annotate mod_unified_push/mod_unified_push.lua @ 5151:514c8a0e9aa1

mod_unified_push: Fix default ACL in component mode
author Matthew Wild <mwild1@gmail.com>
date Sat, 14 Jan 2023 16:14:50 +0000
parents 2b6c543c4d3a
children 342baedbd1c8
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
5128
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1 local unified_push_secret = assert(module:get_option_string("unified_push_secret"), "required option: unified_push_secret");
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
2 local push_registration_ttl = module:get_option_number("unified_push_registration_ttl", 86400);
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
3
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
4 local base64 = require "util.encodings".base64;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
5 local datetime = require "util.datetime";
5136
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
6 local id = require "util.id";
5148
bf42f1401f1c mod_unified_push: Refactor in anticipation of other registration backends
Matthew Wild <mwild1@gmail.com>
parents: 5147
diff changeset
7 local jid = require "util.jid";
5139
449e4ca4de32 mod_unified_push: Remove dependency on trunk util.jwt (0.12 compat)
Matthew Wild <mwild1@gmail.com>
parents: 5136
diff changeset
8 local jwt = require "util.jwt";
5128
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
9 local st = require "util.stanza";
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
10 local urlencode = require "util.http".urlencode;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
11
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
12 local xmlns_up = "http://gultsch.de/xmpp/drafts/unified-push";
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
13
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
14 module:depends("http");
5136
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
15 module:depends("disco");
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
16
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
17 module:add_feature(xmlns_up);
5128
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
18
5147
658658ea9323 mod_unified_push: Add ACL option to restrict access
Matthew Wild <mwild1@gmail.com>
parents: 5146
diff changeset
19 local acl = module:get_option_set("unified_push_acl", {
5151
514c8a0e9aa1 mod_unified_push: Fix default ACL in component mode
Matthew Wild <mwild1@gmail.com>
parents: 5150
diff changeset
20 module:get_host_type() == "local" and module.host or module.host:match("^[^%.]+%.(.+)$")
5147
658658ea9323 mod_unified_push: Add ACL option to restrict access
Matthew Wild <mwild1@gmail.com>
parents: 5146
diff changeset
21 });
658658ea9323 mod_unified_push: Add ACL option to restrict access
Matthew Wild <mwild1@gmail.com>
parents: 5146
diff changeset
22
658658ea9323 mod_unified_push: Add ACL option to restrict access
Matthew Wild <mwild1@gmail.com>
parents: 5146
diff changeset
23 local function is_jid_permitted(user_jid)
658658ea9323 mod_unified_push: Add ACL option to restrict access
Matthew Wild <mwild1@gmail.com>
parents: 5146
diff changeset
24 for acl_entry in acl do
658658ea9323 mod_unified_push: Add ACL option to restrict access
Matthew Wild <mwild1@gmail.com>
parents: 5146
diff changeset
25 if jid.compare(user_jid, acl_entry) then
658658ea9323 mod_unified_push: Add ACL option to restrict access
Matthew Wild <mwild1@gmail.com>
parents: 5146
diff changeset
26 return true;
658658ea9323 mod_unified_push: Add ACL option to restrict access
Matthew Wild <mwild1@gmail.com>
parents: 5146
diff changeset
27 end
658658ea9323 mod_unified_push: Add ACL option to restrict access
Matthew Wild <mwild1@gmail.com>
parents: 5146
diff changeset
28 end
658658ea9323 mod_unified_push: Add ACL option to restrict access
Matthew Wild <mwild1@gmail.com>
parents: 5146
diff changeset
29 return false;
658658ea9323 mod_unified_push: Add ACL option to restrict access
Matthew Wild <mwild1@gmail.com>
parents: 5146
diff changeset
30 end
658658ea9323 mod_unified_push: Add ACL option to restrict access
Matthew Wild <mwild1@gmail.com>
parents: 5146
diff changeset
31
5128
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
32 local function check_sha256(s)
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
33 if not s then return nil, "no value provided"; end
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
34 local d = base64.decode(s);
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
35 if not d then return nil, "invalid base64"; end
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
36 if #d ~= 32 then return nil, "incorrect decoded length, expected 32"; end
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
37 return s;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
38 end
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
39
5149
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
40 local push_store = module:open_store();
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
41
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
42 local backends = {
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
43 jwt = {
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
44 sign = function (data)
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
45 return jwt.sign(unified_push_secret, data);
