annotate mod_compliance_2021/mod_compliance_2021.lua @ 5405:c7a5caad28ef

mod_http_oauth2: Enforce response type encoded in client_id The client promises to only use this response type, so we should hold them to that. This makes it fail earlier if the response type is disabled or the client is trying to use one that it promised not to use. Better than failing after login and consent.
author Kim Alvefur <zash@zash.se>
date Tue, 02 May 2023 16:31:25 +0200
parents 3a42789d7235
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
4411
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 -- Copyright (c) 2021 Kim Alvefur
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
2 --
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3 -- This module is MIT licensed.
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
5 local hostmanager = require "core.hostmanager";
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
6
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
7 local array = require "util.array";
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
8 local set = require "util.set";
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
9
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
10 local modules_enabled = module:get_option_inherited_set("modules_enabled");
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
11
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
12 for host in pairs(hostmanager.get_children(module.host)) do
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
13 local component = module:context(host):get_option_string("component_module");
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
14 if component then
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
15 modules_enabled:add(component);
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
16 modules_enabled:include(module:context(host):get_option_set("modules_enabled", {}));
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
17 end
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
18 end
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
19
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
20 local function check(suggested, alternate, ...)
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
21 if set.intersection(modules_enabled, set.new({suggested; alternate; ...})):empty() then return suggested; end
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
22 return false;
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
23 end
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
24
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
25 local compliance = {
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
26 array {"Core Server"; check("tls"); check("disco")};
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
27
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
28 array {"Advanced Server"; check("pep", "pep_simple")};
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
29
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
30 array {"Core Web"; check("bosh"); check("websocket")};
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
31
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
32 -- No Server requirements for Advanced Web
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
33
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
34 array {"Core IM"; check("vcard_legacy", "vcard"); check("carbons"); check("http_file_share", "http_upload")};
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
35
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
36 array {
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
37 "Advanced IM";
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
38 check("vcard_legacy", "vcard");
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
39 check("blocklist");
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
40 check("muc");
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
41 check("private");
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
42 check("smacks");
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
43 check("mam");
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
44 check("bookmarks");
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
45 };
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
46
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
47 array {"Core Mobile"; check("smacks"); check("csi_simple", "csi_battery_saver")};
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
48
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
49 array {"Advanced Mobile"; check("cloud_notify")};
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
50
4603
3a42789d7235 mod_compliance_2021: Add mod_turn_external as satisfying A/V category
Kim Alvefur <zash@zash.se>
parents: 4411
diff changeset
51 array {"Core A/V Calling"; check("turn_external", "external_services", "turncredentials", "extdisco")};
4411
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
52
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
53 };
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
54
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
55 function check_compliance()
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
56 local compliant = true;
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
57 for _, suite in ipairs(compliance) do
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
58 local section = suite:pop(1);
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
59 if module:get_option_boolean("compliance_" .. section:lower():gsub("%A", "_"), true) then
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
60 local missing = set.new(suite:filter(function(m) return type(m) == "string" end):map(function(m) return "mod_" .. m end));
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
61 if suite[1] then
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
62 if compliant then
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
63 compliant = false;
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
64 module:log("warn", "Missing some modules for XMPP Compliance 2021");
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
65 end
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
66 module:log("info", "%s Compliance: %s", section, missing);
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
67 end
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
68 end
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
69 end
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
70
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
71 if compliant then module:log("info", "XMPP Compliance 2021: Compliant ✔️"); end
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
72 end
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
73
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
74 if prosody.start_time then
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
75 check_compliance()
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
76 else
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
77 module:hook_global("server-started", check_compliance);
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
78 end
c3d21182ebf3 mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff changeset
79