prosody-modules: mod_auth_http_async/mod_auth_http

annotate mod_auth_http_async/mod_auth_http_async.lua @ 2670:6e01878103c0

mod_smacks: Ignore user when writing or reading session_cache on prosody 0.9 At least under some circumstances it seems that session.username is nil when a user tries to resume his session in prosody 0.9. The username is not relevant when no limiting is done (limiting the number of entries in the session cache is only possible in prosody 0.10), so this commit removes the usage of the username when accessing the prosody 0.9 session cache.

author	tmolitor <thilo@eightysoft.de>
date	Thu, 06 Apr 2017 02:12:14 +0200
parents	96eb1c4f9ff7
children	1d139e33c502

rev	line source
1421 295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	1 -- Prosody IM
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	2 -- Copyright (C) 2008-2013 Matthew Wild
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	3 -- Copyright (C) 2008-2013 Waqas Hussain
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	4 -- Copyright (C) 2014 Kim Alvefur
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	5 --
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	6 -- This project is MIT/X11 licensed. Please see the
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	7 -- COPYING file in the source package for more information.
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	8 --
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	9
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	10 local new_sasl = require "util.sasl".new;
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	11 local base64 = require "util.encodings".base64.encode;
2159 5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1939 diff changeset	12 local have_async, async = pcall(require, "util.async");
1421 295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	13
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	14 local log = module._log;
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	15 local host = module.host;
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	16
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	17 local api_base = module:get_option_string("http_auth_url", ""):gsub("$host", host);
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	18 if api_base == "" then error("http_auth_url required") end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	19
2629 a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	20 local provider = {};
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	21
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	22 -- globals required by socket.http
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	23 if rawget(_G, "PROXY") == nil then
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	24 rawset(_G, "PROXY", false)
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	25 end
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	26 if rawget(_G, "base_parsed") == nil then
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	27 rawset(_G, "base_parsed", false)
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	28 end
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	29
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	30 local function async_http_auth(url, username, password)
2630 96eb1c4f9ff7 mod_auth_http_async: Use "net.http" for async case. JC Brand <jc@opkode.com> parents: 2629 diff changeset	31 local http = require "net.http";
2159 5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1939 diff changeset	32 local wait, done = async.waiter();
1927 439711709d29 mod_auth_http_async: Wrap up async http request in a function Kim Alvefur <zash@zash.se> parents: 1749 diff changeset	33 local content, code, request, response;
2629 a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	34 local ex = {
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	35 headers = { Authorization = "Basic "..base64(username..":"..password); };
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	36 }
1930 95bbf3c4aa27 mod_auth_http_async: Don't set global Kim Alvefur <zash@zash.se> parents: 1927 diff changeset	37 local function cb(content_, code_, request_, response_)
1927 439711709d29 mod_auth_http_async: Wrap up async http request in a function Kim Alvefur <zash@zash.se> parents: 1749 diff changeset	38 content, code, request, response = content_, code_, request_, response_;
439711709d29 mod_auth_http_async: Wrap up async http request in a function Kim Alvefur <zash@zash.se> parents: 1749 diff changeset	39 done();
439711709d29 mod_auth_http_async: Wrap up async http request in a function Kim Alvefur <zash@zash.se> parents: 1749 diff changeset	40 end
1931 bd5412eb0a6d mod_auth_http_async: Actually do the HTTP request Kim Alvefur <zash@zash.se> parents: 1930 diff changeset	41 http.request(url, ex, cb);
1927 439711709d29 mod_auth_http_async: Wrap up async http request in a function Kim Alvefur <zash@zash.se> parents: 1749 diff changeset	42 wait();
2629 a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	43 if code >= 200 and code <= 299 then
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	44 module:log("debug", "HTTP auth provider confirmed valid password");
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	45 return true;
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	46 else
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	47 module:log("debug", "HTTP auth provider returned status code %d", code);
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	48 end
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	49 return nil, "Auth failed. Invalid username or password.";
1927 439711709d29 mod_auth_http_async: Wrap up async http request in a function Kim Alvefur <zash@zash.se> parents: 1749 diff changeset	50 end
439711709d29 mod_auth_http_async: Wrap up async http request in a function Kim Alvefur <zash@zash.se> parents: 1749 diff changeset	51
2629 a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	52 local function sync_http_auth(url)
2630 96eb1c4f9ff7 mod_auth_http_async: Use "net.http" for async case. JC Brand <jc@opkode.com> parents: 2629 diff changeset	53 local http = require "socket.http";
96eb1c4f9ff7 mod_auth_http_async: Use "net.http" for async case. JC Brand <jc@opkode.com> parents: 2629 diff changeset	54 local https = require "ssl.https";
2629 a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	55 local request;
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	56 if string.sub(url, 1, string.len('https')) == 'https' then
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	57 request = https.request;
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	58 else
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	59 request = http.request;
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	60 end
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	61 local _, code, headers, status = request{
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	62 url = url,
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	63 headers = { ACCEPT = "application/json, text/plain, /"; }
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	64 };
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	65 if type(code) == "number" and code >= 200 and code <= 299 then
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	66 module:log("debug", "HTTP auth provider confirmed valid password");
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	67 return true;
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	68 else
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	69 module:log("debug", "HTTP auth provider returned status code: "..code);
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	70 end
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	71 return nil, "Auth failed. Invalid username or password.";
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	72 end
1421 295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	73
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	74 function provider.test_password(username, password)
2629 a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	75 local url = api_base:gsub("$user", username):gsub("$password", password);
2442 b2a198665946 mod_auth_http_async: Log URL when testing password JC Brand <jc@opkode.com> parents: 2159 diff changeset	76 log("debug", "Testing password for user %s at host %s with URL %s", username, host, url);
2159 5e8dec076afc mod_auth_http_async: Fall back to non-async calling of http_auth_url JC Brand <jcbrand@minddistrict.com> parents: 1939 diff changeset	77 if (have_async) then
2629 a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	78 return async_http_auth(url, username, password);
1421 295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	79 else
2629 a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	80 return sync_http_auth(url);
1421 295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	81 end
2629 a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	82 end
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	83
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	84 function provider.users()
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	85 return function()
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	86 return nil;
a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	87 end
1421 295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	88 end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	89
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	90 function provider.set_password(username, password)
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	91 return nil, "Changing passwords not supported";
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	92 end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	93
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	94 function provider.user_exists(username)
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	95 return true;
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	96 end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	97
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	98 function provider.create_user(username, password)
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	99 return nil, "User creation not supported";
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	100 end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	101
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	102 function provider.delete_user(username)
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	103 return nil , "User deletion not supported";
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	104 end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	105
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	106 function provider.get_sasl_handler()
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	107 return new_sasl(host, {
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	108 plain_test = function(sasl, username, password, realm)
1939 54f9e8663139 mod_auth_http_async: Correctly pass password to provider.test_password (thanks mother) Kim Alvefur <zash@zash.se> parents: 1938 diff changeset	109 return provider.test_password(username, password), true;
1421 295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	110 end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	111 });
295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	112 end
2629 a11568bfaf4c mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib JC Brand <jc@opkode.com> parents: 2442 diff changeset	113
1421 295c30e44ba8 mod_auth_http_async: Async HTTP auth module Kim Alvefur <zash@zash.se> parents: diff changeset	114 module:provides("auth", provider);

Mercurial > prosody-modules

annotate mod_auth_http_async/mod_auth_http_async.lua @ 2670:6e01878103c0