function Kim Alvefur <zash@zash.se> parents: 1753 diff changeset	47	content, code, request, response = content_, code_, request_, response_;
439711709d29 mod_auth_http_async: Wrap up async http request in a function Kim Alvefur <zash@zash.se> parents: 1753 diff changeset	48	done();
439711709d29 mod_auth_http_async: Wrap up async http request in a function Kim Alvefur <zash@zash.se> parents: 1753 diff changeset	49	end
1935 bd5412eb0a6d mod_auth_http_async: Actually do the HTTP request Kim Alvefur <zash@zash.se> parents: 1934 diff changeset	50	http.request(url, ex, cb);
1931 439711709d29 mod_auth_http_async: Wrap up async http request in a function Kim Alvefur <zash@zash.se> parents: 1753 diff changeset	51	wait();
2633 a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	52	if code >= 200 and code <= 299 then
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	53	module:log("debug", "HTTP auth provider confirmed valid password");
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	54	return true;
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	55	else
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	56	module:log("debug", "HTTP auth provider returned status code %d", code);
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	57	end
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	58	return nil, "Auth failed. Invalid username or password.";
1931 439711709d29 mod_auth_http_async: Wrap up async http request in a function Kim Alvefur <zash@zash.se> parents: 1753 diff changeset	59	end
439711709d29 mod_auth_http_async: Wrap up async http request in a function Kim Alvefur <zash@zash.se> parents: 1753 diff changeset	60
2754 1d139e33c502 mod_auth_http_async: Updated sync_http_auth function to accept username and password and send those as a basic authentication header Matt Loupe <mloupe2@gmail.com> parents: 2634 diff changeset	61	local function sync_http_auth(url,username, password)
2815 39156d6f7268 mod_auth_http_async: Allow LuaSocket to pollute the global scope (fixes #1033) Kim Alvefur <zash@zash.se> parents: 2754 diff changeset	62	module:log("debug", "sync_http_auth()");
39156d6f7268 mod_auth_http_async: Allow LuaSocket to pollute the global scope (fixes #1033) Kim Alvefur <zash@zash.se> parents: 2754 diff changeset	63	require "ltn12";
2634 96eb1c4f9ff7 mod_auth_http_async: Use "net.http" for async case. JC Brand <jc@opkode.com> parents: 2633 diff changeset	64	local http = require "socket.http";
96eb1c4f9ff7 mod_auth_http_async: Use "net.http" for async case. JC Brand <jc@opkode.com> parents: 2633 diff changeset	65	local https = require "ssl.https";
2633 a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	66	local request;
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	67	if string.sub(url, 1, string.len('https')) == 'https' then
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	68	request = https.request;
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	69	else
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	70	request = http.request;
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	71	end
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	72	local _, code, headers, status = request{
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	73	url = url,
2754 1d139e33c502 mod_auth_http_async: Updated sync_http_auth function to accept username and password and send those as a basic authentication header Matt Loupe <mloupe2@gmail.com> parents: 2634 diff changeset	74	headers = { Authorization = "Basic "..base64(username..":"..password); }
2633 a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	75	};
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	76	if type(code) == "number" and code >= 200 and code <= 299 then
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	77	module:log("debug", "HTTP auth provider confirmed valid password");
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	78	return true;
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	79	else
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	80	module:log("debug", "HTTP auth provider returned status code: "..code);
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	81	end
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	82	return nil, "Auth failed. Invalid username or password.";
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	83	end
1421 295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	84
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	85	function provider.test_password(username, password)
2633 a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	86	local url = api_base:gsub("$user", username):gsub("$password", password);
2446 b2a198665946 mod_auth_http_async: Log URL when testing password JC Brand <jc@opkode.com> parents: 2163 diff changeset	87	log("debug", "Testing password for user %s at host %s with URL %s", username, host, url);
2163 5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1943 diff changeset	88	if (have_async) then
2633 a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	89	return async_http_auth(url, username, password);
1421 295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	90	else
2754 1d139e33c502 mod_auth_http_async: Updated sync_http_auth function to accept username and password and send those as a basic authentication header Matt Loupe <mloupe2@gmail.com> parents: 2634 diff changeset	91	return sync_http_auth(url, username, password);
1421 295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	92	end
2633 a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	93	end
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	94
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	95	function provider.users()
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	96	return function()
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	97	return nil;
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	98	end
1421 295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	99	end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	100
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	101	function provider.set_password(username, password)
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	102	return nil, "Changing passwords not supported";
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	103	end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	104
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	105	function provider.user_exists(username)
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	106	return true;
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	107	end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	108
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	109	function provider.create_user(username, password)
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	110	return nil, "User creation not supported";
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	111	end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	112
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	113	function provider.delete_user(username)
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	114	return nil , "User deletion not supported";
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	115	end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	116
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	117	function provider.get_sasl_handler()
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	118	return new_sasl(host, {
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	119	plain_test = function(sasl, username, password, realm)
1943 54f9e8663139 mod_auth_http_async: Correctly pass password to provider.test_password (thanks mother) Kim Alvefur <zash@zash.se> parents: 1942 diff changeset	120	return provider.test_password(username, password), true;
1421 295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	121	end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	122	});
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	123	end
2633 a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2446 diff changeset	124
2815 39156d6f7268 mod_auth_http_async: Allow LuaSocket to pollute the global scope (fixes #1033) Kim Alvefur <zash@zash.se> parents: 2754 diff changeset	125	module:provides("auth", provider);

author	Matthew Wild <mwild1@gmail.com>
	Fri, 23 Sep 2022 22:41:15 +0100
changeset 5058	62480053c87b
parent 2815	39156d6f7268
permissions	-rw-r--r--