Mercurial > prosody-modules
annotate mod_muc_occupant_id/mod_muc_occupant_id.lua @ 5477:5986e0edd7a3
mod_http_oauth2: Use validated redirect URI when returning errors to client
Parsing it from the query again without the validation done by
get_redirect_uri() may lead to open redirect issues.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Thu, 18 May 2023 14:17:58 +0200 |
parents | ae27f3359df8 |
children |
rev | line source |
---|---|
3629
cfe0907808e1
mod_muc_occupant_id: initial commit
Maxime “pep” Buquet <pep@bouah.net>
parents:
diff
changeset
|
1 |
3631
d6164ae6179c
mod_muc_occupant_id: Update links to the XEP inbox.
Maxime “pep” Buquet <pep@bouah.net>
parents:
3630
diff
changeset
|
2 -- Implementation of https://xmpp.org/extensions/inbox/occupant-id.html |
3654
7b02b8de6d27
mod_muc_occupant_id: Update XEP number (XEP-0421)
Maxime “pep” Buquet <pep@bouah.net>
parents:
3632
diff
changeset
|
3 -- XEP-0421: Anonymous unique occupant identifiers for MUCs |
3629
cfe0907808e1
mod_muc_occupant_id: initial commit
Maxime “pep” Buquet <pep@bouah.net>
parents:
diff
changeset
|
4 |
3632
83a68f5fde1d
mod_muc_occupant_id: depend on muc.
Maxime “pep” Buquet <pep@bouah.net>
parents:
3631
diff
changeset
|
5 module:depends("muc"); |
83a68f5fde1d
mod_muc_occupant_id: depend on muc.
Maxime “pep” Buquet <pep@bouah.net>
parents:
3631
diff
changeset
|
6 |
3629
cfe0907808e1
mod_muc_occupant_id: initial commit
Maxime “pep” Buquet <pep@bouah.net>
parents:
diff
changeset
|
7 local uuid = require "util.uuid"; |
cfe0907808e1
mod_muc_occupant_id: initial commit
Maxime “pep” Buquet <pep@bouah.net>
parents:
diff
changeset
|
8 local hmac_sha256 = require "util.hashes".hmac_sha256; |
cfe0907808e1
mod_muc_occupant_id: initial commit
Maxime “pep” Buquet <pep@bouah.net>
parents:
diff
changeset
|
9 local b64encode = require "util.encodings".base64.encode; |
cfe0907808e1
mod_muc_occupant_id: initial commit
Maxime “pep” Buquet <pep@bouah.net>
parents:
diff
changeset
|
10 |
cfe0907808e1
mod_muc_occupant_id: initial commit
Maxime “pep” Buquet <pep@bouah.net>
parents:
diff
changeset
|
11 local xmlns_occupant_id = "urn:xmpp:occupant-id:0"; |
cfe0907808e1
mod_muc_occupant_id: initial commit
Maxime “pep” Buquet <pep@bouah.net>
parents:
diff
changeset
|
12 |
3829
f20a5d28910f
mod_muc_occupant_id: Ensure occupants have a generated id
Maxime “pep” Buquet <pep@bouah.net>
parents:
3775
diff
changeset
|
13 local function generate_id(occupant, room) |
3629
cfe0907808e1
mod_muc_occupant_id: initial commit
Maxime “pep” Buquet <pep@bouah.net>
parents:
diff
changeset
|
14 local bare = occupant.bare_jid; |
cfe0907808e1
mod_muc_occupant_id: initial commit
Maxime “pep” Buquet <pep@bouah.net>
parents:
diff
changeset
|
15 |
cfe0907808e1
mod_muc_occupant_id: initial commit
Maxime “pep” Buquet <pep@bouah.net>
parents:
diff
changeset
|
16 if room._data.occupant_id_salt == nil then |
3834
2f189f022b84
mod_muc_occupant_id: Simplify handling of occupants (all into one function)
Maxime “pep” Buquet <pep@bouah.net>
parents:
3831
diff
changeset
|
17 room._data.occupant_id_salt = uuid.generate(); |
3629
cfe0907808e1
mod_muc_occupant_id: initial commit
Maxime “pep” Buquet <pep@bouah.net>
parents:
diff
changeset
|
18 end |
cfe0907808e1
mod_muc_occupant_id: initial commit
Maxime “pep” Buquet <pep@bouah.net>
parents:
diff
changeset
|
19 |
4010
ae27f3359df8
mod_muc_occupant_id: Don't store occupant-ids.
Maxime “pep” Buquet <pep@bouah.net>
parents:
3945
diff
changeset
|
20 -- XXX: Temporary not-so-important migration measure. Remove this next time |
ae27f3359df8
mod_muc_occupant_id: Don't store occupant-ids.
