Mercurial > prosody-modules
annotate mod_auth_joomla/mod_auth_joomla.lua @ 1304:9f24ccaa66a6
mod_firewall: Do not cache conditions with only a single use
author | Florian Zeitz <florob@babelmonkeys.de> |
---|---|
date | Sun, 16 Feb 2014 18:19:12 +0100 |
parents | 881ec9919144 |
children | 7dbde05b48a9 |
rev | line source |
---|---|
422
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
1 -- Joomla authentication backend for Prosody |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
2 -- |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
3 -- Copyright (C) 2011 Waqas Hussain |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
4 -- |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
5 |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
6 local new_sasl = require "util.sasl".new; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
7 local nodeprep = require "util.encodings".stringprep.nodeprep; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
8 local saslprep = require "util.encodings".stringprep.saslprep; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
9 local DBI = require "DBI" |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
10 local md5 = require "util.hashes".md5; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
11 local uuid_gen = require "util.uuid".generate; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
12 |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
13 local connection; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
14 local params = module:get_option("sql"); |
720
97f6d7c4aaed
mod_auth_joomla: Added config option sql.prefix (default = "jos_").
Waqas Hussain <waqas20@gmail.com>
parents:
719
diff
changeset
|
15 local prefix = params and params.prefix or "jos_"; |
422
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
16 |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
17 local resolve_relative_path = require "core.configmanager".resolve_relative_path; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
18 |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
19 local function test_connection() |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
20 if not connection then return nil; end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
21 if connection:ping() then |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
22 return true; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
23 else |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
24 module:log("debug", "Database connection closed"); |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
25 connection = nil; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
26 end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
27 end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
28 local function connect() |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
29 if not test_connection() then |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
30 prosody.unlock_globals(); |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
31 local dbh, err = DBI.Connect( |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
32 params.driver, params.database, |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
33 params.username, params.password, |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
34 params.host, params.port |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
35 ); |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
36 prosody.lock_globals(); |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
37 if not dbh then |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
38 module:log("debug", "Database connection failed: %s", tostring(err)); |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
39 return nil, err; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
40 end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
41 module:log("debug", "Successfully connected to database"); |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
42 dbh:autocommit(true); -- don't run in transaction |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
43 connection = dbh; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
44 return connection; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
45 end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
46 end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
47 |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
48 do -- process options to get a db connection |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
49 params = params or { driver = "SQLite3" }; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
50 |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
51 if params.driver == "SQLite3" then |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
52 params.database = resolve_relative_path(prosody.paths.data or ".", params.database or "prosody.sqlite"); |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
53 end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
54 |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
55 assert(params.driver and params.database, "Both the SQL driver and the database need to be specified"); |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
56 |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
57 assert(connect()); |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
58 end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
59 |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
60 local function getsql(sql, ...) |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
61 if params.driver == "PostgreSQL" then |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
62 sql = sql:gsub("`", "\""); |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
63 end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
64 if not test_connection() then connect(); end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
65 -- do prepared statement stuff |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
66 local stmt, err = connection:prepare(sql); |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
67 if not stmt and not test_connection() then error("connection failed"); end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
68 if not stmt then module:log("error", "QUERY FAILED: %s %s", err, debug.traceback()); return nil, err; end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
69 -- run query |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
70 local ok, err = stmt:execute(...); |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
71 if not ok and not test_connection() then error("connection failed"); end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
72 if not ok then return nil, err; end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
73 |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
74 return stmt; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
75 end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
76 local function setsql(sql, ...) |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
77 local stmt, err = getsql(sql, ...); |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
78 if not stmt then return stmt, err; end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
79 return stmt:affected(); |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
80 end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
81 |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
82 local function get_password(username) |
720
97f6d7c4aaed
mod_auth_joomla: Added config option sql.prefix (default = "jos_").
Waqas Hussain <waqas20@gmail.com>
parents:
719
diff
changeset
|
83 local stmt, err = getsql("SELECT `password` FROM `"..prefix.."users` WHERE `username`=?", username); |
422
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
84 if stmt then |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
85 for row in stmt:rows(true) do |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
86 return row.password; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
87 end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
88 end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
89 end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
90 |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
91 |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
92 local function getCryptedPassword(plaintext, salt) |
719
5e71e24e33fc
mod_auth_joomla: Joomla hash should be hex-encoded, not raw binary (thanks Anthony).
