author | Kim Alvefur <zash@zash.se> |
Fri, 01 Mar 2024 19:22:49 +0100 | |
changeset 13455 | 4a9a69659727 |
parent 12981 | 74b9e05af71e |
permissions | -rw-r--r-- |
3190
c4069680a01c
mod_auth_anonymous: Auth provider with support for SASL ANONYMOUS.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
1 |
-- Prosody IM |
c4069680a01c
mod_auth_anonymous: Auth provider with support for SASL ANONYMOUS.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
2 |
-- Copyright (C) 2008-2010 Matthew Wild |
c4069680a01c
mod_auth_anonymous: Auth provider with support for SASL ANONYMOUS.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
3 |
-- Copyright (C) 2008-2010 Waqas Hussain |
c4069680a01c
mod_auth_anonymous: Auth provider with support for SASL ANONYMOUS.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
4 |
-- |
c4069680a01c
mod_auth_anonymous: Auth provider with support for SASL ANONYMOUS.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
5 |
-- This project is MIT/X11 licensed. Please see the |
c4069680a01c
mod_auth_anonymous: Auth provider with support for SASL ANONYMOUS.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
6 |
-- COPYING file in the source package for more information. |
c4069680a01c
mod_auth_anonymous: Auth provider with support for SASL ANONYMOUS.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
7 |
-- |
8056
7d26dab7ce0d
mod_auth_anonymous: Ignore unused arguments to various not actually implemented functions [luacheck]
Kim Alvefur <zash@zash.se>
parents:
6023
diff
changeset
|
8 |
-- luacheck: ignore 212 |
3190
c4069680a01c
mod_auth_anonymous: Auth provider with support for SASL ANONYMOUS.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
9 |
|
12981
74b9e05af71e
plugins: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents:
11126
diff
changeset
|
10 |
local new_sasl = require "prosody.util.sasl".new; |
74b9e05af71e
plugins: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents:
11126
diff
changeset
|
11 |
local datamanager = require "prosody.util.datamanager"; |
5370
7838acadb0fa
mod_announce, mod_auth_anonymous, mod_c2s, mod_c2s, mod_component, mod_iq, mod_message, mod_presence, mod_tls: Access prosody.{hosts,bare_sessions,full_sessions} instead of the old globals
Kim Alvefur <zash@zash.se>
parents:
5229
diff
changeset
|
12 |
local hosts = prosody.hosts; |
3190
c4069680a01c
mod_auth_anonymous: Auth provider with support for SASL ANONYMOUS.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
13 |
|
11126
d60094d9b458
mod_auth_anonymous: Add config option to allow/disallow storage writes
Matthew Wild <mwild1@gmail.com>
parents:
8056
diff
changeset
|
14 |
local allow_storage = module:get_option_boolean("allow_anonymous_storage", false); |
d60094d9b458
mod_auth_anonymous: Add config option to allow/disallow storage writes
Matthew Wild <mwild1@gmail.com>
parents:
8056
diff
changeset
|
15 |
|
5115
3939960b3c07
mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents:
4947
diff
changeset
|
16 |
-- define auth provider |
5117
2c7e1ce8f482
mod_auth_*: Use module:provides().
