Mercurial > prosody-modules
annotate mod_muc_hats_api/mod_muc_hats_api.lua @ 5616:59d5fc50f602
mod_http_oauth2: Implement refresh token rotation
Makes refresh tokens one-time-use, handing out a new refresh token with
each access token. Thus if a refresh token is stolen and used by an
attacker, the next time the legitimate client tries to use the previous
refresh token, it will not work and the attack will be noticed. If the
attacker does not use the refresh token, it becomes invalid after the
legitimate client uses it.
This behavior is recommended by draft-ietf-oauth-security-topics
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sun, 23 Jul 2023 02:56:08 +0200 |
| parents | 1f90e333b1d8 |
| children |
| rev | line source |
|---|---|
|
3947
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
1 local mod_muc = module:depends("muc"); |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 function add_user_hat(user_jid, room_jid, hat_id, attachment) |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
4 local room = mod_muc.get_room_from_jid(room_jid); |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 if not room then |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 return nil, "item-not-found", "no such room"; |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
7 end |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 local user_aff = room:get_affiliation(user_jid); |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
9 if not user_aff then |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
10 return nil, "item-not-found", "user not affiliated with room"; |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
11 end |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
12 local aff_data = room:get_affiliation_data(user_jid) or {}; |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
13 local hats = aff_data.hats; |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
14 if not hats then |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
15 hats = {}; |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
16 aff_data.hats = hats; |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
17 end |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
18 |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
19 hats[hat_id] = { |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
20 active = attachment.active; |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
21 required = attachment.required; |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
22 title = attachment.title; |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
23 }; |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
24 |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
25 local ok, err = room:set_affiliation(true, user_jid, user_aff, nil, aff_data); |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
26 if not ok then |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
27 return nil, err; |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
28 end |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
29 return true; |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
30 end |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
31 |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
32 function remove_user_hat(user_jid, room_jid, hat_id) |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
33 local room = mod_muc.get_room_from_jid(room_jid); |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
34 if not room then |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
35 return nil, "item-not-found", "no such room"; |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
36 end |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
37 local user_aff = room:get_affiliation(user_jid); |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
38 if not user_aff then |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
39 return nil, "item-not-found", "user not affiliated with room"; |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
40 end |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
41 local aff_data = room:get_affiliation_data(user_jid); |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
42 local hats = aff_data and aff_data.hats; |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
43 if not hats then |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
44 return true; |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
45 end |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
46 |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
47 hats[hat_id] = nil; |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
48 |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
49 local ok, err = room:set_affiliation(true, user_jid, user_aff, nil, aff_data); |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
50 if not ok then |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
51 return nil, err; |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
52 end |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
53 return true; |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
54 end |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
55 |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
56 function set_user_hats(user_jid, room_jid, new_hats) |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
57 local room = mod_muc.get_room_from_jid(room_jid); |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
58 if not room then |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
59 return nil, "item-not-found", "no such room"; |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
60 end |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
61 local user_aff = room:get_affiliation(user_jid); |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
62 if not user_aff then |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
63 return nil, "item-not-found", "user not affiliated with room"; |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
64 end |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
65 local aff_data = room:get_affiliation_data(user_jid) or {}; |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
66 |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
67 aff_data.hats = new_hats; |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
68 |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
69 local ok, err = room:set_affiliation(true, user_jid, user_aff, nil, aff_data); |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
70 if not ok then |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
71 return nil, err; |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
72 end |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
73 return true; |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
74 end |
|
1f90e333b1d8
mod_muc_hats_api: New API-only module for managing user hats in MUCs
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
75 |