author | Kim Alvefur <zash@zash.se> |
Fri, 04 Sep 2015 00:23:46 +0200 | |
changeset 1831 | 9376e870f0e1 |
parent 1753 | 39a0a35f02bc |
child 1931 | 439711709d29 |
permissions | -rw-r--r-- |
1421
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 |
-- Prosody IM |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 |
-- Copyright (C) 2008-2013 Matthew Wild |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 |
-- Copyright (C) 2008-2013 Waqas Hussain |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 |
-- Copyright (C) 2014 Kim Alvefur |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 |
-- |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 |
-- This project is MIT/X11 licensed. Please see the |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 |
-- COPYING file in the source package for more information. |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
8 |
-- |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
9 |
|
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
10 |
local new_sasl = require "util.sasl".new; |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
11 |
local base64 = require "util.encodings".base64.encode; |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
12 |
local waiter =require "util.async".waiter; |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
13 |
local http = require "net.http"; |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
14 |
|
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
15 |
local log = module._log; |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
16 |
local host = module.host; |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
17 |
|
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
18 |
local api_base = module:get_option_string("http_auth_url", ""):gsub("$host", host); |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
19 |
if api_base == "" then error("http_auth_url required") end |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
20 |
|
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
21 |
local provider = {}; |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
22 |
|
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
23 |
function provider.test_password(username, password) |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
24 |
log("debug", "test password for user %s at host %s", username, host); |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
25 |
|
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
26 |
local wait, done = waiter(); |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
27 |
|
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
28 |
local code = -1; |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
29 |
http.request(api_base:gsub("$user", username), { |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
30 |
headers = { |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
31 |
Authorization = "Basic "..base64(username..":"..password); |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
32 |
}; |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
33 |
}, |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
34 |
function(body, _code) |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
35 |
code = _code; |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
36 |
done(); |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
37 |
end); |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
38 |
|
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
39 |
wait(); |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
40 |
|
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
41 |
if code >= 200 and code <= 299 then |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
42 |
return true; |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
43 |
else |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
44 |
module:log("debug", "HTTP auth provider returned status code %d", code); |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
45 |
return nil, "Auth failed. Invalid username or password."; |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
46 |
end |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
47 |
end |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
48 |
|
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
49 |
function provider.set_password(username, password) |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
50 |
return nil, "Changing passwords not supported"; |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
51 |
end |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
52 |
|
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
53 |
function provider.user_exists(username) |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
54 |
return true; |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
55 |
end |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
56 |
|
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
57 |
function provider.create_user(username, password) |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
58 |
return nil, "User creation not supported"; |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
59 |
end |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
60 |
|
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
61 |
function provider.delete_user(username) |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
62 |
return nil , "User deletion not supported"; |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
63 |
end |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
64 |
|
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
65 |
function provider.get_sasl_handler() |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
66 |
return new_sasl(host, { |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
67 |
plain_test = function(sasl, username, password, realm) |
1753
39a0a35f02bc
mod_auth_http_async: Don't go throug usermanager to call a function from the same module
Kim Alvefur <zash@zash.se>
parents:
1421
diff
changeset
|
68 |
return provider.test_password(username, realm, password), true; |
1421
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
69 |
end |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
70 |
}); |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
71 |
end |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
72 |
|
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
73 |
module:provides("auth", provider); |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
74 |