annotate mod_register_redirect/mod_register_redirect.lua @ 5185:09d6bbd6c8a4

mod_http_oauth2: Fix treatment of 'redirect_uri' parameter in code flow It's optional and the one stored in the client registration should really be used instead. RFC 6749 says an URI provided as parameter MUST be validated against the stored one but does not say how. Given that the client needs their secret to proceed, it seems fine to leave this for later.
author Kim Alvefur <zash@zash.se>
date Thu, 02 Mar 2023 22:00:42 +0100
parents 2023cba9ead0
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
443
7679b8f6b886 mod_register_redirect: update authors info.
Marco Cirillo <maranda@lightwitch.org>
parents: 442
diff changeset
1 -- (C) 2010-2011 Marco Cirillo (LW.Org)
7679b8f6b886 mod_register_redirect: update authors info.
Marco Cirillo <maranda@lightwitch.org>
parents: 442
diff changeset
2 -- (C) 2011 Kim Alvefur
7679b8f6b886 mod_register_redirect: update authors info.
Marco Cirillo <maranda@lightwitch.org>
parents: 442
diff changeset
3 --
440
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
4 -- Registration Redirect module for Prosody
1343
7dbde05b48a9 all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 1100
diff changeset
5 --
440
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
6 -- Redirects IP addresses not in the whitelist to a web page or another method to complete the registration.
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
7
530
3cc17ef98be0 mod_register_redirect: stick to one code "punctuation" style.
Marco Cirillo <maranda@lightwitch.org>
parents: 443
diff changeset
8 local st = require "util.stanza"
2784
ba999840f318 mod_register_redirect: Import configmanager correctly (fixes #820)
t2d <td@tem.li>
parents: 2729
diff changeset
9 local cman = require "core.configmanager"
440
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
10
2729
7983335e88e9 mod_register_redirect: Add ::1 to the default registration_whitelist.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents: 1343
diff changeset
11 local ip_wl = module:get_option_set("registration_whitelist", { "127.0.0.1", "::1" })
1100
aa93cf0b1242 mod_register_redirect: cleanup a bit.
Marco Cirillo <maranda@lightwitch.org>
parents: 807
diff changeset
12 local url = module:get_option_string("registration_url", nil)
aa93cf0b1242 mod_register_redirect: cleanup a bit.
Marco Cirillo <maranda@lightwitch.org>
parents: 807
diff changeset
13 local inst_text = module:get_option_string("registration_text", nil)
aa93cf0b1242 mod_register_redirect: cleanup a bit.
Marco Cirillo <maranda@lightwitch.org>
parents: 807
diff changeset
14 local oob = module:get_option_boolean("registration_oob", true)
aa93cf0b1242 mod_register_redirect: cleanup a bit.
Marco Cirillo <maranda@lightwitch.org>
parents: 807
diff changeset
15 local admins_g = cman.get("*", "core", "admins")
aa93cf0b1242 mod_register_redirect: cleanup a bit.
Marco Cirillo <maranda@lightwitch.org>
parents: 807
diff changeset
16 local admins_l = cman.get(module:get_host(), "core", "admins")
aa93cf0b1242 mod_register_redirect: cleanup a bit.
Marco Cirillo <maranda@lightwitch.org>
parents: 807
diff changeset
17 local no_wl = module:get_option_boolean("no_registration_whitelist", false)
aa93cf0b1242 mod_register_redirect: cleanup a bit.
Marco Cirillo <maranda@lightwitch.org>
parents: 807
diff changeset
18
aa93cf0b1242 mod_register_redirect: cleanup a bit.
Marco Cirillo <maranda@lightwitch.org>
parents: 807
diff changeset
19 if type(admins_g) ~= "table" then admins_g = nil end
aa93cf0b1242 mod_register_redirect: cleanup a bit.
Marco Cirillo <maranda@lightwitch.org>
parents: 807
diff changeset
20 if type(admins_l) ~= "table" then admins_l = nil end
aa93cf0b1242 mod_register_redirect: cleanup a bit.
Marco Cirillo <maranda@lightwitch.org>
parents: 807
diff changeset
21
440
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
22 function reg_redirect(event)
530
3cc17ef98be0 mod_register_redirect: stick to one code "punctuation" style.
Marco Cirillo <maranda@lightwitch.org>
parents: 443
diff changeset
23 local stanza, origin = event.stanza, event.origin
440
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
24
1100
aa93cf0b1242 mod_register_redirect: cleanup a bit.
Marco Cirillo <maranda@lightwitch.org>
parents: 807
diff changeset
25 if not no_wl and ip_wl:contains(origin.ip) then return; end
440
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
26
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
27 -- perform checks to set default responses and sanity checks.
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
28 if not inst_text then
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
29 if url and oob then
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
30 if url:match("^%w+[:].*$") then
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
31 if url:match("^(%w+)[:].*$") == "http" or url:match("^(%w+)[:].*$") == "https" then
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
32 inst_text = "Please visit "..url.." to register an account on this server."
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
33 elseif url:match("^(%w+)[:].*$") == "mailto" then
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
34 inst_text = "Please send an e-mail at "..url:match("^%w+[:](.*)$").." to register an account on this server."
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
35 elseif url:match("^(%w+)[:].*$") == "xmpp" then
442
761b7e1bb7ab mod_register_redirect: few mistake fixes to make it work.
