mod_auth_external/mod_auth_external.lua
author Matthew Wild <mwild1@gmail.com>
Wed, 14 Aug 2013 02:27:04 +0100
changeset 1160 05685fd07395
parent 1159 c56a1d449cad
child 1161 b9e4d935867c
permissions -rw-r--r--
mod_auth_external: Re-organise initialization a bit (superficial)
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
158
1a5d5d4f08fe Add "generic" script support to mod_extauth, as well as lpc support until waqas fixes process
Jeff Mitchell <jeff@jefferai.org>
parents: 152
diff changeset
     1
--
1a5d5d4f08fe Add "generic" script support to mod_extauth, as well as lpc support until waqas fixes process
Jeff Mitchell <jeff@jefferai.org>
parents: 152
diff changeset
     2
-- Prosody IM
1a5d5d4f08fe Add "generic" script support to mod_extauth, as well as lpc support until waqas fixes process
Jeff Mitchell <jeff@jefferai.org>
parents: 152
diff changeset
     3
-- Copyright (C) 2010 Waqas Hussain
1a5d5d4f08fe Add "generic" script support to mod_extauth, as well as lpc support until waqas fixes process
Jeff Mitchell <jeff@jefferai.org>
parents: 152
diff changeset
     4
-- Copyright (C) 2010 Jeff Mitchell
1086
50ee38e95e75 Don't store password in temporary file, pipe instead
Mikael Nordfeldth <mmn@hethane.se>
parents: 902
diff changeset
     5
-- Copyright (C) 2013 Mikael Nordfeldth
1154
61f95bf51b35 mod_auth_external: Switch to lpty, remove file-based fallback, improve error messages and handling. Should greatly increase compatibility with scripts.
Matthew Wild <mwild1@gmail.com>
parents: 1086
diff changeset
     6
-- Copyright (C) 2013 Matthew Wild, finally came to fix it all
158
1a5d5d4f08fe Add "generic" script support to mod_extauth, as well as lpc support until waqas fixes process
Jeff Mitchell <jeff@jefferai.org>
parents: 152
diff changeset
     7
--
1a5d5d4f08fe Add "generic" script support to mod_extauth, as well as lpc support until waqas fixes process
Jeff Mitchell <jeff@jefferai.org>
parents: 152
diff changeset
     8
-- This project is MIT/X11 licensed. Please see the
1a5d5d4f08fe Add "generic" script support to mod_extauth, as well as lpc support until waqas fixes process
Jeff Mitchell <jeff@jefferai.org>
parents: 152
diff changeset
     9
-- COPYING file in the source package for more information.
1a5d5d4f08fe Add "generic" script support to mod_extauth, as well as lpc support until waqas fixes process
Jeff Mitchell <jeff@jefferai.org>
parents: 152
diff changeset
    10
--
152
4ca382e8a4c5 mod_extauth: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
    11
1154
61f95bf51b35 mod_auth_external: Switch to lpty, remove file-based fallback, improve error messages and handling. Should greatly increase compatibility with scripts.
Matthew Wild <mwild1@gmail.com>
parents: 1086
diff changeset
    12
local lpty = assert(require "lpty", "mod_auth_external requires lpty: https://code.google.com/p/prosody-modules/wiki/mod_auth_external#Installation");
1160
05685fd07395 mod_auth_external: Re-organise initialization a bit (superficial)
Matthew Wild <mwild1@gmail.com>
parents: 1159
diff changeset
    13
local usermanager = require "core.usermanager";
05685fd07395 mod_auth_external: Re-organise initialization a bit (superficial)
Matthew Wild <mwild1@gmail.com>
parents: 1159
diff changeset
    14
local new_sasl = require "util.sasl".new;
05685fd07395 mod_auth_external: Re-organise initialization a bit (superficial)
Matthew Wild <mwild1@gmail.com>
parents: 1159
diff changeset
    15
local server = require "net.server";
05685fd07395 mod_auth_external: Re-organise initialization a bit (superficial)
Matthew Wild <mwild1@gmail.com>
parents: 1159
diff changeset
    16
local have_async, async = pcall(require, "util.async");
152
4ca382e8a4c5 mod_extauth: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
    17
168
cd8492748985 mod_auth_external: Renamed from mod_extauth. Update logging and options (external_auth_protocol, external_auth_command)
Matthew Wild <mwild1@gmail.com>
parents: 166
diff changeset
    18
local log = module._log;
158
1a5d5d4f08fe Add "generic" script support to mod_extauth, as well as lpc support until waqas fixes process
Jeff Mitchell <jeff@jefferai.org>
parents: 152
diff changeset
    19
local host = module.host;
1160
05685fd07395 mod_auth_external: Re-organise initialization a bit (superficial)
Matthew Wild <mwild1@gmail.com>
parents: 1159
diff changeset
    20
1154
61f95bf51b35 mod_auth_external: Switch to lpty, remove file-based fallback, improve error messages and handling. Should greatly increase compatibility with scripts.
