Mercurial > prosody-modules
annotate mod_reload_components/mod_reload_components.lua @ 5616:59d5fc50f602
mod_http_oauth2: Implement refresh token rotation
Makes refresh tokens one-time-use, handing out a new refresh token with
each access token. Thus if a refresh token is stolen and used by an
attacker, the next time the legitimate client tries to use the previous
refresh token, it will not work and the attack will be noticed. If the
attacker does not use the refresh token, it becomes invalid after the
legitimate client uses it.
This behavior is recommended by draft-ietf-oauth-security-topics
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sun, 23 Jul 2023 02:56:08 +0200 |
| parents | 85d04dd87f14 |
| children |
| rev | line source |
|---|---|
|
2391
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
1 module:set_global(); |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
2 |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
3 local configmanager = require "core.configmanager"; |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
4 local hostmanager = require"core.hostmanager"; |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
5 |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
6 local function reload_components() |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
7 |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
8 --- Check if host configuration is a component |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
9 --- @param h hostname |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
10 local function config_is_component(h) |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
11 return h ~= nil and configmanager.get(h, "component_module") ~= nil; -- If a host has a component module defined within it, then it is a component |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
12 end; |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
13 |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
14 --- Check if host / component configuration is active |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
15 --- @param h hostname / component name |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
16 local function component_is_new(h) |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
17 return h ~= "*" and not hosts[h]; -- If a host is not defined in hosts and it is not global, then it is new |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
18 end |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
19 |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
20 --- Search for new components that are not activated |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
21 for h, c in pairs(configmanager.getconfig()) do |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
22 if config_is_component(h) and component_is_new(h) then |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
23 module:log ("debug", "Loading new component %s", h ); |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
24 hostmanager.activate(h, c); |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
25 end |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
26 end |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
27 |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
28 --- Search for active components that are not enabled in the configmanager anymore |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
29 local enabled = {} |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
30 for h in pairs(configmanager.getconfig()) do |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
31 enabled[h] = true; -- Set true if it is defined in the configuration file |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
32 end |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
33 for h, c in pairs(hosts) do |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
34 if not enabled[h] then -- Deactivate if not present in the configuration file |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
35 hostmanager.deactivate(h,c); |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
36 end |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
37 end |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
38 end |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
39 |
|
85d04dd87f14
mod_reload_components: add new module and README file.
Camilo <camilo@camilo.fm>
parents:
diff
changeset
|
40 module:hook("config-reloaded", reload_components); |