annotate mod_pubsub_post/mod_pubsub_post.lua @ 3447:5f2eeebcf899

mod_client_certs: do not crash on plain sockets In some situations (e.g., reverse-proxied websocket), non-TLS sockets can be marked as secure, causing mod_client_certs to call the undefined method getpeercertificate and crash.
author Thibaut Girka <thib@sitedethib.com>
date Fri, 18 Jan 2019 14:06:05 +0100
parents 64d1dfbd1740
children 1df139b157fb
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1619
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1 module:depends("http");
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
2
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
3 local st = require "util.stanza";
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
4 local json = require "util.json";
3014
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
5 local xml = require "util.xml";
1619
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
6 local uuid_generate = require "util.uuid".generate;
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
7 local timestamp_generate = require "util.datetime".datetime;
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
8
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
9 local pubsub_service = module:depends("pubsub").service;
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
10
3014
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
11 local error_mapping = {
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
12 ["forbidden"] = 403;
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
13 ["item-not-found"] = 404;
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
14 ["internal-server-error"] = 500;
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
15 ["conflict"] = 409;
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
16 };
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
17
3017
8e48c0b233e0 mod_pubsub_post: Factor out the 'actor' into an argument
Kim Alvefur <zash@zash.se>
parents: 3016
diff changeset
18 local function publish_payload(node, actor, item_id, payload)
3014
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
19 local post_item = st.stanza("item", { xmlns = "http://jabber.org/protocol/pubsub", id = item_id, })
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
20 :add_child(payload);
3017
8e48c0b233e0 mod_pubsub_post: Factor out the 'actor' into an argument
Kim Alvefur <zash@zash.se>
parents: 3016
diff changeset
21 local ok, err = pubsub_service:publish(node, actor, item_id, post_item);
3014
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
22 module:log("debug", ":publish(%q, true, %q, %s) -> %q", node, item_id, payload:top_tag(), err or "");
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
23 if not ok then
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
24 return error_mapping[err] or 500;
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
25 end
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
26 return 202;
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
27 end
1619
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
28
3017
8e48c0b233e0 mod_pubsub_post: Factor out the 'actor' into an argument
Kim Alvefur <zash@zash.se>
parents: 3016
diff changeset
29 local function handle_json(node, actor, data)
3016
3f4e2340bfdc mod_pubsub_post: Add support for publishing arbitrary JSON
Kim Alvefur <zash@zash.se>
parents: 3015
diff changeset
30 local parsed, err = json.decode(data);
3f4e2340bfdc mod_pubsub_post: Add support for publishing arbitrary JSON
Kim Alvefur <zash@zash.se>
parents: 3015
diff changeset
31 if not parsed then
3f4e2340bfdc mod_pubsub_post: Add support for publishing arbitrary JSON
Kim Alvefur <zash@zash.se>
parents: 3015
diff changeset
32 return { status_code = 400; body = tostring(err); }
3f4e2340bfdc mod_pubsub_post: Add support for publishing arbitrary JSON
Kim Alvefur <zash@zash.se>
parents: 3015
diff changeset
33 end
3f4e2340bfdc mod_pubsub_post: Add support for publishing arbitrary JSON
Kim Alvefur <zash@zash.se>
parents: 3015
diff changeset
34 if type(parsed) ~= "table" then
3f4e2340bfdc mod_pubsub_post: Add support for publishing arbitrary JSON
Kim Alvefur <zash@zash.se>
parents: 3015
diff changeset
35 return { status_code = 400; body = "object or array expected"; };
3f4e2340bfdc mod_pubsub_post: Add support for publishing arbitrary JSON
Kim Alvefur <zash@zash.se>
parents: 3015
diff changeset
36 end
3f4e2340bfdc mod_pubsub_post: Add support for publishing arbitrary JSON
Kim Alvefur <zash@zash.se>
parents: 3015
diff changeset
37 local wrapper = st.stanza("json", { xmlns="urn:xmpp:json:0" }):text(data);
3017
8e48c0b233e0 mod_pubsub_post: Factor out the 'actor' into an argument
Kim Alvefur <zash@zash.se>
parents: 3016
diff changeset
38 return publish_payload(node, actor, data.id or "current", wrapper);
3016
3f4e2340bfdc mod_pubsub_post: Add support for publishing arbitrary JSON
