annotate mod_http_pep_avatar/mod_http_pep_avatar.lua @ 5384:b40f29ec391a

mod_http_oauth2: Allow configuring PKCE challenge methods You'd pretty much only want this to disable the 'plain' method, since it doesn't seem to add that much security?
author Kim Alvefur <zash@zash.se>
date Sat, 29 Apr 2023 13:09:49 +0200
parents 02d238799537
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
3425
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
1 -- HTTP Access to PEP Avatar
2294
4915b8223b07 mod_atom: Expose Microbloging PEP data over HTTP
Kim Alvefur <zash@zash.se>
parents:
diff changeset
2 -- By Kim Alvefur <zash@zash.se>
4915b8223b07 mod_atom: Expose Microbloging PEP data over HTTP
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3
3241
4b52cafd5811 mod_atom: Update to the new mod_pep
Kim Alvefur <zash@zash.se>
parents: 2294
diff changeset
4 local mod_pep = module:depends"pep";
4b52cafd5811 mod_atom: Update to the new mod_pep
Kim Alvefur <zash@zash.se>
parents: 2294
diff changeset
5
3424
6ae875c98daf mod_atom: Check whether user exists
Kim Alvefur <zash@zash.se>
parents: 3423
diff changeset
6 local um = require "core.usermanager";
2294
4915b8223b07 mod_atom: Expose Microbloging PEP data over HTTP
Kim Alvefur <zash@zash.se>
parents:
diff changeset
7 local nodeprep = require "util.encodings".stringprep.nodeprep;
3425
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
8 local base64_decode = require "util.encodings".base64.decode;
3433
213679266dcb mod_http_pep_avatar: Redirect to prepped username
Kim Alvefur <zash@zash.se>
parents: 3425
diff changeset
9 local urlencode = require "util.http".urlencode;
2294
4915b8223b07 mod_atom: Expose Microbloging PEP data over HTTP
Kim Alvefur <zash@zash.se>
parents:
diff changeset
10
3241
4b52cafd5811 mod_atom: Update to the new mod_pep
Kim Alvefur <zash@zash.se>
parents: 2294
diff changeset
11 module:depends("http")
2294
4915b8223b07 mod_atom: Expose Microbloging PEP data over HTTP
Kim Alvefur <zash@zash.se>
parents:
diff changeset
12 module:provides("http", {
4915b8223b07 mod_atom: Expose Microbloging PEP data over HTTP
Kim Alvefur <zash@zash.se>
parents:
diff changeset
13 route = {
4038
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
14 ["GET /*"] = function (event, path)
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
15 if path == "" then
3575
00bdecb12779 mod_http_pep_avatar: Return a message instead of 404 for base path
Kim Alvefur <zash@zash.se>
parents: 3433
diff changeset
16 return [[<h1>Hello from mod_http_pep_avatar</h1><p>This module provides access to public avatars of local users.</p>]];
00bdecb12779 mod_http_pep_avatar: Return a message instead of 404 for base path
Kim Alvefur <zash@zash.se>
parents: 3433
diff changeset
17 end;
00bdecb12779 mod_http_pep_avatar: Return a message instead of 404 for base path
Kim Alvefur <zash@zash.se>
parents: 3433
diff changeset
18
3423
4a8fa0364f35 mod_atom: Unpack event object
Kim Alvefur <zash@zash.se>
parents: 3276
diff changeset
19 local request, response = event.request, event.response;
4a8fa0364f35 mod_atom: Unpack event object
Kim Alvefur <zash@zash.se>
parents: 3276
diff changeset
20 local actor = request.ip;
3241
4b52cafd5811 mod_atom: Update to the new mod_pep
Kim Alvefur <zash@zash.se>
parents: 2294
diff changeset
21
4038
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
22 local user, item_id = path:match("^([^/]+)/(%x+)$");
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
23 if not user then user = path; end
3433
213679266dcb mod_http_pep_avatar: Redirect to prepped username
Kim Alvefur <zash@zash.se>
parents: 3425
diff changeset
24 local prepped = nodeprep(user);
213679266dcb mod_http_pep_avatar: Redirect to prepped username
Kim Alvefur <zash@zash.se>
parents: 3425
diff changeset
25 if not prepped then return 400; end
213679266dcb mod_http_pep_avatar: Redirect to prepped username
Kim Alvefur <zash@zash.se>
parents: 3425
diff changeset
26 if prepped ~= user then
213679266dcb mod_http_pep_avatar: Redirect to prepped username
Kim Alvefur <zash@zash.se>
parents: 3425
diff changeset
27 response.headers.location = module:http_url() .. "/" .. urlencode(prepped);
213679266dcb mod_http_pep_avatar: Redirect to prepped username
Kim Alvefur <zash@zash.se>
parents: 3425
diff changeset
28 return 302;
213679266dcb mod_http_pep_avatar: Redirect to prepped username
Kim Alvefur <zash@zash.se>
parents: 3425
diff changeset
