annotate mod_auto_activate_hosts/mod_auto_activate_hosts.lua @ 5616:59d5fc50f602

mod_http_oauth2: Implement refresh token rotation Makes refresh tokens one-time-use, handing out a new refresh token with each access token. Thus if a refresh token is stolen and used by an attacker, the next time the legitimate client tries to use the previous refresh token, it will not work and the attack will be noticed. If the attacker does not use the refresh token, it becomes invalid after the legitimate client uses it. This behavior is recommended by draft-ietf-oauth-security-topics
author Kim Alvefur <zash@zash.se>
date Sun, 23 Jul 2023 02:56:08 +0200
parents 8b7bca07f5c0
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1006
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1 module:set_global();
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
2
1818
8b7bca07f5c0 mod_auto_activate_hosts: Import hostmanager (thanks mt)
Kim Alvefur <zash@zash.se>
parents: 1343
diff changeset
3 local hostmanager = require"core.hostmanager";
8b7bca07f5c0 mod_auto_activate_hosts: Import hostmanager (thanks mt)
Kim Alvefur <zash@zash.se>
parents: 1343
diff changeset
4
1006
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
5 local array = require "util.array";
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
6 local set = require "util.set";
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
7 local it = require "util.iterators";
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
8 local config = require "core.configmanager";
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
9
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
10 local function host_not_global(host)
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
11 return host ~= "*";
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
12 end
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
13
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
14 local function host_is_enabled(host)
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
15 return config.get(host, "enabled") ~= false;
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
16 end
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
17
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
18 function handle_reload()
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
19 local new_config = config.getconfig();
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
20 local active_hosts = set.new(array.collect(it.keys(prosody.hosts)):filter(host_not_global));
1013
8285c3502100 mod_auto_activate_hosts: Don't activate * when the config is reloaded
Matthew Wild <mwild1@gmail.com>
parents: 1006
diff changeset
21 local enabled_hosts = set.new(array.collect(it.keys(new_config)):filter(host_is_enabled):filter(host_not_global));
1006
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
22 local need_to_activate = enabled_hosts - active_hosts;
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
23 local need_to_deactivate = active_hosts - enabled_hosts;
1343
7dbde05b48a9 all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 1013
diff changeset
24
1006
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
25 module:log("debug", "Config reloaded... %d hosts need activating, and %d hosts need deactivating", it.count(need_to_activate), it.count(need_to_deactivate));
1343
7dbde05b48a9 all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 1013
diff changeset
26 module:log("debug", "There are %d enabled and %d active hosts", it.count(enabled_hosts), it.count(active_hosts));
1006
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
27 for host in need_to_deactivate do
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
28 hostmanager.deactivate(host);
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
29 end
1343
7dbde05b48a9 all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 1013
diff changeset
30
1006
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
31 -- If the lazy loader is loaded, hosts will get activated when they are needed
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
32 if not(getmetatable(prosody.hosts) and getmetatable(prosody.hosts).lazy_loader) then
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
33 for host in need_to_activate do
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
34 hostmanager.activate(host);
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
35 end
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
36 end
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
37 end
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
38
9c88960b0f81 mod_auto_activate_hosts: Automatically activate and deactivate hosts when they are added/removed from the config
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
39 module:hook_global("config-reloaded", handle_reload);