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
46 end;
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
47
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
48 verify = function (token)
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
49 local ok, result = jwt.verify(unified_push_secret, token);
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
50
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
51 if not ok then
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
52 return ok, result;
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
53 end
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
54 if result.exp and result.exp < os.time() then
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
55 return nil, "token-expired";
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
56 end
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
57 return ok, result;
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
58 end;
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
59 };
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
60
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
61 storage = {
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
62 sign = function (data)
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
63 local reg_id = id.long();
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
64 local user, host = jid.split(data.sub);
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
65 if host ~= module.host or not user then
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
66 return;
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
67 end
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
68 push_store:set(reg_id, data);
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
69 return reg_id;
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
70 end;
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
71 verify = function (token)
5150
2b6c543c4d3a mod_unified_push: Fixes for paseto backend initialization
Matthew Wild <mwild1@gmail.com>
parents: 5149
diff changeset
72 if token == "_private" then return nil, "invalid-token"; end
5149
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
73 local data = push_store:get(token);
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
74 if not data then
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
75 return nil, "item-not-found";
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
76 elseif data.exp and data.exp < os.time() then
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
77 push_store:set(token, nil);
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
78 return nil, "token-expired";
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
79 end
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
80 return data;
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
81 end;
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
82 };
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
83 };
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
84
5150
2b6c543c4d3a mod_unified_push: Fixes for paseto backend initialization
Matthew Wild <mwild1@gmail.com>
parents: 5149
diff changeset
85 if pcall(require, "util.paseto") and require "util.paseto".v3_local then
2b6c543c4d3a mod_unified_push: Fixes for paseto backend initialization
Matthew Wild <mwild1@gmail.com>
parents: 5149
diff changeset
86 local paseto = require "util.paseto".v3_local;
2b6c543c4d3a mod_unified_push: Fixes for paseto backend initialization
Matthew Wild <mwild1@gmail.com>
parents: 5149
diff changeset
87 local state = push_store:get("_private");
2b6c543c4d3a mod_unified_push: Fixes for paseto backend initialization
Matthew Wild <mwild1@gmail.com>
parents: 5149
diff changeset
88 local key = state and state.paseto_v3_local_key;
2b6c543c4d3a mod_unified_push: Fixes for paseto backend initialization
Matthew Wild <mwild1@gmail.com>
parents: 5149
diff changeset
89 if not key then
2b6c543c4d3a mod_unified_push: Fixes for paseto backend initialization
Matthew Wild <mwild1@gmail.com>
parents: 5149
diff changeset
90 key = paseto.new_key();
2b6c543c4d3a mod_unified_push: Fixes for paseto backend initialization
Matthew Wild <mwild1@gmail.com>
parents: 5149
diff changeset
91 push_store:set("_private", { paseto_v3_local_key = key });
2b6c543c4d3a mod_unified_push: Fixes for paseto backend initialization
Matthew Wild <mwild1@gmail.com>
parents: 5149
diff changeset
92 end
2b6c543c4d3a mod_unified_push: Fixes for paseto backend initialization
Matthew Wild <mwild1@gmail.com>
parents: 5149
diff changeset
93 local sign, verify = paseto.init(key);
5149
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
94 backends.paseto = { sign = sign, verify = verify };
5139
449e4ca4de32 mod_unified_push: Remove dependency on trunk util.jwt (0.12 compat)
Matthew Wild <mwild1@gmail.com>
parents: 5136
diff changeset
95 end
449e4ca4de32 mod_unified_push: Remove dependency on trunk util.jwt (0.12 compat)
Matthew Wild <mwild1@gmail.com>
parents: 5136
diff changeset
96
5149
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
97 local backend = module:get_option_string("unified_push_backend", backends.paseto and "paseto" or "storage");
5139
449e4ca4de32 mod_unified_push: Remove dependency on trunk util.jwt (0.12 compat)
Matthew Wild <mwild1@gmail.com>
parents: 5136