29 end
3424
6ae875c98daf mod_atom: Check whether user exists
Kim Alvefur <zash@zash.se>
parents: 3423
diff changeset
30 if not um.user_exists(user, module.host) then
6ae875c98daf mod_atom: Check whether user exists
Kim Alvefur <zash@zash.se>
parents: 3423
diff changeset
31 return 404;
6ae875c98daf mod_atom: Check whether user exists
Kim Alvefur <zash@zash.se>
parents: 3423
diff changeset
32 end
3241
4b52cafd5811 mod_atom: Update to the new mod_pep
Kim Alvefur <zash@zash.se>
parents: 2294
diff changeset
33
3425
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
34 local pep_service = mod_pep.get_pep_service(user);
3272
119e22ccd64a mod_atom: Add some basic metadata to feed
Kim Alvefur <zash@zash.se>
parents: 3241
diff changeset
35
3425
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
36 local ok, avatar_hash, avatar_meta = pep_service:get_last_item("urn:xmpp:avatar:metadata", actor);
3272
119e22ccd64a mod_atom: Add some basic metadata to feed
Kim Alvefur <zash@zash.se>
parents: 3241
diff changeset
37
3425
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
38 if not ok or not avatar_hash then
3241
4b52cafd5811 mod_atom: Update to the new mod_pep
Kim Alvefur <zash@zash.se>
parents: 2294
diff changeset
39 return 404;
4b52cafd5811 mod_atom: Update to the new mod_pep
Kim Alvefur <zash@zash.se>
parents: 2294
diff changeset
40 end
3425
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
41
4038
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
42 if (item_id or avatar_hash) == request.headers.if_none_match then
3425
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
43 return 304;
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
44 end
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
45
4038
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
46 local data_ok, avatar_data = pep_service:get_items("urn:xmpp:avatar:data", actor, item_id or avatar_hash);
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
47 if not data_ok or type(avatar_data) ~= "table" or not avatar_data[item_id or avatar_hash] then
3425
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
48 return 404;
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
49 end
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
50
4038
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
51 local info = avatar_meta.tags[1]:get_child("info");
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
52 if item_id and info.attr.id ~= item_id then
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
53 info = nil;
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
54 for altinfo in avatar_meta.tags[1]:childtags("info") do
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
55 if altinfo.attr.id == item_id then
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
56 info = altinfo;
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
57 end
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
58 end
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
59 end
3425
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
60
4038
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
61 if not info then
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
62 return 404;
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
63 end
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
64
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
65 response.headers.etag = item_id or avatar_hash;
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
66
3425
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
67 response.headers.content_type = info and info.attr.type or "application/octet-stream";
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
68
4038
02d238799537 mod_http_pep_avatar: Serve multiple avatars with a user/hash syntax
Kim Alvefur <zash@zash.se>
parents: 3575
diff changeset
69 local data = avatar_data[item_id or avatar_hash];
3425
461429e0db58 mod_http_pep_avatar: Provides PEP avatars via HTTP
Kim Alvefur <zash@zash.se>
parents: 3424
diff changeset
70 return base64_decode(data.tags[1]:get_text());
3241
4b52cafd5811 mod_atom: Update to the new mod_pep
Kim Alvefur <zash@zash.se>
parents: 2294
diff changeset
71 end;
4b52cafd5811 mod_atom: Update to the new mod_pep
Kim Alvefur <zash@zash.se>
parents: 2294
diff changeset
72 }
2294
4915b8223b07 mod_atom: Expose Microbloging PEP data over HTTP
Kim Alvefur <zash@zash.se>
parents:
diff changeset
73 });