annotate mod_http_pep_avatar/mod_http_pep_avatar.lua @ 5549:01a0b67a9afd

mod_http_oauth2: Add TODO about disabling password grant Per recommendation in draft-ietf-oauth-security-topics-23 it should at the very least be disabled by default. However since this is used by the Snikket web portal some care needs to be taken not to break this, unless it's already broken by other changes to this module.
author Kim Alvefur <zash@zash.se>
date Fri, 16 Jun 2023 00:06:53 +0200
parents 02d238799537
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
3425
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
1 -- HTTP Access to PEP Avatar
2294
4915b8223b07 mod_atom: Expose Microbloging PEP data over HTTP
Kim Alvefur <zash@zash.se>
parents:
diff changeset
2 -- By Kim Alvefur <zash@zash.se>
4915b8223b07 mod_atom: Expose Microbloging PEP data over HTTP
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3
3241
4b52cafd5811 mod_atom: Update to the new mod_pep
Kim Alvefur <zash@zash.se>
parents: 2294
diff changeset
4 local mod_pep = module:depends"pep";
4b52cafd5811 mod_atom: Update to the new mod_pep
Kim Alvefur <zash@zash.se>
parents: 2294
diff changeset
5
3424
6ae875c98daf mod_atom: Check whether user exists
Kim Alvefur <zash@zash.se>
parents: 3423
diff changeset
6 local um = require "core.usermanager";
2294
4915b8223b07 mod_atom: Expose Microbloging PEP data over HTTP
Kim Alvefur <zash@zash.se>
parents:
diff changeset
7 local nodeprep = require "util.encodings".stringprep.nodeprep;
3425
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
8 local base64_decode = require "util.encodings".base64.decode;
3433
213679266dcb mod_http_pep_avatar: Redirect to prepped username
Kim Alvefur <zash@zash.se>
parents: 3425
diff changeset
9 local urlencode = require "util.http".urlencode;
2294
4915b8223b07 mod_atom: Expose Microbloging PEP data over HTTP
Kim Alvefur <zash@zash.se>
parents:
diff changeset
10
3241
4b52cafd5811 mod_atom: Update to the new mod_pep
Kim Alvefur <zash@zash.se>
parents: 2294
diff changeset
11 module:depends("http")
2294
4915b8223b07 mod_atom: Expose Microbloging PEP data over HTTP
Kim Alvefur <zash@zash.se>
parents:
diff changeset
12 module:provides("http", {
4915b8223b07 mod_atom: Expose Microbloging PEP data over HTTP
Kim Alvefur <zash@zash.se>
parents:
diff changeset
13 route = {
4038
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
14 ["GET /*"] = function (event, path)
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
15 if path == "" then
3575
00bdecb12779 mod_http_pep_avatar: Return a message instead of 404 for base path
Kim Alvefur <zash@zash.se>
parents: 3433
diff changeset
16 return [[<h1>Hello from mod_http_pep_avatar</h1><p>This module provides access to public avatars of local users.</p>]];
00bdecb12779 mod_http_pep_avatar: Return a message instead of 404 for base path
Kim Alvefur <zash@zash.se>
parents: 3433
diff changeset
17 end;
00bdecb12779 mod_http_pep_avatar: Return a message instead of 404 for base path
Kim Alvefur <zash@zash.se>
parents: 3433
diff changeset
18
3423
4a8fa0364f35 mod_atom: Unpack event object
Kim Alvefur <zash@zash.se>
parents: 3276
diff changeset
19 local request, response = event.request, event.response;
4a8fa0364f35 mod_atom: Unpack event object
Kim Alvefur <zash@zash.se>
parents: 3276
diff changeset
20 local actor = request.ip;
3241
4b52cafd5811 mod_atom: Update to the new mod_pep
Kim Alvefur <zash@zash.se>
parents: 2294
diff changeset
21
4038
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
22 local user, item_id = path:match("^([^/]+)/(%x+)$");
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
23 if not user then user = path; end
3433
213679266dcb mod_http_pep_avatar: Redirect to prepped username
Kim Alvefur <zash@zash.se>
parents: 3425
diff changeset
24 local prepped = nodeprep(user);
213679266dcb mod_http_pep_avatar: Redirect to prepped username
Kim Alvefur <zash@zash.se>
parents: 3425
diff changeset
25 if not prepped then return 400; end
213679266dcb mod_http_pep_avatar: Redirect to prepped username
Kim Alvefur <zash@zash.se>
parents: 3425
diff changeset
26 if prepped ~= user then
213679266dcb mod_http_pep_avatar: Redirect to prepped username
Kim Alvefur <zash@zash.se>
parents: 3425
diff changeset
27 response.headers.location = module:http_url() .. "/" .. urlencode(prepped);
213679266dcb mod_http_pep_avatar: Redirect to prepped username
Kim Alvefur <zash@zash.se>
parents: 3425
