| author | Waqas Hussain <waqas20@gmail.com> |
| Mon, 07 Jun 2010 04:23:08 +0500 | |
| changeset 3192 | 8ad50989d79e |
| child 3271 | 1b6c2984c1f4 |
| permissions | -rw-r--r-- |
|
3192
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
1 |
-- Prosody IM |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
2 |
-- Copyright (C) 2008-2010 Matthew Wild |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
3 |
-- Copyright (C) 2008-2010 Waqas Hussain |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
4 |
-- Copyright (C) 2010 Jeff Mitchell |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
5 |
-- |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
6 |
-- This project is MIT/X11 licensed. Please see the |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
7 |
-- COPYING file in the source package for more information. |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
8 |
-- |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
9 |
|
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
10 |
local log = require "util.logger".init("usermanager"); |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
11 |
local type = type; |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
12 |
local ipairs = ipairs; |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
13 |
local jid_bare = require "util.jid".bare; |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
14 |
local config = require "core.configmanager"; |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
15 |
|
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
16 |
local cyrus_service_realm = module:get_option("cyrus_service_realm"); |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
17 |
local cyrus_service_name = module:get_option("cyrus_service_name"); |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
18 |
local cyrus_application_name = module:get_option("cyrus_application_name"); |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
19 |
|
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
20 |
prosody.unlock_globals(); --FIXME: Figure out why this is needed and |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
21 |
-- why cyrussasl isn't caught by the sandbox |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
22 |
local cyrus_new = require "util.sasl_cyrus".new; |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
23 |
prosody.lock_globals(); |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
24 |
local new_sasl = function(realm) |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
25 |
return cyrus_new( |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
26 |
cyrus_service_realm or realm, |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
27 |
cyrus_service_name or "xmpp", |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
28 |
cyrus_application_name or "prosody" |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
29 |
); |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
30 |
end |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
31 |
|
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
32 |
function new_default_provider(host) |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
33 |
local provider = { name = "cyrus" }; |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
34 |
log("debug", "initializing default authentication provider for host '%s'", host); |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
35 |
|
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
36 |
function provider.test_password(username, password) |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
37 |
return nil, "Legacy auth not supported with Cyrus SASL."; |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
38 |
end |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
39 |
|
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
40 |
function provider.get_password(username) |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
41 |
return nil, "Passwords unavailable for Cyrus SASL."; |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
42 |
end |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
43 |
|
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
44 |
function provider.set_password(username, password) |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
45 |
return nil, "Passwords unavailable for Cyrus SASL."; |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
46 |
end |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
47 |
|
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
48 |
function provider.user_exists(username) |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
49 |
return true; |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
50 |
end |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
51 |
|
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
52 |
function provider.create_user(username, password) |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
53 |
return nil, "Account creation/modification not available with Cyrus SASL."; |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
54 |
end |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
55 |
|
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
56 |
function provider.get_sasl_handler() |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
57 |
local realm = module:get_option("sasl_realm") or module.host; |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
58 |
return new_sasl(realm); |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
59 |
end |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
60 |
|
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
61 |
function provider.is_admin(jid) |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
62 |
local admins = config.get(host, "core", "admins"); |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
63 |
if admins ~= config.get("*", "core", "admins") and type(admins) == "table" then |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
64 |
jid = jid_bare(jid); |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
65 |
for _,admin in ipairs(admins) do |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
66 |
if admin == jid then return true; end |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
67 |
end |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
68 |
elseif admins then |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
69 |
log("error", "Option 'admins' for host '%s' is not a table", host); |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
70 |
end |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
71 |
return is_admin(jid); -- Test whether it's a global admin instead |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
72 |
end |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
73 |
return provider; |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
74 |
end |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
75 |
|
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
76 |
module:add_item("auth-provider", new_default_provider(module.host)); |
|
8ad50989d79e
mod_auth_cyrus: Auth provider with support for Cyrus SASL.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
77 |