-- RESTful API
--
-- Copyright (c) 2019 Kim Alvefur
--
-- This file is MIT/X11 licensed.
local errors = require "util.error";
local http = require "net.http";
local id = require "util.id";
local jid = require "util.jid";
local st = require "util.stanza";
local xml = require "util.xml";
local allow_any_source = module:get_host_type() == "component";
local validate_from_addresses = module:get_option_boolean("validate_from_addresses", true);
local function handle_post(event)
local request, response = event.request, event.response;
if request.headers.content_type ~= "application/xmpp+xml" then
return errors.new({ code = 415, text = "'application/xmpp+xml' expected" });
end
local payload, err = xml.parse(request.body);
if not payload then
-- parse fail
return errors.new({ code = 400, text = err });
end
local to = jid.prep(payload.attr.to);
if not to then
return errors.new({ code = 400, text = "Invalid destination JID" });
end
local from = module.host;
if allow_any_source and payload.attr.from then
from = jid.prep(payload.attr.from);
if not from then
return errors.new({ code = 400, text = "Invalid source JID" });
end
if validate_from_addresses and not jid.compare(from, module.host) then
return errors.new({ code = 403, text = "Source JID must belong to current host" });
end
end
payload.attr = {
from = from,
to = to,
id = payload.attr.id or id.medium(),
type = payload.attr.type,
["xml:lang"] = payload.attr["xml:lang"],
};
if payload.name == "iq" then
if payload.attr.type ~= "get" and payload.attr.type ~= "set" then
return errors.new({ code = 400, text = "'iq' stanza must be of type 'get' or 'set'" });
end
return module:send_iq(payload):next(
function (result)
response.headers.content_type = "application/xmpp+xml";
return tostring(result.stanza);
end,
function (error)
if error.context.stanza then
response.headers.content_type = "application/xmpp+xml";
return tostring(error.context.stanza);
else
return error;
end
end);
elseif payload.name == "message" or payload.name == "presence" then
if module:send(payload) then
return 202;
else
return 500;
end
else
return errors.new({ code = 400, text = "Invalid stanza, must be 'message', 'presence' or 'iq'." });
end
end
-- Handle stanzas submitted via HTTP
module:depends("http");
module:provides("http", {
route = {
POST = handle_post;
};
});
-- Forward stanzas from XMPP to HTTP and return any reply
local rest_url = module:get_option_string("rest_callback_url", nil);
if rest_url then
local function handle_stanza(event)
local stanza, origin = event.stanza, event.origin;
local reply_needed = stanza.name == "iq";
http.request(rest_url, {
body = tostring(stanza),
headers = {
["Content-Type"] = "application/xmpp+xml",
["Content-Language"] = stanza.attr["xml:lang"],
Accept = "application/xmpp+xml, text/plain",
},
}, function (body, code, response)
if (code == 202 or code == 204) and not reply_needed then
-- Delivered, no reply
return;
end
local reply, reply_text;
if response.headers["content-type"] == "application/xmpp+xml" then
local parsed, err = xml.parse(body);
if not parsed then
module:log("warn", "REST callback responded with invalid XML: %s, %q", err, body);
elseif parsed.name ~= stanza.name then
module:log("warn", "REST callback responded with the wrong stanza type, got %s but expected %s", parsed.name, stanza.name);
else
parsed.attr.to, parsed.attr.from = stanza.attr.from, stanza.attr.to;
if parsed.name == "iq" then
parsed.attr.id = stanza.attr.id;
end
reply = parsed;
end
elseif response.headers["content-type"] == "text/plain" then
reply = st.reply(stanza);
if body ~= "" then
reply_text = body;
end
elseif body ~= "" then -- ignore empty body
module:log("debug", "Callback returned response of unhandled type %q", response.headers["content-type"]);
end
if not reply then
local code_hundreds = code - (code % 100);
if code_hundreds == 200 then
reply = st.reply(stanza);
if stanza.name ~= "iq" then
reply.attr.id = id.medium();
end
if reply_text and reply.name == "message" then
reply:body(reply_text, { ["xml:lang"] = response.headers["content-language"] });
end
-- TODO presence/status=body ?
elseif code_hundreds == 400 then
reply = st.error_reply(stanza, "modify", "bad-request", reply_text);
elseif code_hundreds == 500 then
reply = st.error_reply(stanza, "cancel", "internal-server-error", reply_text);
else
reply = st.error_reply(stanza, "cancel", "undefined-condition", reply_text);
end
end
origin.send(reply);
end);
return true;
end
if module:get_host_type() == "component" then
module:hook("iq/bare", handle_stanza, -1);
module:hook("message/bare", handle_stanza, -1);
module:hook("presence/bare", handle_stanza, -1);
module:hook("iq/full", handle_stanza, -1);
module:hook("message/full", handle_stanza, -1);
module:hook("presence/full", handle_stanza, -1);
module:hook("iq/host", handle_stanza, -1);
module:hook("message/host", handle_stanza, -1);
module:hook("presence/host", handle_stanza, -1);
else
-- Don't override everything on normal VirtualHosts
module:hook("iq/host", handle_stanza, -1);
module:hook("message/host", handle_stanza, -1);
module:hook("presence/host", handle_stanza, -1);
end
end