Mercurial > prosody-modules
annotate mod_auth_cyrus/mod_auth_cyrus.lua @ 5585:5b316088bef5
mod_rest: Use logger of HTTP request in trunk
In Prosody trunk rev c975dafa4303 each HTTP request gained its own log
sink, to make it easy to log things related to each request and group
those messages. Especially where async is used, spreading the request
and response apart as mod_rest does with iq stanzas, this grouped
logging should help find related messages.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Fri, 07 Jul 2023 00:10:37 +0200 |
parents | b8366e31c829 |
children |
rev | line source |
---|---|
4710
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 -- Prosody IM |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 -- Copyright (C) 2008-2010 Matthew Wild |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 -- Copyright (C) 2008-2010 Waqas Hussain |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 -- |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 -- This project is MIT/X11 licensed. Please see the |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 -- COPYING file in the source package for more information. |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 -- |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
8 -- luacheck: ignore 212 |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
9 |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
10 local log = require "util.logger".init("auth_cyrus"); |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
11 |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
12 local usermanager_user_exists = require "core.usermanager".user_exists; |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
13 |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
14 local cyrus_service_realm = module:get_option("cyrus_service_realm"); |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
15 local cyrus_service_name = module:get_option("cyrus_service_name"); |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
16 local cyrus_application_name = module:get_option("cyrus_application_name"); |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
17 local require_provisioning = module:get_option("cyrus_require_provisioning") or false; |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
18 local host_fqdn = module:get_option("cyrus_server_fqdn"); |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
19 |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
20 prosody.unlock_globals(); --FIXME: Figure out why this is needed and |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
21 -- why cyrussasl isn't caught by the sandbox |
4927
b8366e31c829
mod_auth_cyrus: Adjust module import to work with repo clone - Fix #1744
Kim Alvefur <zash@zash.se>
parents:
4710
diff
changeset
|
22 local cyrus_new = module:require "sasl_cyrus".new; |
4710
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
23 prosody.lock_globals(); |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
24 local new_sasl = function(realm) |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
25 return cyrus_new( |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
26 cyrus_service_realm or realm, |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
27 cyrus_service_name or "xmpp", |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
28 cyrus_application_name or "prosody", |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
29 host_fqdn |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
30 ); |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
31 end |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
32 |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
33 do -- diagnostic |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
34 local list; |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
35 for mechanism in pairs(new_sasl(module.host):mechanisms()) do |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
36 list = (not(list) and mechanism) or (list..", "..mechanism); |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
37 end |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
38 if not list then |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
39 module:log("error", "No Cyrus SASL mechanisms available"); |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
40 else |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
41 module:log("debug", "Available Cyrus SASL mechanisms: %s", list); |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
42 end |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
43 end |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
44 |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
45 local host = module.host; |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
46 |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
47 -- define auth provider |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
48 local provider = {}; |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
49 log("debug", "initializing default authentication provider for host '%s'", host); |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
50 |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
51 function provider.test_password(username, password) |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
52 return nil, "Legacy auth not supported with Cyrus SASL."; |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
53 end |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
54 |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
55 function provider.get_password(username) |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
56 return nil, "Passwords unavailable for Cyrus SASL."; |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
57 end |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
58 |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
59 function provider.set_password(username, password) |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
60 return nil, "Passwords unavailable for Cyrus SASL."; |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
61 end |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
62 |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
63 function provider.user_exists(username) |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
64 if require_provisioning then |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
65 return usermanager_user_exists(username, host); |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
66 end |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
67 return true; |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
68 end |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
69 |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
70 function provider.create_user(username, password) |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
71 return nil, "Account creation/modification not available with Cyrus SASL."; |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
72 end |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
73 |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
74 function provider.get_sasl_handler() |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
75 local handler = new_sasl(host); |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
76 if require_provisioning then |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
77 function handler.require_provisioning(username) |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
78 return usermanager_user_exists(username, host); |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
79 end |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
80 end |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
81 return handler; |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
82 end |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
83 |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
84 module:provides("auth", provider); |
099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
85 |