annotate mod_client_management/mod_client_management.lua @ 5472:b80b6947b079

mod_http_oauth2: Always show early errors to user Before having validated the client_id, communicating an error back to the client via redirect would make this an open redirect, so we may just as well skip past that logic, and especially the warning log message.
author Kim Alvefur <zash@zash.se>
date Thu, 18 May 2023 13:43:17 +0200
parents d9397d6a5513
children f25df3af02c1
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
5294
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1 local modulemanager = require "core.modulemanager";
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
2 local usermanager = require "core.usermanager";
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
3
5301
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
4 local array = require "util.array";
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
5 local dt = require "util.datetime";
5294
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
6 local id = require "util.id";
5301
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
7 local it = require "util.iterators";
5294
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
8 local jid = require "util.jid";
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
9 local st = require "util.stanza";
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
10
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
11 local strict = module:get_option_boolean("enforce_client_ids", false);
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
12
5312
22e6b9f09439 mod_client_management: Add list-clients + manage-clients permissions to users
Matthew Wild <mwild1@gmail.com>
parents: 5311
diff changeset
13 module:default_permission("prosody:user", ":list-clients");
22e6b9f09439 mod_client_management: Add list-clients + manage-clients permissions to users
Matthew Wild <mwild1@gmail.com>
parents: 5311
diff changeset
14 module:default_permission("prosody:user", ":manage-clients");
22e6b9f09439 mod_client_management: Add list-clients + manage-clients permissions to users
Matthew Wild <mwild1@gmail.com>
parents: 5311
diff changeset
15
5294
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
16 local tokenauth = module:depends("tokenauth");
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
17 local mod_fast = module:depends("sasl2_fast");
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
18
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
19 local client_store = assert(module:open_store("clients", "keyval+"));
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
20 --[[{
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
21 id = id;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
22 first_seen =
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
23 last_seen =
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
24 user_agent = {
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
25 name =
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
26 os =
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
27 }
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
28 --}]]
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
29
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
30 local xmlns_sasl2 = "urn:xmpp:sasl:2";
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
31
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
32 local function get_user_agent(sasl_handler, token_info)
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
33 local sasl_agent = sasl_handler and sasl_handler.user_agent;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
34 local token_agent = token_info and token_info.data and token_info.data.oauth2_client;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
35 if not (sasl_agent or token_agent) then return; end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
36 return {
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
37 software = sasl_agent and sasl_agent.software or token_agent and token_agent.name or nil;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
38 uri = token_agent and token_agent.uri or nil;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
39 device = sasl_agent and sasl_agent.device or nil;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
40 };
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
41 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
42
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
43 module:hook("sasl2/c2s/success", function (event)
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
44 local session = event.session;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
45 local username, client_id = session.username, session.client_id;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
46 local mechanism = session.sasl_handler.selected;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
47 local token_info = session.sasl_handler.token_info;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
48 local token_id = token_info and token_info.id or nil;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
49
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
50 local now = os.time();
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
51 if client_id then -- SASL2, have client identifier
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
52 local is_new_client;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
53
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
54 local client_state = client_store:get_key(username, client_id);
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
55 if not client_state then
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
56 is_new_client = true;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
57 client_state = {
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
58 id = client_id;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
59 first_seen = now;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
60 user_agent = get_user_agent(session.sasl_handler, token_info);
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
61 full_jid = nil;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
62 last_seen = nil;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
63 mechanisms = {};
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
64 };
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
65 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
66 -- Update state
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
67 client_state.full_jid = session.full_jid;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
68 client_state.last_seen = now;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
69 client_state.mechanisms[mechanism] = now;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
70 if session.sasl_handler.fast_auth then
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
71 client_state.fast_auth = now;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
72 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
73 if token_id then
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
74 client_state.auth_token_id = token_id;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
75 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
76 -- Store updated state
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
