Mercurial > prosody-modules

annotate mod_s2s_auth_compat/mod_s2s_auth_compat.lua @ 5643:73c3d5bfce3e

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2: Allow 'login_hint' as a substitute for OIDC 'select_account' prompt If the OIDC 'prompt' parameter does not contain the 'select_account' then it wants us to skip account selection, which means we have to figure which account to authenticate somehow. One way could be have this stored in a cookie from a previous successful login. Another way would be to have the account passed as a hint, which is what we add here.
author Kim Alvefur <zash@zash.se>
date Sat, 09 Sep 2023 21:42:24 +0200
parents 21e81fcb8896
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
944
21e81fcb8896 mod_s2s_auth_compat: Workaround for Openfire doing EXTERNAL without proper stream headers
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 -- COMPAT for Openfire sending stream headers without to or from.
21e81fcb8896 mod_s2s_auth_compat: Workaround for Openfire doing EXTERNAL without proper stream headers
Kim Alvefur <zash@zash.se>
parents:
diff changeset
2
21e81fcb8896 mod_s2s_auth_compat: Workaround for Openfire doing EXTERNAL without proper stream headers
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3 module:set_global();
21e81fcb8896 mod_s2s_auth_compat: Workaround for Openfire doing EXTERNAL without proper stream headers
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4
21e81fcb8896 mod_s2s_auth_compat: Workaround for Openfire doing EXTERNAL without proper stream headers
Kim Alvefur <zash@zash.se>
parents:
diff changeset
5 module:hook("s2s-check-certificate", function(event)
21e81fcb8896 mod_s2s_auth_compat: Workaround for Openfire doing EXTERNAL without proper stream headers
Kim Alvefur <zash@zash.se>
parents:
diff changeset
6 local session, host = event.session, event.host;
21e81fcb8896 mod_s2s_auth_compat: Workaround for Openfire doing EXTERNAL without proper stream headers
Kim Alvefur <zash@zash.se>
parents:
diff changeset
7 if not event.host then
21e81fcb8896 mod_s2s_auth_compat: Workaround for Openfire doing EXTERNAL without proper stream headers
Kim Alvefur <zash@zash.se>
parents:
diff changeset
8 (session.log or module._log)("warn", "Invalid stream header, certificate will not be trusted")
21e81fcb8896 mod_s2s_auth_compat: Workaround for Openfire doing EXTERNAL without proper stream headers
Kim Alvefur <zash@zash.se>
parents:
diff changeset
9 session.cert_chain_status = "invalid"
21e81fcb8896 mod_s2s_auth_compat: Workaround for Openfire doing EXTERNAL without proper stream headers
Kim Alvefur <zash@zash.se>
parents:
diff changeset
10 return true
21e81fcb8896 mod_s2s_auth_compat: Workaround for Openfire doing EXTERNAL without proper stream headers
Kim Alvefur <zash@zash.se>
parents:
diff changeset
11 end
21e81fcb8896 mod_s2s_auth_compat: Workaround for Openfire doing EXTERNAL without proper stream headers
Kim Alvefur <zash@zash.se>
parents:
diff changeset
12 end, 100);