Kim Alvefur <zash@zash.se>
parents: 3015
diff changeset
39 end
3f4e2340bfdc mod_pubsub_post: Add support for publishing arbitrary JSON
Kim Alvefur <zash@zash.se>
parents: 3015
diff changeset
40
3017
8e48c0b233e0 mod_pubsub_post: Factor out the 'actor' into an argument
Kim Alvefur <zash@zash.se>
parents: 3016
diff changeset
41 local function publish_atom(node, actor, feed)
3015
338b7c808ecc mod_pubsub_post: Add support for posting Atom feeds, publishing each entry
Kim Alvefur <zash@zash.se>
parents: 3014
diff changeset
42 for entry in feed:childtags("entry") do
338b7c808ecc mod_pubsub_post: Add support for posting Atom feeds, publishing each entry
Kim Alvefur <zash@zash.se>
parents: 3014
diff changeset
43 local item_id = entry:get_child_text("id");
338b7c808ecc mod_pubsub_post: Add support for posting Atom feeds, publishing each entry
Kim Alvefur <zash@zash.se>
parents: 3014
diff changeset
44 if not item_id then
338b7c808ecc mod_pubsub_post: Add support for posting Atom feeds, publishing each entry
Kim Alvefur <zash@zash.se>
parents: 3014
diff changeset
45 item_id = uuid_generate();
338b7c808ecc mod_pubsub_post: Add support for posting Atom feeds, publishing each entry
Kim Alvefur <zash@zash.se>
parents: 3014
diff changeset
46 entry:tag("id"):text(item_id):up();
338b7c808ecc mod_pubsub_post: Add support for posting Atom feeds, publishing each entry
Kim Alvefur <zash@zash.se>
parents: 3014
diff changeset
47 end
338b7c808ecc mod_pubsub_post: Add support for posting Atom feeds, publishing each entry
Kim Alvefur <zash@zash.se>
parents: 3014
diff changeset
48 if not entry:get_child_text("published") then
338b7c808ecc mod_pubsub_post: Add support for posting Atom feeds, publishing each entry
Kim Alvefur <zash@zash.se>
parents: 3014
diff changeset
49 entry:tag("published"):text(timestamp_generate()):up();
338b7c808ecc mod_pubsub_post: Add support for posting Atom feeds, publishing each entry
Kim Alvefur <zash@zash.se>
parents: 3014
diff changeset
50 end
3017
8e48c0b233e0 mod_pubsub_post: Factor out the 'actor' into an argument
Kim Alvefur <zash@zash.se>
parents: 3016
diff changeset
51 local resp = publish_payload(node, actor, item_id, entry);
3015
338b7c808ecc mod_pubsub_post: Add support for posting Atom feeds, publishing each entry
Kim Alvefur <zash@zash.se>
parents: 3014
diff changeset
52 if resp ~= 202 then return resp; end
338b7c808ecc mod_pubsub_post: Add support for posting Atom feeds, publishing each entry
Kim Alvefur <zash@zash.se>
parents: 3014
diff changeset
53 end
338b7c808ecc mod_pubsub_post: Add support for posting Atom feeds, publishing each entry
Kim Alvefur <zash@zash.se>
parents: 3014
diff changeset
54 return 202;
338b7c808ecc mod_pubsub_post: Add support for posting Atom feeds, publishing each entry
Kim Alvefur <zash@zash.se>
parents: 3014
diff changeset
55 end
338b7c808ecc mod_pubsub_post: Add support for posting Atom feeds, publishing each entry
Kim Alvefur <zash@zash.se>
parents: 3014
diff changeset
56
3017
8e48c0b233e0 mod_pubsub_post: Factor out the 'actor' into an argument
Kim Alvefur <zash@zash.se>
parents: 3016
diff changeset
57 local function handle_xml(node, actor, payload)
3014
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
58 local xmlpayload, err = xml.parse(payload);
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
59 if not xmlpayload then
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
60 module:log("debug", "XML parse error: %s\n%q", err, payload);
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
61 return { status_code = 400, body = tostring(err) };
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
62 end
3015
338b7c808ecc mod_pubsub_post: Add support for posting Atom feeds, publishing each entry
Kim Alvefur <zash@zash.se>
parents: 3014
diff changeset
63 if xmlpayload.attr.xmlns == "http://www.w3.org/2005/Atom" and xmlpayload.name == "feed" then
3017
8e48c0b233e0 mod_pubsub_post: Factor out the 'actor' into an argument
Kim Alvefur <zash@zash.se>
parents: 3016
diff changeset
64 return publish_atom(node, actor, xmlpayload);
3015
338b7c808ecc mod_pubsub_post: Add support for posting Atom feeds, publishing each entry
Kim Alvefur <zash@zash.se>
parents: 3014
diff changeset
65 else
3017
8e48c0b233e0 mod_pubsub_post: Factor out the 'actor' into an argument
Kim Alvefur <zash@zash.se>
parents: 3016
diff changeset
66 return publish_payload(node, actor, "current", xmlpayload);
3015
338b7c808ecc mod_pubsub_post: Add support for posting Atom feeds, publishing each entry
Kim Alvefur <zash@zash.se>
parents: 3014
diff changeset
67 end
3014
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
68 end
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
69
3018
727a8beeb5c3 mod_pubsub_post: Add an option for what to use as pubsub 'actor'
Kim Alvefur <zash@zash.se>
parents: 3017
diff changeset