77 client_store:set_key(username, client_id, client_state);
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
78
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
79 if is_new_client then
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
80 module:fire_event("client_management/new-client", { client = client_state });
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
81 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
82 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
83 end);
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
84
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
85 local function find_client_by_resource(username, resource)
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
86 local full_jid = jid.join(username, module.host, resource);
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
87 local clients = client_store:get(username);
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
88 if not clients then return; end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
89
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
90 for _, client_state in pairs(clients) do
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
91 if client_state.full_jid == full_jid then
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
92 return client_state;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
93 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
94 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
95 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
96
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
97 module:hook("resource-bind", function (event)
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
98 local session = event.session;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
99 if session.client_id then return; end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
100 local is_new_client;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
101 local client_state = find_client_by_resource(event.session.username, event.session.resource);
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
102 local now = os.time();
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
103 if not client_state then
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
104 is_new_client = true;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
105 client_state = {
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
106 id = id.short();
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
107 first_seen = now;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
108 user_agent = nil;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
109 full_jid = nil;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
110 last_seen = nil;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
111 mechanisms = {};
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
112 legacy = true;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
113 };
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
114 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
115
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
116 -- Update state
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
117 local legacy_info = session.client_management_info;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
118 client_state.full_jid = session.full_jid;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
119 client_state.last_seen = now;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
120 client_state.mechanisms[legacy_info.mechanism] = now;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
121 if legacy_info.fast_auth then
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
122 client_state.fast_auth = now;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
123 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
124
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
125 local token_id = legacy_info.token_info and legacy_info.token_info.id;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
126 if token_id then
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
127 client_state.auth_token_id = token_id;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
128 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
129
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
130 -- Store updated state
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
131 client_store:set_key(session.username, client_state.id, client_state);
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
132
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
133 if is_new_client then
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
134 module:fire_event("client_management/new-client", { client = client_state });
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
135 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
136 end);
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
137
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
138 if strict then
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
139 module:hook_tag(xmlns_sasl2, "authenticate", function (session, auth)
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
140 local user_agent = auth:get_child("user-agent");
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
141 if not user_agent or not user_agent.attr.id then
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
142 local failure = st.stanza("failure", { xmlns = xmlns_sasl2 })
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
143 :tag("malformed-request", { xmlns = "urn:ietf:params:xml:ns:xmpp-sasl" }):up()
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
144 :text_tag("text", "Client identifier required but not supplied");
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
145 session.send(failure);
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
146 return true;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
147 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
148 end, 500);
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
149
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
150 if modulemanager.get_modules_for_host(module.host):contains("saslauth") then
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
151 module:log("error", "mod_saslauth is enabled, but enforce_client_ids is enabled and will prevent it from working");
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
152 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
153
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
154 module:hook("stanza/urn:ietf:params:xml:ns:xmpp-sasl:auth", function (event)
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
155 -- Block legacy SASL, if for some reason it is being used (either mod_saslauth is loaded,
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
156 -- or clients try it without advertisement)
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
157 module:log("warn", "Blocking legacy SASL authentication because enforce_client_ids is enabled");
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
158 local failure = st.stanza("failure", { xmlns = xmlns_sasl2 })
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
159 :tag("malformed-request", { xmlns = "urn:ietf:params:xml:ns:xmpp-sasl" }):up()
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
160 :text_tag("text", "Legacy SASL authentication is not available on this server");
