# HG changeset patch
# User Kim Alvefur <zash@zash.se>
# Date 1371140449 -7200
# Node ID e879b53e9df889125882560eaf91e5258204d4dc
# Parent  06a49b23e5cd691babe4d41cf1398759129b1c22
util.sasl.external: Add SASL EXTERNAL mechanism

diff -r 06a49b23e5cd -r e879b53e9df8 util/sasl.lua
--- a/util/sasl.lua	Thu Jun 13 17:48:09 2013 +0200
+++ b/util/sasl.lua	Thu Jun 13 18:20:49 2013 +0200
@@ -92,5 +92,6 @@
 require "util.sasl.digest-md5".init(registerMechanism);
 require "util.sasl.anonymous" .init(registerMechanism);
 require "util.sasl.scram"     .init(registerMechanism);
+require "util.sasl.external"  .init(registerMechanism);
 
 return _M;
diff -r 06a49b23e5cd -r e879b53e9df8 util/sasl/external.lua
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/util/sasl/external.lua	Thu Jun 13 18:20:49 2013 +0200
@@ -0,0 +1,25 @@
+local saslprep = require "util.encodings".stringprep.saslprep;
+
+module "sasl.external"
+
+local function external(self, message)
+	message = saslprep(message);
+	local state
+	self.username, state = self.profile.external(message);
+
+	if state == false then
+		return "failure", "account-disabled";
+	elseif state == nil  then
+		return "failure", "not-authorized";
+	elseif state == "expired" then
+		return "false", "credentials-expired";
+	end
+
+	return "success";
+end
+
+function init(registerMechanism)
+	registerMechanism("EXTERNAL", {"external"}, external);
+end
+
+return _M;