1 local st = require "util.stanza";

     2 

     3 local mod_smacks = module:depends("smacks");

     4 

     5 local xmlns_sasl2 = "urn:xmpp:sasl:1";

     6 local xmlns_sm = "urn:xmpp:sm:3";

     7 

     8 module:hook("stream-features", function (event)

     9 	if event.origin.type ~= "c2s_unauthed" then return; end

    10 	local features = event.features;

    11 	local inline = features:get_child("inline", xmlns_sasl2);

    12 	if not inline then

    13 		inline = st.stanza("inline", { xmlns = xmlns_sasl2 });

    14 		features:add_child(inline);

    15 	end

    16 	inline:tag("sm", { xmlns = xmlns_sm }):up();

    17 end);

    18 

    19 module:hook_tag(xmlns_sasl2, "authenticate", function (session, auth)

    20 	-- Cache action for future processing (after auth success)

    21 	session.sasl2_sm_action = auth:get_child_with_namespace(xmlns_sm);

    22 end, 100);

    23 

    24 module:hook("sasl2/c2s/success", function (event)

    25 	local session = event.session;

    26 	local sm_action = session.sasl2_sm_action;

    27 	if not sm_action then return; end

    28 	session.sasl2_sm_action = nil;

    29 	local sm_result;

    30 	if sm_action.name == "resume" then

    31 		local resumed, err = mod_smacks.do_resume(session, sm_action);

    32 		if not resumed then

    33 			local h = err.context and err.context.h;

    34 			sm_result = st.stanza("failed", { xmlns = xmlns_sm, h = h and ("%d"):format(h) or nil })

    35 				:add_error(err);

    36 		else

    37 			event.session = resumed.session; -- Update to resumed session

    38 			event.sasl2_sm_finish = resumed.finish; -- To be called after sending final SASL response

    39 			sm_result = st.stanza("resumed", { xmlns = xmlns_sm,

    40 				h = ("%d"):format(event.session.handled_stanza_count);

    41 				previd = resumed.id; });

    42 		end

    43 	elseif sm_action.name == "enable" then

    44 		local enabled, err = mod_smacks.do_enable(session, sm_action);

    45 		if not enabled then

    46 			sm_result = st.stanza("failed", { xmlns = xmlns_sm })

    47 				:add_error(err);

    48 		else

    49 			event.sasl2_sm_finish = enabled.finish; -- To be called after sending final SASL response

    50 			sm_result = st.stanze("enabled", {

    51 				xmlns = xmlns_sm;

    52 				id = enabled.id;

    53 				resume = enabled.id and "1" or nil;

    54 				max = enabled.resume_max;

    55 			});

    56 		end

    57 	end

    58 	if sm_result then

    59 		event.success:add_child(sm_result);

    60 	end

    61 end, 100);

    62 

    63 module:hook("sasl2/c2s/success", function (event)

    64 	-- The authenticate response has already been sent at this point

    65 	local finish = event.sasl2_sm_finish;

    66 	if finish then

    67 		finish(); -- Finish resume and sync stanzas

    68 	end

    69 end, -1100);

    70 

    71 module:hook("sasl2/c2s/failure", function (event)

    72 	event.session.sasl2_sm_action = nil;

    73 end);

    74