annotate mod_groups_shell/mod_groups_shell.lua @ 5616:59d5fc50f602

mod_http_oauth2: Implement refresh token rotation Makes refresh tokens one-time-use, handing out a new refresh token with each access token. Thus if a refresh token is stolen and used by an attacker, the next time the legitimate client tries to use the previous refresh token, it will not work and the attack will be noticed. If the attacker does not use the refresh token, it becomes invalid after the legitimate client uses it. This behavior is recommended by draft-ietf-oauth-security-topics
author Kim Alvefur <zash@zash.se>
date Sun, 23 Jul 2023 02:56:08 +0200
parents 8b69e0b56db2
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
4431
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
1 module:set_global()
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
2
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
3 local modulemanager = require "core.modulemanager";
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
4
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
5 local shell_env = module:shared("/*/admin_shell/env")
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
6
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
7 shell_env.groups = {};
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
8
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
9 function shell_env.groups:sync_group(host, group_id)
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
10 local print = self.session.print;
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
11
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
12 if not host then
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
13 return false, "host not given"
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
14 end
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
15
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
16 local mod_groups = modulemanager.get_module(host, "groups_internal")
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
17 if not mod_groups then
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
18 return false, host .. " does not have mod_groups_internal loaded"
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
19 end
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
20
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
21 if not group_id then
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
22 return false, "group id not given"
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
23 end
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
24
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
25 local ok, err = mod_groups.emit_member_events(group_id)
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
26 if ok then
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
27 return true, "Synchronised members"
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
28 else
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
29 return ok, err
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
30 end
8b69e0b56db2 mod_groups_shell: add an admin shell command for updating bookmarks
Jonas Schäfer <jonas@wielicki.name>
parents:
diff changeset
31 end