Maxime “pep” Buquet <pep@bouah.net>
parents:
3945
diff
changeset
|
21 -- somebody looks at it. This module used to store every participant's |
ae27f3359df8
mod_muc_occupant_id: Don't store occupant-ids.
Maxime “pep” Buquet <pep@bouah.net>
parents:
3945
diff
changeset
|
22 -- occupant-id all the time forever. |
ae27f3359df8
mod_muc_occupant_id: Don't store occupant-ids.
Maxime “pep” Buquet <pep@bouah.net>
parents:
3945
diff
changeset
|
23 room._data.occupant_ids = nil; |
3834
2f189f022b84
mod_muc_occupant_id: Simplify handling of occupants (all into one function)
Maxime “pep” Buquet <pep@bouah.net>
parents:
3831
diff
changeset
|
24 |
4010
ae27f3359df8
mod_muc_occupant_id: Don't store occupant-ids.
Maxime “pep” Buquet <pep@bouah.net>
parents:
3945
diff
changeset
|
25 return b64encode(hmac_sha256(bare, room._data.occupant_id_salt)); |
3829
f20a5d28910f
mod_muc_occupant_id: Ensure occupants have a generated id
Maxime “pep” Buquet <pep@bouah.net>
parents:
3775
diff
changeset
|
26 end |
f20a5d28910f
mod_muc_occupant_id: Ensure occupants have a generated id
Maxime “pep” Buquet <pep@bouah.net>
parents:
3775
diff
changeset
|
27 |
3834
2f189f022b84
mod_muc_occupant_id: Simplify handling of occupants (all into one function)
Maxime “pep” Buquet <pep@bouah.net>
parents:
3831
diff
changeset
|
28 local function update_occupant(event) |
3916
f1e28dcb3791
mod_muc_occupant_id: Ensure id is added to self-presences, nick changes, etc.
Maxime “pep” Buquet <pep@bouah.net>
parents:
3904
diff
changeset
|
29 local stanza, room, occupant, dest_occupant = event.stanza, event.room, event.occupant, event.dest_occupant; |
f1e28dcb3791
mod_muc_occupant_id: Ensure id is added to self-presences, nick changes, etc.
Maxime “pep” Buquet <pep@bouah.net>
parents:
3904
diff
changeset
|
30 |
f1e28dcb3791
mod_muc_occupant_id: Ensure id is added to self-presences, nick changes, etc.
Maxime “pep” Buquet <pep@bouah.net>
parents:
3904
diff
changeset
|
31 -- "muc-occupant-pre-change" provides "dest_occupant" but not "occupant". |
f1e28dcb3791
mod_muc_occupant_id: Ensure id is added to self-presences, nick changes, etc.
Maxime “pep” Buquet <pep@bouah.net>
parents:
3904
diff
changeset
|
32 if dest_occupant ~= nil then |
f1e28dcb3791
mod_muc_occupant_id: Ensure id is added to self-presences, nick changes, etc.
Maxime “pep” Buquet <pep@bouah.net>
parents:
3904
diff
changeset
|
33 occupant = dest_occupant; |
f1e28dcb3791
mod_muc_occupant_id: Ensure id is added to self-presences, nick changes, etc.
Maxime “pep” Buquet <pep@bouah.net>
parents:
3904
diff
changeset
|
34 end |
3670
6a437d6eb69f
mod_muc_occupant_id: add TODO regarding MAM handling
Maxime “pep” Buquet <pep@bouah.net>
parents:
3654
diff
changeset
|
35 |
3629
cfe0907808e1
mod_muc_occupant_id: initial commit
Maxime “pep” Buquet <pep@bouah.net>
parents:
diff
changeset
|
36 -- strip any existing <occupant-id/> tags to avoid forgery |
cfe0907808e1
mod_muc_occupant_id: initial commit
Maxime “pep” Buquet <pep@bouah.net>
parents:
diff
changeset
|
37 stanza:remove_children("occupant-id", xmlns_occupant_id); |
cfe0907808e1
mod_muc_occupant_id: initial commit
Maxime “pep” Buquet <pep@bouah.net>
parents:
diff
changeset
|
38 |
3834
2f189f022b84
mod_muc_occupant_id: Simplify handling of occupants (all into one function)
Maxime “pep” Buquet <pep@bouah.net>
parents:
3831
diff
changeset
|
39 local unique_id = generate_id(occupant, room); |
3904
d14fc974efbc
mod_muc_occupant_id: id is an attribute not a text node
Maxime “pep” Buquet <pep@bouah.net>
parents:
3837
diff
changeset
|
40 stanza:tag("occupant-id", { xmlns = xmlns_occupant_id, id = unique_id }):up(); |