diff changeset
28 return 302;
213679266dcb mod_http_pep_avatar: Redirect to prepped username
Kim Alvefur <zash@zash.se>
parents: 3425
diff changeset
29 end
3424
6ae875c98daf mod_atom: Check whether user exists
Kim Alvefur <zash@zash.se>
parents: 3423
diff changeset
30 if not um.user_exists(user, module.host) then
6ae875c98daf mod_atom: Check whether user exists
Kim Alvefur <zash@zash.se>
parents: 3423
diff changeset
31 return 404;
6ae875c98daf mod_atom: Check whether user exists
Kim Alvefur <zash@zash.se>
parents: 3423
diff changeset
32 end
3241
4b52cafd5811 mod_atom: Update to the new mod_pep
Kim Alvefur <zash@zash.se>
parents: 2294
diff changeset
33
3425
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
34 local pep_service = mod_pep.get_pep_service(user);
3272
119e22ccd64a mod_atom: Add some basic metadata to feed
Kim Alvefur <zash@zash.se>
parents: 3241
diff changeset
35
3425
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
36 local ok, avatar_hash, avatar_meta = pep_service:get_last_item("urn:xmpp:avatar:metadata", actor);
3272
119e22ccd64a mod_atom: Add some basic metadata to feed
Kim Alvefur <zash@zash.se>
parents: 3241
diff changeset
37
3425
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
38 if not ok or not avatar_hash then
3241
4b52cafd5811 mod_atom: Update to the new mod_pep
Kim Alvefur <zash@zash.se>
parents: 2294
diff changeset
39 return 404;
4b52cafd5811 mod_atom: Update to the new mod_pep
Kim Alvefur <zash@zash.se>
parents: 2294
diff changeset
40 end
3425
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
41
4038
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
42 if (item_id or avatar_hash) == request.headers.if_none_match then
3425
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
43 return 304;
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
44 end
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
45
4038
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
46 local data_ok, avatar_data = pep_service:get_items("urn:xmpp:avatar:data", actor, item_id or avatar_hash);
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
47 if not data_ok or type(avatar_data) ~= "table" or not avatar_data[item_id or avatar_hash] then
3425
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
48 return 404;
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
49 end
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
50
4038
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
51 local info = avatar_meta.tags[1]:get_child("info");
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
52 if item_id and info.attr.id ~= item_id then
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
53 info = nil;
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
54 for altinfo in avatar_meta.tags[1]:childtags("info") do
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
55 if altinfo.attr.id == item_id then
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
56 info = altinfo;
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
57 end
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
58 end
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
59 end
3425
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
60
4038
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
61 if not info then
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
62 return 404;
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
63 end
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
64
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
65 response.headers.etag = item_id or avatar_hash;
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
66
3425
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
67 response.headers.content_type = info and info.attr.type or "application/octet-stream";
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
68
4038
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
69 local data = avatar_data[item_id or avatar_hash];
3425
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
70 return base64_decode(data.tags[1]:get_text());
3241
4b52cafd5811 mod_atom: Update to the new mod_pep
Kim Alvefur <zash@zash.se>
parents: 2294
diff changeset
71 end;
4b52cafd5811 mod_atom: Update to the new mod_pep
Kim Alvefur <zash@zash.se>
parents: 2294
diff changeset
72 }
2294
4915b8223b07 mod_atom: Expose Microbloging PEP data over HTTP
Kim Alvefur <zash@zash.se>
parents:
diff changeset
73 });