diff changeset
98
5148
bf42f1401f1c mod_unified_push: Refactor in anticipation of other registration backends
Matthew Wild <mwild1@gmail.com>
parents: 5147
diff changeset
99 local function register_route(params)
bf42f1401f1c mod_unified_push: Refactor in anticipation of other registration backends
Matthew Wild <mwild1@gmail.com>
parents: 5147
diff changeset
100 local expiry = os.time() + push_registration_ttl;
5149
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
101 local token = backends[backend].sign({
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
102 instance = params.instance;
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
103 application = params.application;
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
104 sub = params.jid;
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
105 exp = expiry;
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
106 });
5148
bf42f1401f1c mod_unified_push: Refactor in anticipation of other registration backends
Matthew Wild <mwild1@gmail.com>
parents: 5147
diff changeset
107 return {
5149
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
108 url = module:http_url("push").."/"..urlencode(token);
5148
bf42f1401f1c mod_unified_push: Refactor in anticipation of other registration backends
Matthew Wild <mwild1@gmail.com>
parents: 5147
diff changeset
109 expiry = expiry;
bf42f1401f1c mod_unified_push: Refactor in anticipation of other registration backends
Matthew Wild <mwild1@gmail.com>
parents: 5147
diff changeset
110 };
bf42f1401f1c mod_unified_push: Refactor in anticipation of other registration backends
Matthew Wild <mwild1@gmail.com>
parents: 5147
diff changeset
111 end
bf42f1401f1c mod_unified_push: Refactor in anticipation of other registration backends
Matthew Wild <mwild1@gmail.com>
parents: 5147
diff changeset
112
5128
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
113 -- Handle incoming registration from XMPP client
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
114 function handle_register(event)
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
115 local origin, stanza = event.origin, event.stanza;
5147
658658ea9323 mod_unified_push: Add ACL option to restrict access
Matthew Wild <mwild1@gmail.com>
parents: 5146
diff changeset
116 if not is_jid_permitted(stanza.attr.from) then
658658ea9323 mod_unified_push: Add ACL option to restrict access
Matthew Wild <mwild1@gmail.com>
parents: 5146
diff changeset
117 return st.error_reply(stanza, "auth", "forbidden");
658658ea9323 mod_unified_push: Add ACL option to restrict access
Matthew Wild <mwild1@gmail.com>
parents: 5146
diff changeset
118 end
5128
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
119 local instance, instance_err = check_sha256(stanza.tags[1].attr.instance);
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
120 if not instance then
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
121 return st.error_reply(stanza, "modify", "bad-request", "instance: "..instance_err);
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
122 end
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
123 local application, application_err = check_sha256(stanza.tags[1].attr.application);
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
124 if not application then
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
125 return st.error_reply(stanza, "modify", "bad-request", "application: "..application_err);
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
126 end
5148
bf42f1401f1c mod_unified_push: Refactor in anticipation of other registration backends
Matthew Wild <mwild1@gmail.com>
parents: 5147
diff changeset
127 local route = register_route({
5128
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
128 instance = instance;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
129 application = application;
5148
bf42f1401f1c mod_unified_push: Refactor in anticipation of other registration backends
Matthew Wild <mwild1@gmail.com>
parents: 5147
diff changeset
130 jid = stanza.attr.from;
bf42f1401f1c mod_unified_push: Refactor in anticipation of other registration backends
Matthew Wild <mwild1@gmail.com>
parents: 5147
diff changeset
131 });
bf42f1401f1c mod_unified_push: Refactor in anticipation of other registration backends
Matthew Wild <mwild1@gmail.com>
parents: 5147
diff changeset
132
bf42f1401f1c mod_unified_push: Refactor in anticipation of other registration backends
Matthew Wild <mwild1@gmail.com>
parents: 5147
diff changeset
133 if not route then
bf42f1401f1c mod_unified_push: Refactor in anticipation of other registration backends
Matthew Wild <mwild1@gmail.com>
parents: 5147
diff changeset
134 return st.error_reply(stanza, "wait", "internal-server-error");
bf42f1401f1c mod_unified_push: Refactor in anticipation of other registration backends
Matthew Wild <mwild1@gmail.com>
parents: 5147
diff changeset
135 end
bf42f1401f1c mod_unified_push: Refactor in anticipation of other registration backends
Matthew Wild <mwild1@gmail.com>
parents: 5147
diff changeset
136
5128
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
137 module:log("debug", "New push registration successful");
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
138 return origin.send(st.reply(stanza):tag("registered", {
5148
bf42f1401f1c mod_unified_push: Refactor in anticipation of other registration backends
