Mercurial > prosody-modules
annotate mod_track_muc_joins/README.markdown @ 5193:2bb29ece216b
mod_http_oauth2: Implement stateless dynamic client registration
Replaces previous explicit registration that required either the
additional module mod_adhoc_oauth2_client or manually editing the
database. That method was enough to have something to test with, but
would not probably not scale easily.
Dynamic client registration allows creating clients on the fly, which
may be even easier in theory.
In order to not allow basically unauthenticated writes to the database,
we implement a stateless model here.
per_host_key := HMAC(config -> oauth2_registration_key, hostname)
client_id := JWT { client metadata } signed with per_host_key
client_secret := HMAC(per_host_key, client_id)
This should ensure everything we need to know is part of the client_id,
allowing redirects etc to be validated, and the client_secret can be
validated with only the client_id and the per_host_key.
A nonce injected into the client_id JWT should ensure nobody can submit
the same client metadata and retrieve the same client_secret
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Fri, 03 Mar 2023 21:14:19 +0100 |
| parents | e327b06b9a1b |
| children |
| rev | line source |
|---|---|
|
2081
73096d8d924c
mod_track_muc_joins: Module to keep track of joined MUC rooms
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 --- |
|
73096d8d924c
mod_track_muc_joins: Module to keep track of joined MUC rooms
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 summary: Keep track of joined chat rooms |
|
73096d8d924c
mod_track_muc_joins: Module to keep track of joined MUC rooms
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 ... |
|
73096d8d924c
mod_track_muc_joins: Module to keep track of joined MUC rooms
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 |
|
2409
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
5 # Introduction |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
6 |
|
2081
73096d8d924c
mod_track_muc_joins: Module to keep track of joined MUC rooms
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 This module attempts to keep track of what MUC chat rooms users have |
|
73096d8d924c
mod_track_muc_joins: Module to keep track of joined MUC rooms
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
8 joined. It's not very useful on its own, but can be used by other |
|
73096d8d924c
mod_track_muc_joins: Module to keep track of joined MUC rooms
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
9 modules to influence decisions. |
|
2409
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
10 |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
11 # Usage |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
12 |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
13 Rooms joined and the associated nickname is kept in a table field |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
14 `rooms_joined` on the users session. |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
15 |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
16 An example: |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
17 |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
18 ``` lua |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
19 local jid_bare = require"util.jid".bare; |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
20 |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
21 module:hook("message/full", function (event) |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
22 local stanza = event.stanza; |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
23 local session = prosody.full_sessions[stanza.attr.to]; |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
24 if not session then |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
25 return -- No such session |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
26 end |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
27 |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
28 local joined_rooms = session.joined_rooms; |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
29 if not joined_rooms then |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
30 return -- This session hasn't joined any rooms at all |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
31 end |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
32 |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
33 -- joined_rooms is a map of room JID -> room nickname |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
34 local nickname = joined_rooms[jid_bare(stanza.attr.from)]; |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
35 if nickname then |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
36 session.log("info", "Got a MUC message from %s", stanza.attr.from); |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
