Mercurial > prosody-modules
annotate mod_auth_http_async/mod_auth_http_async.lua @ 2759:4bf60727459b
mod_delegation: added disco#items:* in doc and changed status to Stage-Beta
author | Goffi <goffi@goffi.org> |
---|---|
date | Wed, 30 Aug 2017 08:20:41 +0200 |
parents | 1d139e33c502 |
children | 39156d6f7268 |
rev | line source |
---|---|
1421
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 -- Prosody IM |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 -- Copyright (C) 2008-2013 Matthew Wild |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 -- Copyright (C) 2008-2013 Waqas Hussain |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 -- Copyright (C) 2014 Kim Alvefur |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 -- |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 -- This project is MIT/X11 licensed. Please see the |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 -- COPYING file in the source package for more information. |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
8 -- |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
9 |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
10 local new_sasl = require "util.sasl".new; |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
11 local base64 = require "util.encodings".base64.encode; |
2159
5e8dec076afc
mod_auth_http_async: Fall back to non-async calling of http_auth_url
JC Brand <jcbrand@minddistrict.com>
parents:
1939
diff
changeset
|
12 local have_async, async = pcall(require, "util.async"); |
1421
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
13 |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
14 local log = module._log; |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
15 local host = module.host; |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
16 |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
17 local api_base = module:get_option_string("http_auth_url", ""):gsub("$host", host); |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
18 if api_base == "" then error("http_auth_url required") end |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
19 |
2629
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
20 local provider = {}; |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
21 |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
22 -- globals required by socket.http |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
23 if rawget(_G, "PROXY") == nil then |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
24 rawset(_G, "PROXY", false) |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
25 end |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
26 if rawget(_G, "base_parsed") == nil then |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
27 rawset(_G, "base_parsed", false) |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
28 end |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
29 |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
30 local function async_http_auth(url, username, password) |
2750
1d139e33c502
mod_auth_http_async: Updated sync_http_auth function to accept username and password and send those as a basic authentication header
Matt Loupe <mloupe2@gmail.com>
parents:
2630
diff
changeset
|
31 module:log("debug", "async_http_auth()"); |
2630
96eb1c4f9ff7
mod_auth_http_async: Use "net.http" for async case.
JC Brand <jc@opkode.com>
parents:
2629
diff
changeset
|
32 local http = require "net.http"; |
2159
5e8dec076afc
mod_auth_http_async: Fall back to non-async calling of http_auth_url
JC Brand <jcbrand@minddistrict.com>
parents:
1939
diff
changeset
|
33 local wait, done = async.waiter(); |
1927
439711709d29
mod_auth_http_async: Wrap up async http request in a function
Kim Alvefur <zash@zash.se>
parents:
1749
diff
changeset
|
34 local content, code, request, response; |
2629
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
35 local ex = { |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
36 headers = { Authorization = "Basic "..base64(username..":"..password); }; |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
37 } |
1930
95bbf3c4aa27
mod_auth_http_async: Don't set global
Kim Alvefur <zash@zash.se>
parents:
1927
diff
changeset
|
38 local function cb(content_, code_, request_, response_) |
1927
439711709d29
mod_auth_http_async: Wrap up async http request in a function
Kim Alvefur <zash@zash.se>
parents:
1749
diff
changeset
|
39 content, code, request, response = content_, code_, request_, response_; |
439711709d29
mod_auth_http_async: Wrap up async http request in a function
Kim Alvefur <zash@zash.se>
parents:
1749
diff
changeset
|
40 done(); |
439711709d29
mod_auth_http_async: Wrap up async http request in a function
Kim Alvefur <zash@zash.se>
parents:
1749
diff
changeset
|
41 end |
1931
bd5412eb0a6d
mod_auth_http_async: Actually do the HTTP request
Kim Alvefur <zash@zash.se>
parents:
1930
diff
changeset
|
42 http.request(url, ex, cb); |
1927
439711709d29
mod_auth_http_async: Wrap up async http request in a function
Kim Alvefur <zash@zash.se>
parents:
1749
diff
changeset
|
43 wait(); |
2629
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
44 if code >= 200 and code <= 299 then |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
45 module:log("debug", "HTTP auth provider confirmed valid password"); |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
46 return true; |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
47 else |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
48 module:log("debug", "HTTP auth provider returned status code %d", code); |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
49 end |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
50 return nil, "Auth failed. Invalid username or password."; |
1927
439711709d29
mod_auth_http_async: Wrap up async http request in a function
Kim Alvefur <zash@zash.se>
parents:
1749
diff
changeset
|
51 end |
439711709d29
mod_auth_http_async: Wrap up async http request in a function
Kim Alvefur <zash@zash.se>
parents:
1749
diff
changeset
|
52 |
2750
1d139e33c502
mod_auth_http_async: Updated sync_http_auth function to accept username and password and send those as a basic authentication header
Matt Loupe <mloupe2@gmail.com>
parents:
2630
diff
changeset
|
53 local function sync_http_auth(url,username, password) |
1d139e33c502
mod_auth_http_async: Updated sync_http_auth function to accept username and password and send those as a basic authentication header
Matt Loupe <mloupe2@gmail.com>
parents:
2630
diff
changeset
|
54 module:log("debug", "sync_http_auth()"); |
2630
96eb1c4f9ff7
mod_auth_http_async: Use "net.http" for async case.