Matthew Wild <mwild1@gmail.com>
parents: 5147
diff changeset
139 expiration = datetime.datetime(route.expiry);
bf42f1401f1c mod_unified_push: Refactor in anticipation of other registration backends
Matthew Wild <mwild1@gmail.com>
parents: 5147
diff changeset
140 endpoint = route.url;
5128
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
141 xmlns = xmlns_up;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
142 }));
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
143 end
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
144
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
145 module:hook("iq-set/host/"..xmlns_up..":register", handle_register);
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
146
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
147 -- Handle incoming POST
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
148 function handle_push(event, subpath)
5136
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
149 module:log("debug", "Incoming push received!");
5149
fa56ed2bacab mod_unified_push: Add support for multiple token backends, including stoage
Matthew Wild <mwild1@gmail.com>
parents: 5148
diff changeset
150 local ok, data = backends[backend].verify(subpath);
5136
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
151 if not ok then
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
152 module:log("debug", "Received push to unacceptable token (%s)", data);
5128
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
153 return 404;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
154 end
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
155 local payload = event.request.body;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
156 if not payload or payload == "" then
5136
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
157 module:log("warn", "Missing or empty push payload");
5128
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
158 return 400;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
159 elseif #payload > 4096 then
5136
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
160 module:log("warn", "Push payload too large");
5128
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
161 return 413;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
162 end
5136
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
163 local push_id = event.request.id or id.short();
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
164 module:log("debug", "Push notification received [%s], relaying to device...", push_id);
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
165 local push_iq = st.iq({ type = "set", to = data.sub, from = module.host, id = push_id })
5128
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
166 :text_tag("push", base64.encode(payload), { instance = data.instance, application = data.application, xmlns = xmlns_up });
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
167 return module:send_iq(push_iq):next(function ()
5136
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
168 module:log("debug", "Push notification delivered [%s]", push_id);
5128
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
169 return 201;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
170 end, function (error_event)
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
171 local e_type, e_cond, e_text = error_event.stanza:get_error();
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
172 if e_cond == "item-not-found" or e_cond == "feature-not-implemented" then
5136
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
173 module:log("debug", "Push rejected [%s]", push_id);
5128
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
174 return 404;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
175 elseif e_cond == "service-unavailable" or e_cond == "recipient-unavailable" then
5136
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
176 module:log("debug", "Recipient temporarily unavailable [%s]", push_id);
5128
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
177 return 503;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
178 end
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
179 module:log("warn", "Unexpected push error response: %s/%s/%s", e_type, e_cond, e_text);
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
180 return 500;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
181 end);
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
182 end
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
183
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
184 module:provides("http", {
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
185 name = "push";
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
186 route = {
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
187 ["GET /*"] = function (event)
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
188 event.response.headers.content_type = "application/json";
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
189 return [[{"unifiedpush":{"version":1}}]];
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
190 end;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
191 ["POST /*"] = handle_push;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
192 };
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
193 });