Matthew Wild <mwild1@gmail.com>
parents: 1086
diff changeset
    21
local script_type = module:get_option_string("external_auth_protocol", "generic");
61f95bf51b35 mod_auth_external: Switch to lpty, remove file-based fallback, improve error messages and handling. Should greatly increase compatibility with scripts.
Matthew Wild <mwild1@gmail.com>
parents: 1086
diff changeset
    22
assert(script_type == "ejabberd" or script_type == "generic", "Config error: external_auth_protocol must be 'ejabberd' or 'generic'");
61f95bf51b35 mod_auth_external: Switch to lpty, remove file-based fallback, improve error messages and handling. Should greatly increase compatibility with scripts.
Matthew Wild <mwild1@gmail.com>
parents: 1086
diff changeset
    23
local command = module:get_option_string("external_auth_command", "");
61f95bf51b35 mod_auth_external: Switch to lpty, remove file-based fallback, improve error messages and handling. Should greatly increase compatibility with scripts.
Matthew Wild <mwild1@gmail.com>
parents: 1086
diff changeset
    24
local read_timeout = module:get_option_number("external_auth_timeout", 5);
61f95bf51b35 mod_auth_external: Switch to lpty, remove file-based fallback, improve error messages and handling. Should greatly increase compatibility with scripts.
Matthew Wild <mwild1@gmail.com>
parents: 1086
diff changeset
    25
assert(not host:find(":"), "Invalid hostname");
152
4ca382e8a4c5 mod_extauth: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
    26
1159
c56a1d449cad mod_auth_external: Add non-blocking mode (requires trunk, libevent and lpty 1.0.1). Our first complete non-blocking auth module!
Matthew Wild <mwild1@gmail.com>
parents: 1158
diff changeset
    27
local blocking = module:get_option_boolean("external_auth_blocking", not(have_async and server.event and lpty.getfd));
c56a1d449cad mod_auth_external: Add non-blocking mode (requires trunk, libevent and lpty 1.0.1). Our first complete non-blocking auth module!
Matthew Wild <mwild1@gmail.com>
parents: 1158
diff changeset
    28
c56a1d449cad mod_auth_external: Add non-blocking mode (requires trunk, libevent and lpty 1.0.1). Our first complete non-blocking auth module!
Matthew Wild <mwild1@gmail.com>
parents: 1158
diff changeset
    29
if not blocking then
c56a1d449cad mod_auth_external: Add non-blocking mode (requires trunk, libevent and lpty 1.0.1). Our first complete non-blocking auth module!
Matthew Wild <mwild1@gmail.com>
parents: 1158
diff changeset
    30
	log("debug", "External auth in non-blocking mode, yay!")
c56a1d449cad mod_auth_external: Add non-blocking mode (requires trunk, libevent and lpty 1.0.1). Our first complete non-blocking auth module!
Matthew Wild <mwild1@gmail.com>
parents: 1158
diff changeset
    31
	waiter, guard = async.waiter, async.guarder();
c56a1d449cad mod_auth_external: Add non-blocking mode (requires trunk, libevent and lpty 1.0.1). Our first complete non-blocking auth module!
Matthew Wild <mwild1@gmail.com>
parents: 1158
diff changeset
    32
end
c56a1d449cad mod_auth_external: Add non-blocking mode (requires trunk, libevent and lpty 1.0.1). Our first complete non-blocking auth module!
Matthew Wild <mwild1@gmail.com>
parents: 1158
diff changeset
    33
c56a1d449cad mod_auth_external: Add non-blocking mode (requires trunk, libevent and lpty 1.0.1). Our first complete non-blocking auth module!