Waqas Hussain <waqas20@gmail.com>
parents:
5115
diff
changeset
|
17 |
local provider = {}; |
3190
c4069680a01c
mod_auth_anonymous: Auth provider with support for SASL ANONYMOUS.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
18 |
|
5115
3939960b3c07
mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents:
4947
diff
changeset
|
19 |
function provider.test_password(username, password) |
3939960b3c07
mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents:
4947
diff
changeset
|
20 |
return nil, "Password based auth not supported."; |
3939960b3c07
mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents:
4947
diff
changeset
|
21 |
end |
3190
c4069680a01c
mod_auth_anonymous: Auth provider with support for SASL ANONYMOUS.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
22 |
|
5115
3939960b3c07
mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents:
4947
diff
changeset
|
23 |
function provider.get_password(username) |
3939960b3c07
mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents:
4947
diff
changeset
|
24 |
return nil, "Password not available."; |
3939960b3c07
mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents:
4947
diff
changeset
|
25 |
end |
3190
c4069680a01c
mod_auth_anonymous: Auth provider with support for SASL ANONYMOUS.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
26 |
|
5115
3939960b3c07
mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents:
4947
diff
changeset
|
27 |
function provider.set_password(username, password) |
3939960b3c07
mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents:
4947
diff
changeset
|
28 |
return nil, "Password based auth not supported."; |
3190
c4069680a01c
mod_auth_anonymous: Auth provider with support for SASL ANONYMOUS.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
29 |
end |
c4069680a01c
mod_auth_anonymous: Auth provider with support for SASL ANONYMOUS.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
30 |
|
5115
3939960b3c07
mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents:
4947
diff
changeset
|
31 |
function provider.user_exists(username) |
3939960b3c07
mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents:
4947
diff
changeset
|
32 |
return nil, "Only anonymous users are supported."; -- FIXME check if anonymous user is connected? |
3939960b3c07
mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents:
4947
diff
changeset
|
33 |
end |
3939960b3c07
mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents:
4947
diff
changeset
|
34 |
|
3939960b3c07
mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents:
4947
diff
changeset
|
35 |
function provider.create_user(username, password) |
3939960b3c07
mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents:
4947
diff
changeset
|
36 |
return nil, "Account creation/modification not supported."; |
3939960b3c07
mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents:
4947
diff
changeset
|
37 |
end |
3939960b3c07
mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents:
4947
diff
changeset
|
38 |
|
3939960b3c07
mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents:
4947
diff
changeset
|
39 |
function provider.get_sasl_handler() |
3939960b3c07
mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents:
4947
diff
changeset
|
40 |
local anonymous_authentication_profile = { |
3939960b3c07
mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents:
4947
diff
changeset
|
41 |
anonymous = function(sasl, username, realm) |
3939960b3c07
mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents:
4947
diff
changeset
|
42 |
return true; -- for normal usage you should always return true here |
3939960b3c07
mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents:
4947
diff
changeset
|
43 |
end |
3939960b3c07
mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents:
4947
diff
changeset
|
44 |
}; |
3939960b3c07
mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents:
4947
diff
changeset
|
45 |
return new_sasl(module.host, anonymous_authentication_profile); |
3939960b3c07
mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents:
4947
diff
changeset
|
46 |
end |
3939960b3c07
mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents:
4947
diff
changeset
|
47 |
|
5229
5566236f363f
mod_auth_anonymous: Implement user iteration API
Kim Alvefur <zash@zash.se>
parents:
5117
diff
changeset
|
48 |
function provider.users() |
6023
93b4058e3320
mod_auth_anonymous: Fixed a traceback in listing all users (issue#396).
Waqas Hussain <waqas20@gmail.com>
parents:
5370
diff
changeset
|
49 |
return next, hosts[module.host].sessions, nil; |
5229
5566236f363f
mod_auth_anonymous: Implement user iteration API
Kim Alvefur <zash@zash.se>
parents:
5117
diff
changeset
|
50 |
end |
5566236f363f
mod_auth_anonymous: Implement user iteration API
Kim Alvefur <zash@zash.se>
parents:
5117
diff
changeset
|
51 |
|
5115
3939960b3c07
mod_auth_{internal_plain,cyrus,anonymous}: Get rid of useless wrapper function new_default_provider.