JC Brand <jc@opkode.com>
parents:
2629
diff
changeset
|
55 local http = require "socket.http"; |
96eb1c4f9ff7
mod_auth_http_async: Use "net.http" for async case.
JC Brand <jc@opkode.com>
parents:
2629
diff
changeset
|
56 local https = require "ssl.https"; |
2629
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
57 local request; |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
58 if string.sub(url, 1, string.len('https')) == 'https' then |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
59 request = https.request; |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
60 else |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
61 request = http.request; |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
62 end |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
63 local _, code, headers, status = request{ |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
64 url = url, |
2750
1d139e33c502
mod_auth_http_async: Updated sync_http_auth function to accept username and password and send those as a basic authentication header
Matt Loupe <mloupe2@gmail.com>
parents:
2630
diff
changeset
|
65 headers = { Authorization = "Basic "..base64(username..":"..password); } |
2629
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
66 }; |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
67 if type(code) == "number" and code >= 200 and code <= 299 then |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
68 module:log("debug", "HTTP auth provider confirmed valid password"); |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
69 return true; |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
70 else |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
71 module:log("debug", "HTTP auth provider returned status code: "..code); |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
72 end |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
73 return nil, "Auth failed. Invalid username or password."; |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
74 end |
1421
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
75 |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
76 function provider.test_password(username, password) |
2629
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
77 local url = api_base:gsub("$user", username):gsub("$password", password); |
2442
b2a198665946
mod_auth_http_async: Log URL when testing password
JC Brand <jc@opkode.com>
parents:
2159
diff
changeset
|
78 log("debug", "Testing password for user %s at host %s with URL %s", username, host, url); |
2159
5e8dec076afc
mod_auth_http_async: Fall back to non-async calling of http_auth_url
JC Brand <jcbrand@minddistrict.com>
parents:
1939
diff
changeset
|
79 if (have_async) then |
2629
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
80 return async_http_auth(url, username, password); |
1421
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
81 else |
2750
1d139e33c502
mod_auth_http_async: Updated sync_http_auth function to accept username and password and send those as a basic authentication header
Matt Loupe <mloupe2@gmail.com>
parents:
2630
diff
changeset
|
82 return sync_http_auth(url, username, password); |
1421
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
83 end |
2629
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
84 end |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
85 |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
86 function provider.users() |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
87 return function() |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
88 return nil; |
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
89 end |
1421
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
90 end |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
91 |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
92 function provider.set_password(username, password) |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
93 return nil, "Changing passwords not supported"; |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
94 end |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
95 |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
96 function provider.user_exists(username) |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
97 return true; |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
98 end |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
99 |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
100 function provider.create_user(username, password) |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
101 return nil, "User creation not supported"; |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
102 end |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
103 |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
104 function provider.delete_user(username) |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
105 return nil , "User deletion not supported"; |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
106 end |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
107 |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
108 function provider.get_sasl_handler() |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
109 return new_sasl(host, { |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
110 plain_test = function(sasl, username, password, realm) |
1939
54f9e8663139
mod_auth_http_async: Correctly pass password to provider.test_password (thanks mother)
Kim Alvefur <zash@zash.se>
parents:
1938
diff
changeset
|
111 return provider.test_password(username, password), true; |
1421
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
112 end |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
113 }); |
295c30e44ba8
mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
114 end |
2629
a11568bfaf4c
mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
JC Brand <jc@opkode.com>
parents:
2442
diff
changeset
|
115 |
2750
1d139e33c502
mod_auth_http_async: Updated sync_http_auth function to accept username and password and send those as a basic authentication header
Matt Loupe <mloupe2@gmail.com>
parents:
2630
diff
changeset
|
116 module:provides("auth", provider); |