Matthew Wild <mwild1@gmail.com>
parents: 1158
diff changeset
    34
local ptys = { lpty.new({ throw_errors = false, no_local_echo = true, use_path = false }) };
846
5ddc43ce8993 mod_auth_external: Work even when the LuaProcessCall library isn't available.
Waqas Hussain <waqas20@gmail.com>
parents: 816
diff changeset
    35
1154
61f95bf51b35 mod_auth_external: Switch to lpty, remove file-based fallback, improve error messages and handling. Should greatly increase compatibility with scripts.
Matthew Wild <mwild1@gmail.com>
parents: 1086
diff changeset
    36
function send_query(text)
1159
c56a1d449cad mod_auth_external: Add non-blocking mode (requires trunk, libevent and lpty 1.0.1). Our first complete non-blocking auth module!
Matthew Wild <mwild1@gmail.com>
parents: 1158
diff changeset
    37
	local pty = ptys[1];
c56a1d449cad mod_auth_external: Add non-blocking mode (requires trunk, libevent and lpty 1.0.1). Our first complete non-blocking auth module!
Matthew Wild <mwild1@gmail.com>
parents: 1158
diff changeset
    38
c56a1d449cad mod_auth_external: Add non-blocking mode (requires trunk, libevent and lpty 1.0.1). Our first complete non-blocking auth module!
Matthew Wild <mwild1@gmail.com>
parents: 1158
diff changeset
    39
	local finished_with_pty
c56a1d449cad mod_auth_external: Add non-blocking mode (requires trunk, libevent and lpty 1.0.1). Our first complete non-blocking auth module!
Matthew Wild <mwild1@gmail.com>
parents: 1158
diff changeset
    40
	if not blocking then
c56a1d449cad mod_auth_external: Add non-blocking mode (requires trunk, libevent and lpty 1.0.1). Our first complete non-blocking auth module!
Matthew Wild <mwild1@gmail.com>
parents: 1158
diff changeset
    41
		finished_with_pty = guard(pty); -- Prevent others from crossing this line while we're busy
c56a1d449cad mod_auth_external: Add non-blocking mode (requires trunk, libevent and lpty 1.0.1). Our first complete non-blocking auth module!
Matthew Wild <mwild1@gmail.com>
parents: 1158
diff changeset
    42
	end
1154
61f95bf51b35 mod_auth_external: Switch to lpty, remove file-based fallback, improve error messages and handling. Should greatly increase compatibility with scripts.
Matthew Wild <mwild1@gmail.com>
parents: 1086
diff changeset
    43
	if not pty:hasproc() then
61f95bf51b35 mod_auth_external: Switch to lpty, remove file-based fallback, improve error messages and handling. Should greatly increase compatibility with scripts.
Matthew Wild <mwild1@gmail.com>
parents: 1086
diff changeset
    44
		local status, ret = pty:exitstatus();
61f95bf51b35 mod_auth_external: Switch to lpty, remove file-based fallback, improve error messages and handling. Should greatly increase compatibility with scripts.
Matthew Wild <mwild1@gmail.com>
parents: 1086
diff changeset
    45
		if status and (status ~= "exit" or ret ~= 0) then
61f95bf51b35 mod_auth_external: Switch to lpty, remove file-based fallback, improve error messages and handling. Should greatly increase compatibility with scripts.
Matthew Wild <mwild1@gmail.com>
parents: 1086
diff changeset
    46
			log("warn", "Auth process exited unexpectedly with %s %d, restarting", status, ret or 0);
846
5ddc43ce8993 mod_auth_external: Work even when the LuaProcessCall library isn't available.
Waqas Hussain <waqas20@gmail.com>
parents: 816
diff changeset
    47
			return nil;
5ddc43ce8993 mod_auth_external: Work even when the LuaProcessCall library isn't available.
Waqas Hussain <waqas20@gmail.com>
parents: 816
diff changeset
    48
		end
1154
61f95bf51b35 mod_auth_external: Switch to lpty, remove file-based fallback, improve error messages and handling. Should greatly increase compatibility with scripts.
