annotate mod_post_msg/sendxmpp-curl.sh @ 5193:2bb29ece216b

mod_http_oauth2: Implement stateless dynamic client registration Replaces previous explicit registration that required either the additional module mod_adhoc_oauth2_client or manually editing the database. That method was enough to have something to test with, but would not probably not scale easily. Dynamic client registration allows creating clients on the fly, which may be even easier in theory. In order to not allow basically unauthenticated writes to the database, we implement a stateless model here. per_host_key := HMAC(config -> oauth2_registration_key, hostname) client_id := JWT { client metadata } signed with per_host_key client_secret := HMAC(per_host_key, client_id) This should ensure everything we need to know is part of the client_id, allowing redirects etc to be validated, and the client_secret can be validated with only the client_id and the per_host_key. A nonce injected into the client_id JWT should ensure nobody can submit the same client metadata and retrieve the same client_secret
author Kim Alvefur <zash@zash.se>
date Fri, 03 Mar 2023 21:14:19 +0100
parents 9764d27db681
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
4524
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 #!/bin/bash
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
2 # Does HTTP POST compatible with mod_post_msg for prosody
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3 # Aims to be compatible with sendxmpp syntax
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
5 # API:
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
6 # http://host/msg/user => msg to user@host
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
7 # or http://whatever/msg/user@host => same
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
8 # HTTP Basic auth
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
9
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
10 # sendxmpp
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
11 # $0 [options] <recipient>
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
12
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
13 test -f $HOME/.sendxmpprc &&
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
14 read username password < $HOME/.sendxmpprc
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
15
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
16 TEMP="$(getopt -o f:u:p:j:o:r:tlcs:m:iwvhd -l file:,username:,password:,jserver:,component:,resource:,tls,headline,message-type:,chatroom,subject:,message:,interactive,raw,verbose,help,usage,debug -n "${0%%*/}" -- "$@" )"
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
17
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
18 if [ $? != 0 ] ; then echo "Terminating..." >&2 ; exit 1 ; fi
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
19
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
20 eval set -- "$TEMP"
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
21
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
22 while true; do
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
23 case "$1" in
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
24 -f|--file) read username password < "$2"; shift 2;;
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
25 -u|--username) username="$2"; shift 2;;
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
26 -p|--password) password="$2"; shift 2;;
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
27 -j|--jserver) server="$2"; shift 2;;
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
28 -m|--message) message="$2"; shift 2;;
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
29 -v|--verbose) verbose="yes"; shift;;
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
30 -i|--interactive) interactive="yes"; shift;; # multiple messages, one per line on stdin
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
31 -r|--resource) resource="$OPTARG"; shift 2;; # not used
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
32 -h|--help|--usage)
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
33 echo "usage: ${0##*/} [options] <recipient>"
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
34 echo "or refer to the the source code ;)"; exit;;
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
35 --) shift ; break ;;
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
36 *) echo "option $1 is not implemented" >&1; shift ;; # TODO stuff
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
37 # FIXME the above will fail if the opt has a param
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
38 esac
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
39 done
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
40
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
41 if [ $# -gt 1 ]; then
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
42 echo "multile recipients not implemented" >&1 # TODO stuff
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
43 exit 1
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
44 fi
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
45
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
46 # Can be user@host or just user, in wich case the http host is used
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
47 recipient="$1"
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
48 shift
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
49
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
50 if [ -z "$server" ]; then
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
51 server="${username#*@}:5280"
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
52 fi
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
53
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
54 if [ -z "$recipient" -o -z "$server" -o -z "$username" ]; then
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
55 echo "required parameter missing or empty" >&1
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
56 exit 1
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
57 fi
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
58
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
59 do_send() {
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
60 #echo \
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
61 curl "http${secure:+s}://$server/msg/$recipient" \
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
62 -s ${verbose:+-v} \
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
63 -u "$username${password:+:$password}" \
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
64 "$@"
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
65 }
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
66
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
67 send_text() {
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
68 do_send -H "Content-Type: text/plain" "$@"
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
69 }
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
70
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
71 if [ -z "$interactive" ]; then
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
72 send_text -d "${message:-@-}"
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
73 else
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
74 while read line; do
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
75 send_text -d "$line"
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
76 done
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
77 fi
9764d27db681 mod_post_msg: Add sendxmpp-curl
Kim Alvefur <zash@zash.se>
parents:
diff changeset
78 # TODO single curl line