Mercurial > prosody-modules
annotate mod_auth_external_insecure/examples/bash/prosody-auth-example.sh @ 5447:aa4828f040c5
mod_http_oauth2: Enforce client scope restrictions in authorization
When registering a client, a scope field can be included as a promise to
only ever use those. Here we enforce that promise, if given, ensuring a
client can't request or be granted a scope it didn't provide in its
registration. While currently there is no restrictions at registration
time, this could be changed in the future in various ways.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Thu, 11 May 2023 19:33:44 +0200 |
parents | f84ede3e9e3b |
children |
rev | line source |
---|---|
197
2686221255cf
restart authorize command if crashed or ended; added example shell script
Bjoern Kalkbrenner <terminar@cyberphoria.org>
parents:
diff
changeset
|
1 #!/bin/bash |
2686221255cf
restart authorize command if crashed or ended; added example shell script
Bjoern Kalkbrenner <terminar@cyberphoria.org>
parents:
diff
changeset
|
2 |
2686221255cf
restart authorize command if crashed or ended; added example shell script
Bjoern Kalkbrenner <terminar@cyberphoria.org>
parents:
diff
changeset
|
3 IFS=":" |
2686221255cf
restart authorize command if crashed or ended; added example shell script
Bjoern Kalkbrenner <terminar@cyberphoria.org>
parents:
diff
changeset
|
4 AUTH_OK=1 |
2686221255cf
restart authorize command if crashed or ended; added example shell script
Bjoern Kalkbrenner <terminar@cyberphoria.org>
parents:
diff
changeset
|
5 AUTH_FAILED=0 |
2686221255cf
restart authorize command if crashed or ended; added example shell script
Bjoern Kalkbrenner <terminar@cyberphoria.org>
parents:
diff
changeset
|
6 LOGFILE="/var/log/prosody/auth.log" |
1197
25641c4cab36
mod_auth_external/examples: bash: Don't use log file by default
Matthew Wild <mwild1@gmail.com>
parents:
1164
diff
changeset
|
7 USELOG=false |
197
2686221255cf
restart authorize command if crashed or ended; added example shell script
Bjoern Kalkbrenner <terminar@cyberphoria.org>
parents:
diff
changeset
|
8 |
2686221255cf
restart authorize command if crashed or ended; added example shell script
Bjoern Kalkbrenner <terminar@cyberphoria.org>
parents:
diff
changeset
|
9 while read ACTION USER HOST PASS ; do |
2686221255cf
restart authorize command if crashed or ended; added example shell script
Bjoern Kalkbrenner <terminar@cyberphoria.org>
parents:
diff
changeset
|
10 |
2686221255cf
restart authorize command if crashed or ended; added example shell script
Bjoern Kalkbrenner <terminar@cyberphoria.org>
parents:
diff
changeset
|
11 [ $USELOG == true ] && { echo "Date: $(date) Action: $ACTION User: $USER Host: $HOST Pass: $PASS" >> $LOGFILE; } |
2686221255cf
restart authorize command if crashed or ended; added example shell script
Bjoern Kalkbrenner <terminar@cyberphoria.org>
parents:
diff
changeset
|
12 |
2686221255cf
restart authorize command if crashed or ended; added example shell script
Bjoern Kalkbrenner <terminar@cyberphoria.org>
parents:
diff
changeset
|
13 case $ACTION in |
2686221255cf
restart authorize command if crashed or ended; added example shell script
Bjoern Kalkbrenner <terminar@cyberphoria.org>
parents:
diff
changeset
|
14 "auth") |
2686221255cf
restart authorize command if crashed or ended; added example shell script
Bjoern Kalkbrenner <terminar@cyberphoria.org>
parents:
diff
changeset
|
15 if [ $USER == "someone" ] ; then |
2686221255cf
restart authorize command if crashed or ended; added example shell script
Bjoern Kalkbrenner <terminar@cyberphoria.org>
parents:
diff
changeset
|
16 echo $AUTH_OK |
2686221255cf
restart authorize command if crashed or ended; added example shell script
Bjoern Kalkbrenner <terminar@cyberphoria.org>
parents:
diff
changeset
|
17 else |
2686221255cf
restart authorize command if crashed or ended; added example shell script
Bjoern Kalkbrenner <terminar@cyberphoria.org>
parents:
diff
changeset
|
18 echo $AUTH_FAILED |
2686221255cf
restart authorize command if crashed or ended; added example shell script
Bjoern Kalkbrenner <terminar@cyberphoria.org>
parents:
diff
changeset
|
19 fi |
2686221255cf
restart authorize command if crashed or ended; added example shell script
Bjoern Kalkbrenner <terminar@cyberphoria.org>
parents:
diff
changeset
|
20 ;; |
2686221255cf
restart authorize command if crashed or ended; added example shell script
Bjoern Kalkbrenner <terminar@cyberphoria.org>
parents:
diff
changeset
|
21 *) |
2686221255cf
restart authorize command if crashed or ended; added example shell script
Bjoern Kalkbrenner <terminar@cyberphoria.org>
parents:
diff
changeset
|
22 echo $AUTH_FAILED |
2686221255cf
restart authorize command if crashed or ended; added example shell script
Bjoern Kalkbrenner <terminar@cyberphoria.org>
parents:
diff
changeset
|
23 ;; |
2686221255cf
restart authorize command if crashed or ended; added example shell script
Bjoern Kalkbrenner <terminar@cyberphoria.org>
parents:
diff
changeset
|
24 esac |
2686221255cf
restart authorize command if crashed or ended; added example shell script
Bjoern Kalkbrenner <terminar@cyberphoria.org>
parents:
diff
changeset
|
25 |
2686221255cf
restart authorize command if crashed or ended; added example shell script
Bjoern Kalkbrenner <terminar@cyberphoria.org>
parents:
diff
changeset
|
26 done |