Matthew Wild <mwild1@gmail.com>
parents: 1086
diff changeset
    49
		local ok, err = pty:startproc(command);
61f95bf51b35 mod_auth_external: Switch to lpty, remove file-based fallback, improve error messages and handling. Should greatly increase compatibility with scripts.
Matthew Wild <mwild1@gmail.com>
parents: 1086
diff changeset
    50
		if not ok then
61f95bf51b35 mod_auth_external: Switch to lpty, remove file-based fallback, improve error messages and handling. Should greatly increase compatibility with scripts.
Matthew Wild <mwild1@gmail.com>
parents: 1086
diff changeset
    51
			log("error", "Failed to start auth process '%s': %s", command, err);
61f95bf51b35 mod_auth_external: Switch to lpty, remove file-based fallback, improve error messages and handling. Should greatly increase compatibility with scripts.
Matthew Wild <mwild1@gmail.com>
parents: 1086
diff changeset
    52
			return nil;
61f95bf51b35 mod_auth_external: Switch to lpty, remove file-based fallback, improve error messages and handling. Should greatly increase compatibility with scripts.
Matthew Wild <mwild1@gmail.com>
parents: 1086
diff changeset
    53
		end
61f95bf51b35 mod_auth_external: Switch to lpty, remove file-based fallback, improve error messages and handling. Should greatly increase compatibility with scripts.
Matthew Wild <mwild1@gmail.com>
parents: 1086
diff changeset
    54
		log("debug", "Started auth process");
61f95bf51b35 mod_auth_external: Switch to lpty, remove file-based fallback, improve error messages and handling. Should greatly increase compatibility with scripts.
Matthew Wild <mwild1@gmail.com>
parents: 1086
diff changeset
    55
	end
846
5ddc43ce8993 mod_auth_external: Work even when the LuaProcessCall library isn't available.
Waqas Hussain <waqas20@gmail.com>
parents: 816
diff changeset
    56
1154
61f95bf51b35 mod_auth_external: Switch to lpty, remove file-based fallback, improve error messages and handling. Should greatly increase compatibility with scripts.
Matthew Wild <mwild1@gmail.com>
parents: 1086
diff changeset
    57
	pty:send(text);
1159
c56a1d449cad mod_auth_external: Add non-blocking mode (requires trunk, libevent and lpty 1.0.1). Our first complete non-blocking auth module!
Matthew Wild <mwild1@gmail.com>
parents: 1158
diff changeset
    58
	if blocking then
c56a1d449cad mod_auth_external: Add non-blocking mode (requires trunk, libevent and lpty 1.0.1). Our first complete non-blocking auth module!
Matthew Wild <mwild1@gmail.com>
parents: 1158
diff changeset
    59
		return pty:read(read_timeout);
c56a1d449cad mod_auth_external: Add non-blocking mode (requires trunk, libevent and lpty 1.0.1). Our first complete non-blocking auth module!
Matthew Wild <mwild1@gmail.com>
parents: 1158
diff changeset
    60
	else
c56a1d449cad mod_auth_external: Add non-blocking mode (requires trunk, libevent and lpty 1.0.1). Our first complete non-blocking auth module!
Matthew Wild <mwild1@gmail.com>
parents: 1158
diff changeset
    61
		local response;
c56a1d449cad mod_auth_external: Add non-blocking mode (requires trunk, libevent and lpty 1.0.1). Our first complete non-blocking auth module!
Matthew Wild <mwild1@gmail.com>
parents: 1158
diff changeset
    62
		local wait, done = waiter();
c56a1d449cad mod_auth_external: Add non-blocking mode (requires trunk, libevent and lpty 1.0.1). Our first complete non-blocking auth module!
Matthew Wild <mwild1@gmail.com>
parents: 1158
diff changeset
    63
		server.addevent(pty:getfd(), server.event.EV_READ, function ()
c56a1d449cad mod_auth_external: Add non-blocking mode (requires trunk, libevent and lpty 1.0.1). Our first complete non-blocking auth module!
Matthew Wild <mwild1@gmail.com>
parents: 1158
diff changeset
    64
			response = pty:read();
c56a1d449cad mod_auth_external: Add non-blocking mode (requires trunk, libevent and lpty 1.0.1). Our first complete non-blocking auth module!