37 |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
38 local body = stanza:get_child_text("body"); |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
39 if body and body:find(nickname, 1, true) then |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
40 session.log("info", "The message contains my nickname!"); |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
41 end |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
42 end |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
43 end); |
|
b426f1d46938
mod_track_muc_joins/README: Add some example code
Kim Alvefur <zash@zash.se>
parents:
2081
diff
changeset
|
44 ``` |
|
2411
e327b06b9a1b
mod_track_muc_joins/README: Mention how the 210 status code for when the room rewrites the users nickname is not yet handled
Kim Alvefur <zash@zash.se>
parents:
2409
diff
changeset
|
45 |
|
e327b06b9a1b
mod_track_muc_joins/README: Mention how the 210 status code for when the room rewrites the users nickname is not yet handled
Kim Alvefur <zash@zash.se>
parents:
2409
diff
changeset
|
46 # Known issues |
|
e327b06b9a1b
mod_track_muc_joins/README: Mention how the 210 status code for when the room rewrites the users nickname is not yet handled
Kim Alvefur <zash@zash.se>
parents:
2409
diff
changeset
|
47 |
|
e327b06b9a1b
mod_track_muc_joins/README: Mention how the 210 status code for when the room rewrites the users nickname is not yet handled
Kim Alvefur <zash@zash.se>
parents:
2409
diff
changeset
|
48 [XEP 45 ยง 7.2.3 Presence Broadcast][enter-pres] has the following text: |
|
e327b06b9a1b
mod_track_muc_joins/README: Mention how the 210 status code for when the room rewrites the users nickname is not yet handled
Kim Alvefur <zash@zash.se>
parents:
2409
diff
changeset
|
49 |
|
e327b06b9a1b
mod_track_muc_joins/README: Mention how the 210 status code for when the room rewrites the users nickname is not yet handled
Kim Alvefur <zash@zash.se>
parents:
2409
diff
changeset
|
50 > In particular, if roomnicks are locked down then the service MUST do |
|
e327b06b9a1b
mod_track_muc_joins/README: Mention how the 210 status code for when the room rewrites the users nickname is not yet handled
Kim Alvefur <zash@zash.se>
parents:
2409
diff
changeset
|
51 > one of the following. |
|
e327b06b9a1b
mod_track_muc_joins/README: Mention how the 210 status code for when the room rewrites the users nickname is not yet handled
Kim Alvefur <zash@zash.se>
parents:
2409
diff
changeset
|
52 > |
|
e327b06b9a1b
mod_track_muc_joins/README: Mention how the 210 status code for when the room rewrites the users nickname is not yet handled
Kim Alvefur <zash@zash.se>
parents:
2409
diff
changeset
|
53 > \[...\] |
|
e327b06b9a1b
mod_track_muc_joins/README: Mention how the 210 status code for when the room rewrites the users nickname is not yet handled
Kim Alvefur <zash@zash.se>
parents:
2409
diff
changeset
|
54 > |
|
e327b06b9a1b
mod_track_muc_joins/README: Mention how the 210 status code for when the room rewrites the users nickname is not yet handled
Kim Alvefur <zash@zash.se>
parents:
2409
diff
changeset
|
55 > If the user has connected using a MUC client (...), then the service |
|
e327b06b9a1b
mod_track_muc_joins/README: Mention how the 210 status code for when the room rewrites the users nickname is not yet handled
Kim Alvefur <zash@zash.se>
parents:
2409
diff
changeset
|
56 > MUST allow the client to enter the room, modify the nick in accordance |
|
e327b06b9a1b
mod_track_muc_joins/README: Mention how the 210 status code for when the room rewrites the users nickname is not yet handled
Kim Alvefur <zash@zash.se>
parents:
2409
diff
changeset
|
57 > with the lockdown policy, and **include a status code of "210"** in |
|
e327b06b9a1b
mod_track_muc_joins/README: Mention how the 210 status code for when the room rewrites the users nickname is not yet handled
Kim Alvefur <zash@zash.se>
parents:
2409
diff
changeset
|
58 > the presence broadcast that it sends to the new occupant. |
|
e327b06b9a1b
mod_track_muc_joins/README: Mention how the 210 status code for when the room rewrites the users nickname is not yet handled
Kim Alvefur <zash@zash.se>
parents:
2409
diff
changeset
|
59 |
|
e327b06b9a1b
mod_track_muc_joins/README: Mention how the 210 status code for when the room rewrites the users nickname is not yet handled
Kim Alvefur <zash@zash.se>
parents:
2409
diff
changeset
|
60 This case is not yet handled. |
|
e327b06b9a1b
mod_track_muc_joins/README: Mention how the 210 status code for when the room rewrites the users nickname is not yet handled
Kim Alvefur <zash@zash.se>
parents:
2409
diff
changeset
|
61 |
|
e327b06b9a1b
mod_track_muc_joins/README: Mention how the 210 status code for when the room rewrites the users nickname is not yet handled
Kim Alvefur <zash@zash.se>
parents:
2409
diff
changeset
|
62 [enter-pres]: http://xmpp.org/extensions/xep-0045.html#enter-pres |