70 local actor_source = module:get_option_string("pubsub_post_actor", "superuser");
727a8beeb5c3 mod_pubsub_post: Add an option for what to use as pubsub 'actor'
Kim Alvefur <zash@zash.se>
parents: 3017
diff changeset
71
3014
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
72 function handle_POST(event, path)
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
73 local request = event.request;
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
74 module:log("debug", "Handling POST: \n%s\n", tostring(request.body));
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
75
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
76 local content_type = request.headers.content_type or "application/octet-stream";
3254
af73963cf1dd mod_pubsub_post: Start with actor unset
Kim Alvefur <zash@zash.se>
parents: 3018
diff changeset
77 local actor;
3014
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
78
3018
727a8beeb5c3 mod_pubsub_post: Add an option for what to use as pubsub 'actor'
Kim Alvefur <zash@zash.se>
parents: 3017
diff changeset
79 if actor_source == "request.ip" then
727a8beeb5c3 mod_pubsub_post: Add an option for what to use as pubsub 'actor'
Kim Alvefur <zash@zash.se>
parents: 3017
diff changeset
80 actor = request.ip or request.conn:ip();
3254
af73963cf1dd mod_pubsub_post: Start with actor unset
Kim Alvefur <zash@zash.se>
parents: 3018
diff changeset
81 elseif actor_source == "superuser" then
af73963cf1dd mod_pubsub_post: Start with actor unset
Kim Alvefur <zash@zash.se>
parents: 3018
diff changeset
82 actor = true;
af73963cf1dd mod_pubsub_post: Start with actor unset
Kim Alvefur <zash@zash.se>
parents: 3018
diff changeset
83 else
3018
727a8beeb5c3 mod_pubsub_post: Add an option for what to use as pubsub 'actor'
Kim Alvefur <zash@zash.se>
parents: 3017
diff changeset
84 module:log("error", "pubsub_post_actor set to unsupported value %q", actor_source);
727a8beeb5c3 mod_pubsub_post: Add an option for what to use as pubsub 'actor'
Kim Alvefur <zash@zash.se>
parents: 3017
diff changeset
85 return 500;
727a8beeb5c3 mod_pubsub_post: Add an option for what to use as pubsub 'actor'
Kim Alvefur <zash@zash.se>
parents: 3017
diff changeset
86 end
727a8beeb5c3 mod_pubsub_post: Add an option for what to use as pubsub 'actor'
Kim Alvefur <zash@zash.se>
parents: 3017
diff changeset
87
3255
64d1dfbd1740 mod_pubsub_post: Ensure actor is non-nil (catch inability to determine IP or simliar)
Kim Alvefur <zash@zash.se>
parents: 3254
diff changeset
88 if not actor then
64d1dfbd1740 mod_pubsub_post: Ensure actor is non-nil (catch inability to determine IP or simliar)
Kim Alvefur <zash@zash.se>
parents: 3254
diff changeset
89 return 401;
64d1dfbd1740 mod_pubsub_post: Ensure actor is non-nil (catch inability to determine IP or simliar)
Kim Alvefur <zash@zash.se>
parents: 3254
diff changeset
90 end
64d1dfbd1740 mod_pubsub_post: Ensure actor is non-nil (catch inability to determine IP or simliar)
Kim Alvefur <zash@zash.se>
parents: 3254
diff changeset
91
3014
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
92 if content_type == "application/xml" or content_type:sub(-4) == "+xml" then
3017
8e48c0b233e0 mod_pubsub_post: Factor out the 'actor' into an argument
Kim Alvefur <zash@zash.se>
parents: 3016
diff changeset
93 return handle_xml(path, actor, request.body);
3016
3f4e2340bfdc mod_pubsub_post: Add support for publishing arbitrary JSON
Kim Alvefur <zash@zash.se>
parents: 3015
diff changeset
94 elseif content_type == "application/json" or content_type:sub(-5) == "+json" then
3017
8e48c0b233e0 mod_pubsub_post: Factor out the 'actor' into an argument
Kim Alvefur <zash@zash.se>
parents: 3016
diff changeset
95 return handle_json(path, actor, request.body);
3014
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
96 end
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
97
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
98 module:log("debug", "Unsupported content-type: %q", content_type);
72dbc9b66de8 mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents: 3013
diff changeset
99 return 415;
1619
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
100 end
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
101
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
102 module:provides("http", {
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
103 route = {
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
104 ["POST /*"] = handle_POST;
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
105 };
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
106 });
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
107
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
108 function module.load()
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
109 module:log("debug", "Loaded at %s", module:http_url());
43c54a27bab2 mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
110 end