Matthew Wild <mwild1@gmail.com>
parents: 1158
diff changeset
    65
			done();
c56a1d449cad mod_auth_external: Add non-blocking mode (requires trunk, libevent and lpty 1.0.1). Our first complete non-blocking auth module!
Matthew Wild <mwild1@gmail.com>
parents: 1158
diff changeset
    66
			return -1;
c56a1d449cad mod_auth_external: Add non-blocking mode (requires trunk, libevent and lpty 1.0.1). Our first complete non-blocking auth module!
Matthew Wild <mwild1@gmail.com>
parents: 1158
diff changeset
    67
		end);
c56a1d449cad mod_auth_external: Add non-blocking mode (requires trunk, libevent and lpty 1.0.1). Our first complete non-blocking auth module!
Matthew Wild <mwild1@gmail.com>
parents: 1158
diff changeset
    68
		wait();
c56a1d449cad mod_auth_external: Add non-blocking mode (requires trunk, libevent and lpty 1.0.1). Our first complete non-blocking auth module!
Matthew Wild <mwild1@gmail.com>
parents: 1158
diff changeset
    69
		finished_with_pty();
c56a1d449cad mod_auth_external: Add non-blocking mode (requires trunk, libevent and lpty 1.0.1). Our first complete non-blocking auth module!
Matthew Wild <mwild1@gmail.com>
parents: 1158
diff changeset
    70
		return response;
c56a1d449cad mod_auth_external: Add non-blocking mode (requires trunk, libevent and lpty 1.0.1). Our first complete non-blocking auth module!
Matthew Wild <mwild1@gmail.com>
parents: 1158
diff changeset
    71
	end
152
4ca382e8a4c5 mod_extauth: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
    72
end
4ca382e8a4c5 mod_extauth: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
    73
4ca382e8a4c5 mod_extauth: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
    74
function do_query(kind, username, password)
4ca382e8a4c5 mod_extauth: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
    75
	if not username then return nil, "not-acceptable"; end
4ca382e8a4c5 mod_extauth: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
    76
	
4ca382e8a4c5 mod_extauth: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
    77
	local query = (password and "%s:%s:%s:%s" or "%s:%s:%s"):format(kind, username, host, password);
4ca382e8a4c5 mod_extauth: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
    78
	local len = #query
4ca382e8a4c5 mod_extauth: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
    79
	if len > 1000 then return nil, "policy-violation"; end
4ca382e8a4c5 mod_extauth: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
    80
	
158
1a5d5d4f08fe Add "generic" script support to mod_extauth, as well as lpc support until waqas fixes process
Jeff Mitchell <jeff@jefferai.org>
parents: 152
diff changeset
    81
	if script_type == "ejabberd" then
1a5d5d4f08fe Add "generic" script support to mod_extauth, as well as lpc support until waqas fixes process
Jeff Mitchell <jeff@jefferai.org>
parents: 152
diff changeset
    82
		local lo = len % 256;
1a5d5d4f08fe Add "generic" script support to mod_extauth, as well as lpc support until waqas fixes process
Jeff Mitchell <jeff@jefferai.org>
parents: 152
diff changeset
    83
		local hi = (len - lo) / 256;
1a5d5d4f08fe Add "generic" script support to mod_extauth, as well as lpc support until waqas fixes process
Jeff Mitchell <jeff@jefferai.org>
parents: 152
diff changeset
    84
		query = string.char(hi, lo)..query;
1a5d5d4f08fe Add "generic" script support to mod_extauth, as well as lpc support until waqas fixes process
Jeff Mitchell <jeff@jefferai.org>
parents: 152
diff changeset
    85
	end
1a5d5d4f08fe Add "generic" script support to mod_extauth, as well as lpc support until waqas fixes process
Jeff Mitchell <jeff@jefferai.org>
parents: 152
diff changeset
    86
	if script_type == "generic" then
1a5d5d4f08fe Add "generic" script support to mod_extauth, as well as lpc support until waqas fixes process
Jeff Mitchell <jeff@jefferai.org>
parents: 152
diff changeset
    87
		query = query..'\n';
1a5d5d4f08fe Add "generic" script support to mod_extauth, as well as lpc support until waqas fixes process
Jeff Mitchell <jeff@jefferai.org>
parents: 152
diff changeset
    88
	end
152
4ca382e8a4c5 mod_extauth: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
    89
	
1158
ae1767b54964 mod_auth_external: Fix logging of errors
Matthew Wild <mwild1@gmail.com>
parents: 1157
diff changeset
    90
	local response, err = send_query(query);
ae1767b54964 mod_auth_external: Fix logging of errors
Matthew Wild <mwild1@gmail.com>
parents: 1157
diff changeset
    91
	if not response then
ae1767b54964 mod_auth_external: Fix logging of errors
Matthew Wild <mwild1@gmail.com>
parents: 1157
diff changeset
    92
		log("warn", "Error while waiting for result from auth process: %s", err or "unknown error");
ae1767b54964 mod_auth_external: Fix logging of errors
Matthew Wild <mwild1@gmail.com>
parents: 1157
diff changeset
    93
	elseif (script_type == "ejabberd" and response == "\0\2\0\0") or
1154
61f95bf51b35 mod_auth_external: Switch to lpty, remove file-based fallback, improve error messages and handling. Should greatly increase compatibility with scripts.