3629
cfe0907808e1
mod_muc_occupant_id: initial commit
Maxime “pep” Buquet <pep@bouah.net>
parents:
diff
changeset
|
41 end |
cfe0907808e1
mod_muc_occupant_id: initial commit
Maxime “pep” Buquet <pep@bouah.net>
parents:
diff
changeset
|
42 |
3945
cf682a02b6d8
mod_muc_occupant_id: Handle MUC-PMs
Maxime “pep” Buquet <pep@bouah.net>
parents:
3916
diff
changeset
|
43 local function muc_private(event) |
cf682a02b6d8
mod_muc_occupant_id: Handle MUC-PMs
Maxime “pep” Buquet <pep@bouah.net>
parents:
3916
diff
changeset
|
44 local stanza, room = event.stanza, event.room; |
cf682a02b6d8
mod_muc_occupant_id: Handle MUC-PMs
Maxime “pep” Buquet <pep@bouah.net>
parents:
3916
diff
changeset
|
45 local occupant = room._occupants[stanza.attr.from]; |
cf682a02b6d8
mod_muc_occupant_id: Handle MUC-PMs
Maxime “pep” Buquet <pep@bouah.net>
parents:
3916
diff
changeset
|
46 |
cf682a02b6d8
mod_muc_occupant_id: Handle MUC-PMs
Maxime “pep” Buquet <pep@bouah.net>
parents:
3916
diff
changeset
|
47 update_occupant({ |
cf682a02b6d8
mod_muc_occupant_id: Handle MUC-PMs
Maxime “pep” Buquet <pep@bouah.net>
parents:
3916
diff
changeset
|
48 stanza = stanza, |
cf682a02b6d8
mod_muc_occupant_id: Handle MUC-PMs
Maxime “pep” Buquet <pep@bouah.net>
parents:
3916
diff
changeset
|
49 room = room, |
cf682a02b6d8
mod_muc_occupant_id: Handle MUC-PMs
Maxime “pep” Buquet <pep@bouah.net>
parents:
3916
diff
changeset
|
50 occupant = occupant, |
cf682a02b6d8
mod_muc_occupant_id: Handle MUC-PMs
Maxime “pep” Buquet <pep@bouah.net>
parents:
3916
diff
changeset
|
51 }); |
cf682a02b6d8
mod_muc_occupant_id: Handle MUC-PMs
Maxime “pep” Buquet <pep@bouah.net>
parents:
3916
diff
changeset
|
52 end |
cf682a02b6d8
mod_muc_occupant_id: Handle MUC-PMs
Maxime “pep” Buquet <pep@bouah.net>
parents:
3916
diff
changeset
|
53 |
3629
cfe0907808e1
mod_muc_occupant_id: initial commit
Maxime “pep” Buquet <pep@bouah.net>
parents:
diff
changeset
|
54 module:add_feature(xmlns_occupant_id); |
cfe0907808e1
mod_muc_occupant_id: initial commit
Maxime “pep” Buquet <pep@bouah.net>
parents:
diff
changeset
|
55 module:hook("muc-disco#info", function (event) |
cfe0907808e1
mod_muc_occupant_id: initial commit
Maxime “pep” Buquet <pep@bouah.net>
parents:
diff
changeset
|
56 event.reply:tag("feature", { var = xmlns_occupant_id }):up(); |
cfe0907808e1
mod_muc_occupant_id: initial commit
Maxime “pep” Buquet <pep@bouah.net>
parents:
diff
changeset
|
57 end); |
cfe0907808e1
mod_muc_occupant_id: initial commit
Maxime “pep” Buquet <pep@bouah.net>
parents:
diff
changeset
|
58 |
3835
5258f0afa8b4
mod_muc_occupant_id: Add <occupant-id/> in presence
Maxime “pep” Buquet <pep@bouah.net>
parents:
3834
diff
changeset
|
59 module:hook("muc-broadcast-presence", update_occupant); |
3834
2f189f022b84
mod_muc_occupant_id: Simplify handling of occupants (all into one function)
Maxime “pep” Buquet <pep@bouah.net>
parents:
3831
diff
changeset
|
60 module:hook("muc-occupant-pre-join", update_occupant); |
3916
f1e28dcb3791
mod_muc_occupant_id: Ensure id is added to self-presences, nick changes, etc.
Maxime “pep” Buquet <pep@bouah.net>
parents:
3904
diff
changeset
|
61 module:hook("muc-occupant-pre-change", update_occupant); |
3834
2f189f022b84
mod_muc_occupant_id: Simplify handling of occupants (all into one function)
Maxime “pep” Buquet <pep@bouah.net>
parents:
3831
diff
changeset
|
62 module:hook("muc-occupant-groupchat", update_occupant); |
3945
cf682a02b6d8
mod_muc_occupant_id: Handle MUC-PMs
Maxime “pep” Buquet <pep@bouah.net>
parents:
3916
diff
changeset
|
63 module:hook("muc-private-message", muc_private); |