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
161 event.session.send(failure);
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
162 return true;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
163 end);
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
164 else
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
165 -- Legacy client compat code
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
166 module:hook("authentication-success", function (event)
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
167 local session = event.session;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
168 if session.client_id then return; end -- SASL2 client
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
169
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
170 local sasl_handler = session.sasl_handler;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
171 session.client_management_info = {
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
172 mechanism = sasl_handler.selected;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
173 token_info = sasl_handler.token_info;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
174 fast_auth = sasl_handler.fast_auth;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
175 };
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
176 end);
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
177 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
178
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
179 local function is_password_mechanism(mech_name)
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
180 if mech_name == "OAUTHBEARER" then return false; end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
181 if mech_name:match("^HT%-") then return false; end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
182 return true;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
183 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
184
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
185 local function is_client_active(client)
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
186 local username, host = jid.split(client.full_jid);
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
187 local account_info = usermanager.get_account_info(username, host);
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
188 local last_password_change = account_info and account_info.password_updated;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
189
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
190 local status = {};
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
191
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
192 -- Check for an active token grant that has been previously used by this client
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
193 if client.auth_token_id then
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
194 local grant = tokenauth.get_grant_info(client.auth_token_id);
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
195 if grant then
5301
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
196 status.grant = grant;
5294
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
197 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
198 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
199
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
200 -- Check for active FAST tokens
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
201 if client.fast_auth then
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
202 if mod_fast.is_client_fast(username, client.id, last_password_change) then
5301
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
203 status.fast = client.fast_auth;
5294
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
204 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
205 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
206
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
207 -- Client has access if any password-based SASL mechanisms have been used since last password change
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
208 for mech, mech_last_used in pairs(client.mechanisms) do
5369
1a58a11407ac mod_client_management: Fix error when last password change is unknown (or never)
Kim Alvefur <zash@zash.se>
parents: 5343
diff changeset
209 if is_password_mechanism(mech) and (not last_password_change or mech_last_used >= last_password_change) then
5301
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
210 status.password = mech_last_used;
5294
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
211 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
212 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
213
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
214 if prosody.full_sessions[client.full_jid] then
5301
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
215 status.connected = true;
5294
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
216 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
217
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
218 if next(status) == nil then
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
219 return nil;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
220 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
221 return status;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
222 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
223
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
224 -- Public API
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
225 --luacheck: ignore 131
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
226 function get_active_clients(username)
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
227 local clients = client_store:get(username);
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
228 local active_clients = {};
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
229 local used_grants = {};
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
230
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
231 -- Go through known clients, check whether they could possibly log in
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
232 for client_id, client in pairs(clients or {}) do --luacheck: ignore 213/client_id
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
233 local active = is_client_active(client);
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
234 if active then
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
235 client.type = "session";
5305
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
236 client.id = "client/"..client.id;
5294
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
237 client.active = active;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
238 table.insert(active_clients, client);
5301
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
239 if active.grant then
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
240 used_grants[active.grant.id] = true;
5294
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
241 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
242 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
243 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
244
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
245 -- Next, account for any grants that have been issued, but never actually logged in