Matthew Wild <mwild1@gmail.com>
parents: 1086
diff changeset
    94
		(script_type == "generic" and response:gsub("\r?\n$", "") == "0") then
158
1a5d5d4f08fe Add "generic" script support to mod_extauth, as well as lpc support until waqas fixes process
Jeff Mitchell <jeff@jefferai.org>
parents: 152
diff changeset
    95
			return nil, "not-authorized";
1a5d5d4f08fe Add "generic" script support to mod_extauth, as well as lpc support until waqas fixes process
Jeff Mitchell <jeff@jefferai.org>
parents: 152
diff changeset
    96
	elseif (script_type == "ejabberd" and response == "\0\2\0\1") or
1154
61f95bf51b35 mod_auth_external: Switch to lpty, remove file-based fallback, improve error messages and handling. Should greatly increase compatibility with scripts.
Matthew Wild <mwild1@gmail.com>
parents: 1086
diff changeset
    97
		(script_type == "generic" and response:gsub("\r?\n$", "") == "1") then
158
1a5d5d4f08fe Add "generic" script support to mod_extauth, as well as lpc support until waqas fixes process
Jeff Mitchell <jeff@jefferai.org>
parents: 152
diff changeset
    98
			return true;
152
4ca382e8a4c5 mod_extauth: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
    99
	else
1158
ae1767b54964 mod_auth_external: Fix logging of errors
Matthew Wild <mwild1@gmail.com>
parents: 1157
diff changeset
   100
		log("warn", "Unable to interpret data from auth process, %s", (response:match("^error:") and response) or ("["..#response.." bytes]"));
152
4ca382e8a4c5 mod_extauth: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
   101
		return nil, "internal-server-error";
4ca382e8a4c5 mod_extauth: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
   102
	end
4ca382e8a4c5 mod_extauth: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
   103
end
4ca382e8a4c5 mod_extauth: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
   104
816
960007b0901e mod_auth_external, mod_auth_internal_yubikey: Get rid of useless wrapper function around the auth provider.
Waqas Hussain <waqas20@gmail.com>
parents: 814
diff changeset
   105
local host = module.host;
960007b0901e mod_auth_external, mod_auth_internal_yubikey: Get rid of useless wrapper function around the auth provider.
Waqas Hussain <waqas20@gmail.com>
parents: 814
diff changeset
   106
local provider = {};
152
4ca382e8a4c5 mod_extauth: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
   107
816
960007b0901e mod_auth_external, mod_auth_internal_yubikey: Get rid of useless wrapper function around the auth provider.
Waqas Hussain <waqas20@gmail.com>
parents: 814
diff changeset
   108
function provider.test_password(username, password)
960007b0901e mod_auth_external, mod_auth_internal_yubikey: Get rid of useless wrapper function around the auth provider.
Waqas Hussain <waqas20@gmail.com>
parents: 814
diff changeset
   109
	return do_query("auth", username, password);
960007b0901e mod_auth_external, mod_auth_internal_yubikey: Get rid of useless wrapper function around the auth provider.
Waqas Hussain <waqas20@gmail.com>
parents: 814
diff changeset
   110
end
152
4ca382e8a4c5 mod_extauth: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
   111
816
960007b0901e mod_auth_external, mod_auth_internal_yubikey: Get rid of useless wrapper function around the auth provider.
