annotate mod_measure_client_presence/mod_measure_client_presence.lua @ 5616:59d5fc50f602

mod_http_oauth2: Implement refresh token rotation Makes refresh tokens one-time-use, handing out a new refresh token with each access token. Thus if a refresh token is stolen and used by an attacker, the next time the legitimate client tries to use the previous refresh token, it will not work and the attack will be noticed. If the attacker does not use the refresh token, it becomes invalid after the legitimate client uses it. This behavior is recommended by draft-ietf-oauth-security-topics
author Kim Alvefur <zash@zash.se>
date Sun, 23 Jul 2023 02:56:08 +0200
parents 37ae0801f925
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
2789
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
1 module:set_global();
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
2
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
3 local measure = require"core.statsmanager".measure;
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
4
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
5 local valid_shows = {
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
6 available = true,
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
7 chat = true,
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
8 away = true,
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
9 dnd = true,
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
10 xa = true,
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
11 unavailable = true,
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
12 }
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
13
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
14 local counters = {
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
15 available = measure("amount", "client_presence.available"),
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
16 chat = measure("amount", "client_presence.chat"),
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
17 away = measure("amount", "client_presence.away"),
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
18 dnd = measure("amount", "client_presence.dnd"),
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
19 xa = measure("amount", "client_presence.xa"),
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
20 unavailable = measure("amount", "client_presence.unavailable"),
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
21 invalid = measure("amount", "client_presence.invalid");
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
22 };
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
23
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
24 module:hook("stats-update", function ()
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
25 local buckets = {
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
26 available = 0,
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
27 chat = 0,
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
28 away = 0,
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
29 dnd = 0,
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
30 xa = 0,
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
31 unavailable = 0,
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
32 invalid = 0,
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
33 };
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
34 for _, session in pairs(full_sessions) do
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
35 local status = "unavailable";
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
36 if session.presence then
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
37 status = session.presence:get_child_text("show") or "available";
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
38 end
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
39 if valid_shows[status] ~= nil then
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
40 buckets[status] = buckets[status] + 1;
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
41 else
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
42 buckets.invalid = buckets.invalid + 1;
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
43 end
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
44 end
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
45 for bucket, count in pairs(buckets) do
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
46 counters[bucket](count)
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
47 end
37ae0801f925 mod_measure_client_presence: Counts presence show and reports using 0.10+ statistics API.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
48 end)