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
246 for grant_id, grant in pairs(tokenauth.get_user_grants(username) or {}) do
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
247 if not used_grants[grant_id] then -- exclude grants already accounted for
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
248 table.insert(active_clients, {
5307
2bb27dfd10d5 mod_client_management: Use grant id from key
Matthew Wild <mwild1@gmail.com>
parents: 5306
diff changeset
249 id = "grant/"..grant_id;
5294
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
250 type = "access";
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
251 first_seen = grant.created;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
252 last_seen = grant.accessed;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
253 active = {
5301
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
254 grant = grant;
5294
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
255 };
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
256 user_agent = get_user_agent(nil, grant);
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
257 });
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
258 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
259 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
260
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
261 table.sort(active_clients, function (a, b)
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
262 if a.last_seen and b.last_seen then
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
263 return a.last_seen < b.last_seen;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
264 elseif not (a.last_seen or b.last_seen) then
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
265 if a.first_seen and b.first_seen then
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
266 return a.first_seen < b.first_seen;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
267 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
268 elseif b.last_seen then
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
269 return true;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
270 elseif a.last_seen then
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
271 return false;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
272 end
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
273 return a.id < b.id;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
274 end);
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
275
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
276 return active_clients;
385346b6c81d mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
277 end
5301
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
278
5305
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
279 function revoke_client_access(username, client_selector)
5370
d9d52ad8c1ae mod_client_management: Fix type confusion
Kim Alvefur <zash@zash.se>
parents: 5369
diff changeset
280 if client_selector then
d9d52ad8c1ae mod_client_management: Fix type confusion
Kim Alvefur <zash@zash.se>
parents: 5369
diff changeset
281 local c_type, c_id = client_selector:match("^(%w+)/(.+)$");
5305
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
282 if c_type == "client" then
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
283 local client = client_store:get_key(username, c_id);
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
284 if not client then
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
285 return nil, "item-not-found";
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
286 end
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
287 local status = is_client_active(client);
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
288 if status.connected then
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
289 local ok, err = prosody.full_sessions[client.full_jid]:close();
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
290 if not ok then return ok, err; end
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
291 end
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
292 if status.fast then
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
293 local ok = mod_fast.revoke_fast_tokens(username, client.id);
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
294 if not ok then return nil, "internal-server-error"; end
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
295 end
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
296 if status.grant then
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
297 local ok = tokenauth.revoke_grant(username, status.grant.id);
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
298 if not ok then return nil, "internal-server-error"; end
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
299 end
5306
210aeb5afe42 mod_client_management: Fail to revoke clients that have used passwords
Matthew Wild <mwild1@gmail.com>
parents: 5305
diff changeset
300 if status.password then
210aeb5afe42 mod_client_management: Fail to revoke clients that have used passwords
Matthew Wild <mwild1@gmail.com>
parents: 5305
diff changeset
301 return nil, "password-reset-required";
210aeb5afe42 mod_client_management: Fail to revoke clients that have used passwords
Matthew Wild <mwild1@gmail.com>
parents: 5305
diff changeset
302 end
5305
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
303 return true;
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
304 elseif c_type == "grant" then
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
305 local grant = tokenauth.get_grant_info(username, c_id);
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
306 if not grant then
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
307 return nil, "item-not-found";
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
308 end
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
309 local ok = tokenauth.revoke_grant(username, c_id);
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
310 if not ok then return nil, "internal-server-error"; end
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
311 return true;
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
312 end
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
313 end
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
314
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
315 return nil, "item-not-found";
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
316 end
9b9f35aaeb91 mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents: 5304
diff changeset
317
5301
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
318 -- Protocol
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
319
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
320 local xmlns_manage_clients = "xmpp:prosody.im/protocol/manage-clients";
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
321
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
322 module:hook("iq-get/self/xmpp:prosody.im/protocol/manage-clients:list", function (event)
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
323 local origin, stanza = event.origin, event.stanza;
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
324
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
325 if not module:may(":list-clients", event) then
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
326 origin.send(st.error_reply(stanza, "auth", "forbidden"));
