Mercurial > prosody-modules
annotate mod_alias/mod_alias.lua @ 5616:59d5fc50f602
mod_http_oauth2: Implement refresh token rotation
Makes refresh tokens one-time-use, handing out a new refresh token with
each access token. Thus if a refresh token is stolen and used by an
attacker, the next time the legitimate client tries to use the previous
refresh token, it will not work and the attack will be noticed. If the
attacker does not use the refresh token, it becomes invalid after the
legitimate client uses it.
This behavior is recommended by draft-ietf-oauth-security-topics
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sun, 23 Jul 2023 02:56:08 +0200 |
parents | 65082d91950e |
children |
rev | line source |
---|---|
1953
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
1 -- Copyright (C) 2015 Travis Burtrum |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
2 -- This file is MIT/X11 licensed. |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
3 |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
4 -- set like so in prosody config, works on full or bare jids, or hosts: |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
5 --aliases = { |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
6 -- ["old@example.net"] = "new@example.net"; |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
7 -- ["you@example.com"] = "you@example.net"; |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
8 -- ["conference.example.com"] = "conference.example.net"; |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
9 --} |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
10 |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
11 local aliases = module:get_option("aliases", {}); |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
12 local alias_response = module:get_option("alias_response", "User $alias can be contacted at $target"); |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
13 |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
14 local st = require "util.stanza"; |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
15 |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
16 function handle_alias(event) |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
17 |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
18 if event.stanza.attr.type ~= "error" then |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
19 local alias = event.stanza.attr.to; |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
20 local target = aliases[alias]; |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
21 if target then |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
22 local replacements = { |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
23 alias = alias, |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
24 target = target |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
25 }; |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
26 local error_message = alias_response:gsub("%$([%w_]+)", function (v) |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
27 return replacements[v] or nil; |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
28 end); |
2887
65082d91950e
Many modules: Simplify st.message(…):tag("body"):text(…):up() into st.message(…, …)
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
1953
diff
changeset
|
29 local message = st.message({ type = "chat", from = alias, to = event.stanza.attr.from }, error_message); |
1953
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
30 module:send(message); |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
31 return event.origin.send(st.error_reply(event.stanza, "cancel", "gone", error_message)); |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
32 end |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
33 end |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
34 |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
35 end |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
36 |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
37 module:hook("message/bare", handle_alias, 300); |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
38 module:hook("message/full", handle_alias, 300); |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
39 module:hook("message/host", handle_alias, 300); |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
40 |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
41 module:hook("presence/bare", handle_alias, 300); |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
42 module:hook("presence/full", handle_alias, 300); |
0c3ba5ff7a3b
mod_alias: New alias module
moparisthebest <admin@moparisthebest.com>
parents:
diff
changeset
|
43 module:hook("presence/host", handle_alias, 300); |