Waqas Hussain <waqas20@gmail.com>
parents: 814
diff changeset
   112
function provider.set_password(username, password)
960007b0901e mod_auth_external, mod_auth_internal_yubikey: Get rid of useless wrapper function around the auth provider.
Waqas Hussain <waqas20@gmail.com>
parents: 814
diff changeset
   113
	return do_query("setpass", username, password);
960007b0901e mod_auth_external, mod_auth_internal_yubikey: Get rid of useless wrapper function around the auth provider.
Waqas Hussain <waqas20@gmail.com>
parents: 814
diff changeset
   114
end
152
4ca382e8a4c5 mod_extauth: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
   115
816
960007b0901e mod_auth_external, mod_auth_internal_yubikey: Get rid of useless wrapper function around the auth provider.
Waqas Hussain <waqas20@gmail.com>
parents: 814
diff changeset
   116
function provider.user_exists(username)
960007b0901e mod_auth_external, mod_auth_internal_yubikey: Get rid of useless wrapper function around the auth provider.
Waqas Hussain <waqas20@gmail.com>
parents: 814
diff changeset
   117
	return do_query("isuser", username);
152
4ca382e8a4c5 mod_extauth: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
   118
end
4ca382e8a4c5 mod_extauth: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff changeset
   119
816
960007b0901e mod_auth_external, mod_auth_internal_yubikey: Get rid of useless wrapper function around the auth provider.
Waqas Hussain <waqas20@gmail.com>
parents: 814
diff changeset
   120
function provider.create_user(username, password) return nil, "Account creation/modification not available."; end
960007b0901e mod_auth_external, mod_auth_internal_yubikey: Get rid of useless wrapper function around the auth provider.
Waqas Hussain <waqas20@gmail.com>
parents: 814
diff changeset
   121
960007b0901e mod_auth_external, mod_auth_internal_yubikey: Get rid of useless wrapper function around the auth provider.
Waqas Hussain <waqas20@gmail.com>
parents: 814
diff changeset
   122
function provider.get_sasl_handler()
960007b0901e mod_auth_external, mod_auth_internal_yubikey: Get rid of useless wrapper function around the auth provider.
Waqas Hussain <waqas20@gmail.com>
parents: 814
diff changeset
   123
	local testpass_authentication_profile = {
960007b0901e mod_auth_external, mod_auth_internal_yubikey: Get rid of useless wrapper function around the auth provider.
Waqas Hussain <waqas20@gmail.com>
parents: 814
diff changeset
   124
		plain_test = function(sasl, username, password, realm)
902
490cb9161c81 mod_auth_{external,internal_yubikey,ldap,ldap2,sql}: No need to nodeprep in SASL handler.
Waqas Hussain <waqas20@gmail.com>
parents: 846
diff changeset
   125
			return usermanager.test_password(username, realm, password), true;
816
960007b0901e mod_auth_external, mod_auth_internal_yubikey: Get rid of useless wrapper function around the auth provider.
Waqas Hussain <waqas20@gmail.com>
parents: 814
diff changeset
   126
		end,
960007b0901e mod_auth_external, mod_auth_internal_yubikey: Get rid of useless wrapper function around the auth provider.
Waqas Hussain <waqas20@gmail.com>
parents: 814
diff changeset
   127
	};
960007b0901e mod_auth_external, mod_auth_internal_yubikey: Get rid of useless wrapper function around the auth provider.
Waqas Hussain <waqas20@gmail.com>
parents: 814
diff changeset
   128
	return new_sasl(host, testpass_authentication_profile);
960007b0901e mod_auth_external, mod_auth_internal_yubikey: Get rid of useless wrapper function around the auth provider.
Waqas Hussain <waqas20@gmail.com>
parents: 814
diff changeset
   129
end
960007b0901e mod_auth_external, mod_auth_internal_yubikey: Get rid of useless wrapper function around the auth provider.
Waqas Hussain <waqas20@gmail.com>
parents: 814
diff changeset
   130
960007b0901e mod_auth_external, mod_auth_internal_yubikey: Get rid of useless wrapper function around the auth provider.
Waqas Hussain <waqas20@gmail.com>
parents: 814
diff changeset
   131
module:provides("auth", provider);