Waqas Hussain <waqas20@gmail.com>
parents:
422
diff
changeset
|
93 local salted = plaintext..salt; |
5e71e24e33fc
mod_auth_joomla: Joomla hash should be hex-encoded, not raw binary (thanks Anthony).
Waqas Hussain <waqas20@gmail.com>
parents:
422
diff
changeset
|
94 return md5(salted, true); |
422
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
95 end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
96 local function joomlaCheckHash(password, hash) |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
97 local crypt, salt = hash:match("^([^:]*):(.*)$"); |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
98 return (crypt or hash) == getCryptedPassword(password, salt or ''); |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
99 end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
100 local function joomlaCreateHash(password) |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
101 local salt = uuid_gen():gsub("%-", ""); |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
102 local crypt = getCryptedPassword(password, salt); |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
103 return crypt..':'..salt; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
104 end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
105 |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
106 |
814
881ec9919144
mod_auth_*: Use module:provides(), and don't explicitly specify provider.name.
Waqas Hussain <waqas20@gmail.com>
parents:
720
diff
changeset
|
107 provider = {}; |
422
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
108 |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
109 function provider.test_password(username, password) |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
110 local hash = get_password(username); |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
111 return hash and joomlaCheckHash(password, hash); |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
112 end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
113 function provider.user_exists(username) |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
114 module:log("debug", "test user %s existence", username); |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
115 return get_password(username) and true; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
116 end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
117 |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
118 function provider.get_password(username) |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
119 return nil, "Getting password is not supported."; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
120 end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
121 function provider.set_password(username, password) |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
122 local hash = joomlaCreateHash(password); |
720
97f6d7c4aaed
mod_auth_joomla: Added config option sql.prefix (default = "jos_").
Waqas Hussain <waqas20@gmail.com>
parents:
719
diff
changeset
|
123 local stmt, err = setsql("UPDATE `"..prefix.."users` SET `password`=? WHERE `username`=?", hash, username); |
422
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
124 return stmt and true, err; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
125 end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
126 function provider.create_user(username, password) |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
127 return nil, "Account creation/modification not supported."; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
128 end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
129 |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
130 local escapes = { |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
131 [" "] = "\\20"; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
132 ['"'] = "\\22"; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
133 ["&"] = "\\26"; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
134 ["'"] = "\\27"; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
135 ["/"] = "\\2f"; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
136 [":"] = "\\3a"; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
137 ["<"] = "\\3c"; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
138 [">"] = "\\3e"; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
139 ["@"] = "\\40"; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
140 ["\\"] = "\\5c"; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
141 }; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
142 local unescapes = {}; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
143 for k,v in pairs(escapes) do unescapes[v] = k; end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
144 local function jid_escape(s) return s and (s:gsub(".", escapes)); end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
145 local function jid_unescape(s) return s and (s:gsub("\\%x%x", unescapes)); end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
146 |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
147 function provider.get_sasl_handler() |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
148 local sasl = {}; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
149 function sasl:clean_clone() return provider.get_sasl_handler(); end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
150 function sasl:mechanisms() return { PLAIN = true; }; end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
151 function sasl:select(mechanism) |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
152 if not self.selected and mechanism == "PLAIN" then |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
153 self.selected = mechanism; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
154 return true; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
155 end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
156 end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
157 function sasl:process(message) |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
158 if not message then return "failure", "malformed-request"; end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
159 local authorization, authentication, password = message:match("^([^%z]*)%z([^%z]+)%z([^%z]+)"); |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
160 if not authorization then return "failure", "malformed-request"; end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
161 authentication = saslprep(authentication); |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
162 password = saslprep(password); |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
163 if (not password) or (password == "") or (not authentication) or (authentication == "") then |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
164 return "failure", "malformed-request", "Invalid username or password."; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
165 end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
166 local function test(authentication) |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
167 local prepped = nodeprep(authentication); |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
168 local normalized = jid_unescape(prepped); |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
169 return normalized and provider.test_password(normalized, password) and prepped; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
170 end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
171 local username = test(authentication) or test(jid_escape(authentication)); |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
172 if username then |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
173 self.username = username; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
174 return "success"; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
175 end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
176 return "failure", "not-authorized", "Unable to authorize you with the authentication credentials you've sent."; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
177 end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
178 return sasl; |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
179 end |
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
180 |
814
881ec9919144
mod_auth_*: Use module:provides(), and don't explicitly specify provider.name.
Waqas Hussain <waqas20@gmail.com>
parents:
720
diff
changeset
|
181 module:provides("auth", provider); |
422
1082856e4612
mod_auth_joomla: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
182 |