Marco Cirillo <maranda@lightwitch.org>
parents: 441
diff changeset
36 inst_text = "Please contact "..module:get_host().."'s server administrator via xmpp to register an account on this server at: "..url:match("^%w+[:](.*)$")
440
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
37 else
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
38 module:log("error", "This module supports only http/https, mailto or xmpp as URL formats.")
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
39 module:log("error", "If you want to use personalized instructions without an Out-Of-Band method,")
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
40 module:log("error", "specify: register_oob = false; -- in your configuration along your banner string (register_text).")
807
7d1d3ca31d03 mod_register_redirect: rebacked in changeset c6f1427da79d (behaviour fixed).
Marco Cirillo <maranda@lightwitch.org>
parents: 805
diff changeset
41 return origin.send(st.error_reply(stanza, "wait", "internal-server-error")) -- bouncing request.
440
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
42 end
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
43 else
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
44 module:log("error", "Please check your configuration, the URL you specified is invalid")
807
7d1d3ca31d03 mod_register_redirect: rebacked in changeset c6f1427da79d (behaviour fixed).
Marco Cirillo <maranda@lightwitch.org>
parents: 805
diff changeset
45 return origin.send(st.error_reply(stanza, "wait", "internal-server-error")) -- bouncing request.
440
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
46 end
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
47 else
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
48 if admins_l then
530
3cc17ef98be0 mod_register_redirect: stick to one code "punctuation" style.
Marco Cirillo <maranda@lightwitch.org>
parents: 443
diff changeset
49 local ajid; for _,v in ipairs(admins_l) do ajid = v ; break end
442
761b7e1bb7ab mod_register_redirect: few mistake fixes to make it work.
Marco Cirillo <maranda@lightwitch.org>
parents: 441
diff changeset
50 inst_text = "Please contact "..module:get_host().."'s server administrator via xmpp to register an account on this server at: "..ajid
440
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
51 else
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
52 if admins_g then
530
3cc17ef98be0 mod_register_redirect: stick to one code "punctuation" style.
Marco Cirillo <maranda@lightwitch.org>
parents: 443
diff changeset
53 local ajid; for _,v in ipairs(admins_g) do ajid = v ; break end
442
761b7e1bb7ab mod_register_redirect: few mistake fixes to make it work.
Marco Cirillo <maranda@lightwitch.org>
parents: 441
diff changeset
54 inst_text = "Please contact "..module:get_host().."'s server administrator via xmpp to register an account on this server at: "..ajid
440
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
55 else
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
56 module:log("error", "Please be sure to, _at the very least_, configure one server administrator either global or hostwise...")
2785
2023cba9ead0 mod_register_redirect: Update doc
t2d <td@tem.li>
parents: 2784
diff changeset
57 module:log("error", "if you want to use this module, or read it's configuration wiki at: https://modules.prosody.im/mod_register_redirect.html")
807
7d1d3ca31d03 mod_register_redirect: rebacked in changeset c6f1427da79d (behaviour fixed).
Marco Cirillo <maranda@lightwitch.org>
parents: 805
diff changeset
58 return origin.send(st.error_reply(stanza, "wait", "internal-server-error")) -- bouncing request.
440
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
59 end
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
60 end
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
61 end
783
d039a8dace3b mod_register_redirect: fixed clunky if block (thanks Zash, mva).
Marco Cirillo <maranda@lightwitch.org>
parents: 781
diff changeset
62 elseif inst_text and url and oob then
440
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
63 if not url:match("^%w+[:].*$") then
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
64 module:log("error", "Please check your configuration, the URL specified is not valid.")
807
7d1d3ca31d03 mod_register_redirect: rebacked in changeset c6f1427da79d (behaviour fixed).
Marco Cirillo <maranda@lightwitch.org>
parents: 805
diff changeset
65 return origin.send(st.error_reply(stanza, "wait", "internal-server-error")) -- bouncing request.
440
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
66 end
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
67 end
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
68
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
69 -- Prepare replies.
530
3cc17ef98be0 mod_register_redirect: stick to one code "punctuation" style.
Marco Cirillo <maranda@lightwitch.org>
parents: 443
diff changeset
70 local reply = st.reply(event.stanza)
440
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
71 if oob then
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
72 reply:query("jabber:iq:register")
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
73 :tag("instructions"):text(inst_text):up()
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
74 :tag("x", {xmlns = "jabber:x:oob"})
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
75 :tag("url"):text(url);
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
76 else
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
77 reply:query("jabber:iq:register")
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
78 :tag("instructions"):text(inst_text):up()
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
79 end
1343
7dbde05b48a9 all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 1100
diff changeset
80
440
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
81 if stanza.attr.type == "get" then
807
7d1d3ca31d03 mod_register_redirect: rebacked in changeset c6f1427da79d (behaviour fixed).
Marco Cirillo <maranda@lightwitch.org>
parents: 805
diff changeset
82 return origin.send(reply)
440
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
83 else
807
7d1d3ca31d03 mod_register_redirect: rebacked in changeset c6f1427da79d (behaviour fixed).
Marco Cirillo <maranda@lightwitch.org>
parents: 805
diff changeset
84 return origin.send(st.error_reply(stanza, "cancel", "not-authorized"))
440
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
85 end
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
86 end
9a71493368de mod_register_redirect: initial commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
87
530
3cc17ef98be0 mod_register_redirect: stick to one code "punctuation" style.
Marco Cirillo <maranda@lightwitch.org>
parents: 443
diff changeset
88 module:hook("stanza/iq/jabber:iq:register:query", reg_redirect, 10)