author | Kim Alvefur <zash@zash.se> |
Wed, 05 Mar 2014 17:40:44 +0100 | |
changeset 1328 | 446fcda4ec45 |
parent 404 | eb8b005d2a3d |
child 1343 | 7dbde05b48a9 |
permissions | -rw-r--r-- |
284
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
1 |
-- |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
2 |
-- mod_saslauth_muc |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
3 |
-- This module implements http://xmpp.org/extensions/inbox/remote-auth.html for Prosody's MUC component |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
4 |
-- |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
5 |
-- In your config: |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
6 |
-- Component "conference.example.com" "muc" |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
7 |
-- modules_enabled = { "saslauth_muc" }; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
8 |
-- |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
9 |
-- |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
10 |
|
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
11 |
local timeout = 60; -- SASL timeout in seconds |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
12 |
|
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
13 |
-- various imports |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
14 |
local new_sasl = require "util.sasl".new; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
15 |
local st = require "util.stanza"; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
16 |
local timer = require "util.timer"; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
17 |
|
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
18 |
local jid_bare = require "util.jid".bare; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
19 |
local jid_prep = require "util.jid".prep; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
20 |
local base64 = require "util.encodings".base64; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
21 |
|
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
22 |
local hosts = hosts; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
23 |
local module = module; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
24 |
local pairs, next = pairs, next; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
25 |
local os_time = os.time; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
26 |
|
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
27 |
-- SASL sessions management |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
28 |
local _rooms = {}; -- SASL data |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
29 |
local function get_handler_for(room, jid) return _rooms[room] and _rooms[room][jid]; end |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
30 |
local function remove_handler_for(room, jid) if _rooms[room] then _rooms[room][jid] = nil; end end |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
31 |
local function create_handler_for(room_jid, jid) |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
32 |
_rooms[room_jid] = _rooms[room_jid] or {}; |
305
4c3abf1a9b5a
mod_auth_*, mod_saslauth_muc: Update SASL callbacks to take SASL handler as first argument.
Waqas Hussain <waqas20@gmail.com>
parents:
287
diff
changeset
|
33 |
_rooms[room_jid][jid] = new_sasl(module.host, { plain = function(sasl, username, realm) |
284
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
34 |
local muc = hosts[module.host].modules.muc; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
35 |
local room = muc and muc.rooms[room_jid]; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
36 |
local password = room and room:get_password(); |
404
eb8b005d2a3d
mod_saslauth_muc: Report proper SASL error on auth failure.
Waqas Hussain <waqas20@gmail.com>
parents:
305
diff
changeset
|
37 |
local ret = password and true or nil; |
eb8b005d2a3d
mod_saslauth_muc: Report proper SASL error on auth failure.
Waqas Hussain <waqas20@gmail.com>
parents:
305
diff
changeset
|
38 |
return password or "", ret; |
284
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
39 |
end }); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
40 |
_rooms[room_jid][jid].timeout = os_time() + timeout; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
41 |
return _rooms[room_jid][jid]; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
42 |
end |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
43 |
|
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
44 |
-- Timer to clear SASL sessions |
287
6144fe6161f1
mod_saslauth_muc: Improved timer handling.
Waqas Hussain <waqas20@gmail.com>
parents:
284
diff
changeset
|
45 |
timer.add_task(timeout, function(now) |
284
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
46 |
for room, handlers in pairs(_rooms) do |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
47 |
for jid, handler in pairs(handlers) do |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
48 |
if handler.timeout <= now then handlers[jid] = nil; end |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
49 |
end |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
50 |
if next(handlers) == nil then _rooms[room] = nil; end |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
51 |
end |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
52 |
return timeout; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
53 |
end); |
287
6144fe6161f1
mod_saslauth_muc: Improved timer handling.
Waqas Hussain <waqas20@gmail.com>
parents:
284
diff
changeset
|
54 |
function module.unload() |
6144fe6161f1
mod_saslauth_muc: Improved timer handling.
Waqas Hussain <waqas20@gmail.com>
parents:
284
diff
changeset
|
55 |
timeout = nil; -- stop timer on unload |
6144fe6161f1
mod_saslauth_muc: Improved timer handling.
