Mercurial > prosody-modules
annotate mod_http_stats_stream/mod_http_stats_stream.lua @ 5616:59d5fc50f602
mod_http_oauth2: Implement refresh token rotation
Makes refresh tokens one-time-use, handing out a new refresh token with
each access token. Thus if a refresh token is stolen and used by an
attacker, the next time the legitimate client tries to use the previous
refresh token, it will not work and the attack will be noticed. If the
attacker does not use the refresh token, it becomes invalid after the
legitimate client uses it.
This behavior is recommended by draft-ietf-oauth-security-topics
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sun, 23 Jul 2023 02:56:08 +0200 |
parents | bac3dae031ee |
children |
rev | line source |
---|---|
3643
740870196b97
mod_http_stats_stream: Make global to simplify
Kim Alvefur <zash@zash.se>
parents:
3635
diff
changeset
|
1 module:set_global(); |
740870196b97
mod_http_stats_stream: Make global to simplify
Kim Alvefur <zash@zash.se>
parents:
3635
diff
changeset
|
2 |
2432
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 local statsman = require "core.statsmanager"; |
3635
fd054689a64c
mod_http_stats_stream: Use existing header preparation
Kim Alvefur <zash@zash.se>
parents:
2432
diff
changeset
|
4 local http = require "net.http.server"; |
2432
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 local json = require "util.json"; |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 |
4595
bac3dae031ee
Add note of incompatibility with trunk since 5f15ab7c6ae5
Kim Alvefur <zash@zash.se>
parents:
3643
diff
changeset
|
7 assert(statsman.get_stats, "not compatible with trunk based on openmetrics"); |
bac3dae031ee
Add note of incompatibility with trunk since 5f15ab7c6ae5
Kim Alvefur <zash@zash.se>
parents:
3643
diff
changeset
|
8 |
2432
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
9 local sessions = {}; |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
10 |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
11 local function updates_client_closed(response) |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
12 module:log("debug", "Streamstats client closed"); |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
13 sessions[response] = nil; |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
14 end |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
15 |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
16 local function get_updates(event) |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
17 local request, response = event.request, event.response; |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
18 |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
19 response.on_destroy = updates_client_closed; |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
20 |
3635
fd054689a64c
mod_http_stats_stream: Use existing header preparation
Kim Alvefur <zash@zash.se>
parents:
2432
diff
changeset
|
21 response.headers.content_type = "text/event-stream"; |
fd054689a64c
mod_http_stats_stream: Use existing header preparation
Kim Alvefur <zash@zash.se>
parents:
2432
diff
changeset
|
22 response.headers.x_accel_buffering = "no"; -- for nginx maybe? |
fd054689a64c
mod_http_stats_stream: Use existing header preparation
Kim Alvefur <zash@zash.se>
parents:
2432
diff
changeset
|
23 local resp = http.prepare_header(response); |
fd054689a64c
mod_http_stats_stream: Use existing header preparation
Kim Alvefur <zash@zash.se>
parents:
2432
diff
changeset
|
24 table.insert(resp, "event: stats-full\r\n"); |
fd054689a64c
mod_http_stats_stream: Use existing header preparation
Kim Alvefur <zash@zash.se>
parents:
2432
diff
changeset
|
25 table.insert(resp, "data: "); |
fd054689a64c
mod_http_stats_stream: Use existing header preparation
Kim Alvefur <zash@zash.se>
parents:
2432
diff
changeset
|
26 table.insert(resp, json.encode(statsman.get_stats())); |
fd054689a64c
mod_http_stats_stream: Use existing header preparation
Kim Alvefur <zash@zash.se>
parents:
2432
diff
changeset
|
27 table.insert(resp, "\r\n\r\n"); |
fd054689a64c
mod_http_stats_stream: Use existing header preparation
Kim Alvefur <zash@zash.se>
parents:
2432
diff
changeset
|
28 response.conn:write(table.concat(resp)); |
2432
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
29 |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
30 sessions[response] = request; |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
31 return true; |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
32 end |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
33 |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
34 |
3643
740870196b97
mod_http_stats_stream: Make global to simplify
Kim Alvefur <zash@zash.se>
parents:
3635
diff
changeset
|
35 module:hook("stats-updated", function (event) |
2432
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
36 local data = table.concat({ |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
37 "event: stats-updated"; |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
38 "data: "..json.encode(event.changed_stats); |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
39 ""; |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
40 ""; |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
41 }, "\r\n") |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
42 for response in pairs(sessions) do |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
43 response.conn:write(data); |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
44 end |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
45 end); |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
46 |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
47 |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
48 module:depends("http"); |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
49 module:provides("http", { |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
50 route = { |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
51 GET = get_updates; |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
52 } |
47a6f01231b2
mod_http_stats_stream: Sends statistics from statsmanager over an HTTP event stream
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
53 }); |