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
327 return true;
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
328 end
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
329
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
330 local reply = st.reply(stanza)
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
331 :tag("clients", { xmlns = xmlns_manage_clients });
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
332
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
333 local active_clients = get_active_clients(event.origin.username);
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
334 for _, client in ipairs(active_clients) do
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
335 local auth_type = st.stanza("auth");
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
336 if client.active then
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
337 if client.active.password then
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
338 auth_type:text_tag("password");
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
339 end
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
340 if client.active.grant then
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
341 auth_type:text_tag("bearer-token");
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
342 end
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
343 if client.active.fast then
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
344 auth_type:text_tag("fast");
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
345 end
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
346 end
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
347
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
348 local user_agent = st.stanza("user-agent");
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
349 if client.user_agent then
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
350 if client.user_agent.software then
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
351 user_agent:text_tag("software", client.user_agent.software);
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
352 end
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
353 if client.user_agent.device then
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
354 user_agent:text_tag("device", client.user_agent.device);
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
355 end
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
356 if client.user_agent.uri then
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
357 user_agent:text_tag("uri", client.user_agent.uri);
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
358 end
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
359 end
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
360
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
361 local connected = client.active and client.active.connected;
5304
717ff9468464 mod_client_management: Include client type in XML response listing
Matthew Wild <mwild1@gmail.com>
parents: 5301
diff changeset
362 reply:tag("client", { id = client.id, connected = connected and "true" or "false", type = client.type })
5301
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
363 :text_tag("first-seen", dt.datetime(client.first_seen))
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
364 :text_tag("last-seen", dt.datetime(client.last_seen))
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
365 :add_child(auth_type)
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
366 :add_child(user_agent)
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
367 :up();
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
368 end
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
369 reply:up();
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
370
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
371 origin.send(reply);
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
372 return true;
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
373 end);
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
374
5343
5c1c70e52635 mod_client_management: Fix import of util.error (not errors)
Kim Alvefur <zash@zash.se>
parents: 5312
diff changeset
375 local revocation_errors = require "util.error".init(module.name, xmlns_manage_clients, {
5311
d4a0d2b5343a mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents: 5310
diff changeset
376 ["item-not-found"] = { "cancel", "item-not-found", "Client not found" };
d4a0d2b5343a mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents: 5310
diff changeset
377 ["internal-server-error"] = { "wait", "internal-server-error", "Unable to revoke client access" };
d4a0d2b5343a mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents: 5310
diff changeset
378 ["password-reset-required"] = { "cancel", "service-unavailable", "Password reset required", "password-reset-required" };
d4a0d2b5343a mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents: 5310
diff changeset
379 });
d4a0d2b5343a mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents: 5310
diff changeset
380
d4a0d2b5343a mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents: 5310
diff changeset
381 module:hook("iq-set/self/xmpp:prosody.im/protocol/manage-clients:revoke", function (event)
d4a0d2b5343a mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents: 5310
diff changeset
382 local origin, stanza = event.origin, event.stanza;
d4a0d2b5343a mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents: 5310
diff changeset
383
d4a0d2b5343a mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents: 5310
diff changeset
384 if not module:may(":manage-clients", event) then
d4a0d2b5343a mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents: 5310
diff changeset
385 origin.send(st.error_reply(stanza, "auth", "forbidden"));
d4a0d2b5343a mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents: 5310
diff changeset
386 return true;
d4a0d2b5343a mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents: 5310
diff changeset
387 end
d4a0d2b5343a mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents: 5310
diff changeset
388
d4a0d2b5343a mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents: 5310
diff changeset
389 local client_id = stanza.tags[1].attr.id;
d4a0d2b5343a mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents: 5310
diff changeset
390
d4a0d2b5343a mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents: 5310
diff changeset
391 local ok, err = revocation_errors.coerce(revoke_client_access(origin.username, client_id));
d4a0d2b5343a mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents: 5310
diff changeset
392 if not ok then
d4a0d2b5343a mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents: 5310
diff changeset
393 origin.send(st.error_reply(stanza, err));
d4a0d2b5343a mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents: 5310
diff changeset
394 return true;
d4a0d2b5343a mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents: 5310
diff changeset
395 end
d4a0d2b5343a mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents: 5310
diff changeset
396
d4a0d2b5343a mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents: 5310
diff changeset
397 origin.send(st.reply(stanza));
d4a0d2b5343a mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents: 5310
diff changeset
398 return true;