Waqas Hussain <waqas20@gmail.com>
parents:
284
diff
changeset
|
56 |
end |
284
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
57 |
|
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
58 |
-- Stanza handlers |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
59 |
module:hook("presence/full", function(event) |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
60 |
local origin, stanza = event.origin, event.stanza; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
61 |
|
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
62 |
if not stanza.attr.type then -- available presence |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
63 |
local room_jid = jid_bare(stanza.attr.to); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
64 |
local room = hosts[module.host].modules.muc.rooms[room_jid]; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
65 |
|
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
66 |
if room and not room:get_role(stanza.attr.from) then -- this is a room join |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
67 |
if room:get_password() then -- room has a password |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
68 |
local x = stanza:get_child("x", "http://jabber.org/protocol/muc"); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
69 |
local password = x and x:get_child("password"); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
70 |
if not password then -- no password sent |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
71 |
local sasl_handler = get_handler_for(jid_bare(stanza.attr.to), stanza.attr.from); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
72 |
if x and sasl_handler and sasl_handler.authorized then -- if already passed SASL |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
73 |
x:reset():tag("password", { xmlns = "http://jabber.org/protocol/muc" }):text(room:get_password()); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
74 |
else |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
75 |
origin.send(st.error_reply(stanza, "auth", "not-authorized") |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
76 |
:tag("sasl-required", { xmlns = "urn:xmpp:errors" })); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
77 |
return true; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
78 |
end |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
79 |
end |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
80 |
end |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
81 |
end |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
82 |
end |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
83 |
end, 10); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
84 |
|
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
85 |
module:hook("iq-get/bare/urn:ietf:params:xml:ns:xmpp-sasl:mechanisms", function(event) |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
86 |
local origin, stanza = event.origin, event.stanza; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
87 |
|
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
88 |
local reply = st.reply(stanza):tag("mechanisms", { xmlns='urn:ietf:params:xml:ns:xmpp-sasl' }); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
89 |
for mechanism in pairs(create_handler_for(stanza.attr.to, true):mechanisms()) do |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
90 |
reply:tag("mechanism"):text(mechanism):up(); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
91 |
end |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
92 |
origin.send(reply:up()); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
93 |
return true; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
94 |
end); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
95 |
|
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
96 |
local function build_reply(stanza, status, ret, err_msg) |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
97 |
local reply = st.stanza(status, {xmlns = "urn:ietf:params:xml:ns:xmpp-sasl"}); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
98 |
if status == "challenge" then |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
99 |
reply:text(base64.encode(ret or "")); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
100 |
elseif status == "failure" then |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
101 |
reply:tag(ret):up(); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
102 |
if err_msg then reply:tag("text"):text(err_msg); end |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
103 |
elseif status == "success" then |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
104 |
reply:text(base64.encode(ret or "")); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
105 |
else |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
106 |
module:log("error", "Unknown sasl status: %s", status); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
107 |
end |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
108 |
return st.reply(stanza):add_child(reply); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
109 |
end |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
110 |
local function handle_status(stanza, status) |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
111 |
if status == "failure" then |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
112 |
remove_handler_for(stanza.attr.to, stanza.attr.from); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
113 |
elseif status == "success" then |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
114 |
get_handler_for(stanza.attr.to, stanza.attr.from).authorized = true; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
115 |
end |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
116 |
end |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
117 |
local function sasl_process_cdata(session, stanza) |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
118 |
local text = stanza.tags[1][1]; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
119 |
if text then |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
120 |
text = base64.decode(text); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
121 |
if not text then |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
122 |
remove_handler_for(stanza.attr.to, stanza.attr.from); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
123 |
session.send(build_reply(stanza, "failure", "incorrect-encoding")); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
124 |
return true; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
125 |
end |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
126 |
end |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
127 |
local status, ret, err_msg = get_handler_for(stanza.attr.to, stanza.attr.from):process(text); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
128 |
handle_status(stanza, status); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
129 |
local s = build_reply(stanza, status, ret, err_msg); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
130 |
session.send(s); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
131 |
return true; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
132 |
end |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
133 |
|
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
134 |
module:hook("iq-set/bare/urn:ietf:params:xml:ns:xmpp-sasl:auth", function(event) |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
135 |
local session, stanza = event.origin, event.stanza; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
136 |
|
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
137 |
if not create_handler_for(stanza.attr.to, stanza.attr.from):select(stanza.tags[1].attr.mechanism) then |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
138 |
remove_handler_for(stanza.attr.to, stanza.attr.from); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
139 |
session.send(build_reply(stanza, "failure", "invalid-mechanism")); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
140 |
return true; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
141 |
end |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
142 |
return sasl_process_cdata(session, stanza); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
143 |
end); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
144 |
module:hook("iq-set/bare/urn:ietf:params:xml:ns:xmpp-sasl:response", function(event) |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
145 |
local session, stanza = event.origin, event.stanza; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
146 |
if not get_handler_for(stanza.attr.to, stanza.attr.from) then |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
147 |
session.send(build_reply(stanza, "failure", "not-authorized", "Out of order SASL element")); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
148 |
return true; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
149 |
end |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
150 |
return sasl_process_cdata(session, event.stanza); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
151 |
end); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
152 |
module:hook("iq-set/bare/urn:ietf:params:xml:ns:xmpp-sasl:abort", function(event) |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
153 |
local session, stanza = event.origin, event.stanza; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
154 |
remove_handler_for(stanza.attr.to, stanza.attr.from); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
155 |
session.send(build_reply(stanza, "failure", "aborted")); |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
156 |
return true; |
3b96bba9f7e5
mod_saslauth_muc: Initial commit. Implements SASL auth for MUC rooms <http://xmpp.org/extensions/inbox/remote-auth.html>.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
157 |
end); |