Waqas Hussain <waqas20@gmail.com>
parents:
4947
diff
changeset
|
52 |
-- datamanager callback to disable writes |
3190
c4069680a01c
mod_auth_anonymous: Auth provider with support for SASL ANONYMOUS.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
53 |
local function dm_callback(username, host, datastore, data) |
c4069680a01c
mod_auth_anonymous: Auth provider with support for SASL ANONYMOUS.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
54 |
if host == module.host then |
c4069680a01c
mod_auth_anonymous: Auth provider with support for SASL ANONYMOUS.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
55 |
return false; |
c4069680a01c
mod_auth_anonymous: Auth provider with support for SASL ANONYMOUS.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
56 |
end |
c4069680a01c
mod_auth_anonymous: Auth provider with support for SASL ANONYMOUS.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
57 |
return username, host, datastore, data; |
c4069680a01c
mod_auth_anonymous: Auth provider with support for SASL ANONYMOUS.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
58 |
end |
4821
deec69fc33e5
mod_auth_anonymous: Block s2s when enabled on a host (and disallow_s2s ~= false)
Matthew Wild <mwild1@gmail.com>
parents:
4765
diff
changeset
|
59 |
|
4834
878f75ccc4fb
mod_s2s, mod_auth_anonymous, hostmanager: Remove disallow_s2s flag, deprecate the config option of the same name (disable mod_s2s instead), and add 'allow_anonymous_s2s' to separately control s2s for anonymous users
Matthew Wild <mwild1@gmail.com>
parents:
4821
diff
changeset
|
60 |
if not module:get_option_boolean("allow_anonymous_s2s", false) then |
4821
deec69fc33e5
mod_auth_anonymous: Block s2s when enabled on a host (and disallow_s2s ~= false)
Matthew Wild <mwild1@gmail.com>
parents:
4765
diff
changeset
|
61 |
module:hook("route/remote", function (event) |
deec69fc33e5
mod_auth_anonymous: Block s2s when enabled on a host (and disallow_s2s ~= false)
Matthew Wild <mwild1@gmail.com>
parents:
4765
diff
changeset
|
62 |
return false; -- Block outgoing s2s from anonymous users |
deec69fc33e5
mod_auth_anonymous: Block s2s when enabled on a host (and disallow_s2s ~= false)
Matthew Wild <mwild1@gmail.com>
parents:
4765
diff
changeset
|
63 |
end, 300); |
deec69fc33e5
mod_auth_anonymous: Block s2s when enabled on a host (and disallow_s2s ~= false)
Matthew Wild <mwild1@gmail.com>
parents:
4765
diff
changeset
|
64 |
end |
deec69fc33e5
mod_auth_anonymous: Block s2s when enabled on a host (and disallow_s2s ~= false)
Matthew Wild <mwild1@gmail.com>
parents:
4765
diff
changeset
|
65 |
|
3190
c4069680a01c
mod_auth_anonymous: Auth provider with support for SASL ANONYMOUS.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
66 |
function module.load() |
11126
d60094d9b458
mod_auth_anonymous: Add config option to allow/disallow storage writes
Matthew Wild <mwild1@gmail.com>
parents:
8056
diff
changeset
|
67 |
if not allow_storage then |
d60094d9b458
mod_auth_anonymous: Add config option to allow/disallow storage writes
Matthew Wild <mwild1@gmail.com>
parents:
8056
diff
changeset
|
68 |
datamanager.add_callback(dm_callback); |
d60094d9b458
mod_auth_anonymous: Add config option to allow/disallow storage writes
Matthew Wild <mwild1@gmail.com>
parents:
8056
diff
changeset
|
69 |
end |
3190
c4069680a01c
mod_auth_anonymous: Auth provider with support for SASL ANONYMOUS.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
70 |
end |
c4069680a01c
mod_auth_anonymous: Auth provider with support for SASL ANONYMOUS.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
71 |
function module.unload() |
11126
d60094d9b458
mod_auth_anonymous: Add config option to allow/disallow storage writes
Matthew Wild <mwild1@gmail.com>
parents:
8056
diff
changeset
|
72 |
if not allow_storage then |
d60094d9b458
mod_auth_anonymous: Add config option to allow/disallow storage writes
Matthew Wild <mwild1@gmail.com>
parents:
8056
diff
changeset
|
73 |
datamanager.remove_callback(dm_callback); |
d60094d9b458
mod_auth_anonymous: Add config option to allow/disallow storage writes
Matthew Wild <mwild1@gmail.com>
parents:
8056
diff
changeset
|
74 |
end |
3190
c4069680a01c
mod_auth_anonymous: Auth provider with support for SASL ANONYMOUS.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
75 |
end |
c4069680a01c
mod_auth_anonymous: Auth provider with support for SASL ANONYMOUS.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
76 |
|
5117
2c7e1ce8f482
mod_auth_*: Use module:provides().
Waqas Hussain <waqas20@gmail.com>
parents:
5115
diff
changeset
|
77 |
module:provides("auth", provider); |
3190
c4069680a01c
mod_auth_anonymous: Auth provider with support for SASL ANONYMOUS.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
78 |