d4a0d2b5343a mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents: 5310
diff changeset
399 end);
d4a0d2b5343a mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents: 5310
diff changeset
400
d4a0d2b5343a mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents: 5310
diff changeset
401
5301
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
402 -- Command
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
403
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
404 module:once(function ()
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
405 local console_env = module:shared("/*/admin_shell/env");
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
406 if not console_env.user then return; end -- admin_shell probably not loaded
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
407
5308
f370ccb15f05 mod_client_management: Fix user:clients() shell command to take a JID
Matthew Wild <mwild1@gmail.com>
parents: 5307
diff changeset
408 function console_env.user:clients(user_jid)
f370ccb15f05 mod_client_management: Fix user:clients() shell command to take a JID
Matthew Wild <mwild1@gmail.com>
parents: 5307
diff changeset
409 local username, host = jid.split(user_jid);
f370ccb15f05 mod_client_management: Fix user:clients() shell command to take a JID
Matthew Wild <mwild1@gmail.com>
parents: 5307
diff changeset
410 local mod = prosody.hosts[host] and prosody.hosts[host].modules.client_management;
f370ccb15f05 mod_client_management: Fix user:clients() shell command to take a JID
Matthew Wild <mwild1@gmail.com>
parents: 5307
diff changeset
411 if not mod then
5372
2d8076577e14 mod_client_management: Fix error when called against host without this module
Kim Alvefur <zash@zash.se>
parents: 5371
diff changeset
412 return false, ("Host does not exist on this server, or does not have mod_client_management loaded");
5308
f370ccb15f05 mod_client_management: Fix user:clients() shell command to take a JID
Matthew Wild <mwild1@gmail.com>
parents: 5307
diff changeset
413 end
f370ccb15f05 mod_client_management: Fix user:clients() shell command to take a JID
Matthew Wild <mwild1@gmail.com>
parents: 5307
diff changeset
414
f370ccb15f05 mod_client_management: Fix user:clients() shell command to take a JID
Matthew Wild <mwild1@gmail.com>
parents: 5307
diff changeset
415 local clients = mod.get_active_clients(username);
5301
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
416 if not clients or #clients == 0 then
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
417 return true, "No clients associated with this account";
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
418 end
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
419
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
420 local colspec = {
5371
b2d51c6ae89a mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents: 5370
diff changeset
421 {
b2d51c6ae89a mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents: 5370
diff changeset
422 title = "Software";
5373
93d6ed7dc779 mod_client_management: Fix changed column cell "key"
Kim Alvefur <zash@zash.se>
parents: 5372
diff changeset
423 key = "user_agent";
5371
b2d51c6ae89a mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents: 5370
diff changeset
424 width = "1p";
b2d51c6ae89a mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents: 5370
diff changeset
425 mapper = function(user_agent)
b2d51c6ae89a mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents: 5370
diff changeset
426 return user_agent and user_agent.software;
b2d51c6ae89a mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents: 5370
diff changeset
427 end;
b2d51c6ae89a mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents: 5370
diff changeset
428 };
b2d51c6ae89a mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents: 5370
diff changeset
429 {
b2d51c6ae89a mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents: 5370
diff changeset
430 title = "Last seen";
b2d51c6ae89a mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents: 5370
diff changeset
431 key = "last_seen";
5374
d9397d6a5513 mod_client_management: Show time for recent timestamps in shell command
Kim Alvefur <zash@zash.se>
parents: 5373
diff changeset
432 width = math.max(#os.date("%Y-%m-%d"), #os.date("%H:%M:%S"));
d9397d6a5513 mod_client_management: Show time for recent timestamps in shell command
Kim Alvefur <zash@zash.se>
parents: 5373
diff changeset
433 align = "right";
5371
b2d51c6ae89a mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents: 5370
diff changeset
434 mapper = function(last_seen)
5374
d9397d6a5513 mod_client_management: Show time for recent timestamps in shell command
Kim Alvefur <zash@zash.se>
parents: 5373
diff changeset
435 return os.date(os.difftime(os.time(), last_seen) >= 86400 and "%Y-%m-%d" or "%H:%M:%S", last_seen);
5371
b2d51c6ae89a mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents: 5370
diff changeset
436 end;
b2d51c6ae89a mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents: 5370
diff changeset
437 };
b2d51c6ae89a mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents: 5370
diff changeset
438 {
b2d51c6ae89a mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents: 5370
diff changeset
439 title = "Authentication";
b2d51c6ae89a mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents: 5370
diff changeset
440 key = "active";
b2d51c6ae89a mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents: 5370
diff changeset
441 width = "2p";
b2d51c6ae89a mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents: 5370
diff changeset
442 mapper = function(active)
b2d51c6ae89a mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents: 5370
diff changeset
443 return array.collect(it.keys(active)):sort():concat(", ");
b2d51c6ae89a mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents: 5370
diff changeset
444 end;
b2d51c6ae89a mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents: 5370
diff changeset
445 };
5301
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
446 };
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
447
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
448 local row = require "util.human.io".table(colspec, self.session.width);
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
449
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
450 local print = self.session.print;
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
451 print(row());
5309
09656e2b4927 mod_client_management: Improve table output
Matthew Wild <mwild1@gmail.com>
parents: 5308
diff changeset
452 print(string.rep("-", self.session.width));
5301
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
453 for _, client in ipairs(clients) do
5371
b2d51c6ae89a mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents: 5370
diff changeset
454 print(row(client));
5301
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
455 end
5309
09656e2b4927 mod_client_management: Improve table output
Matthew Wild <mwild1@gmail.com>
parents: 5308
diff changeset
456 print(string.rep("-", self.session.width));
09656e2b4927 mod_client_management: Improve table output
Matthew Wild <mwild1@gmail.com>
parents: 5308
diff changeset
457 return true, ("%d clients"):format(#clients);
5301
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
458 end
8ef197cccd74 mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents: 5294
diff changeset
459 end);