prosody-modules: mod_extdisco/mod

annotate mod_extdisco/mod_extdisco.lua @ 5401:c8d04ac200fc

mod_http_oauth2: Reject loopback URIs as client_uri This really should be a proper website with info, https://localhost is not good enough. Ideally we'd validate that it's got proper DNS and is actually reachable, but triggering HTTP or even DNS lookups seems like it would carry abuse potential that would best to avoid.

author	Kim Alvefur <zash@zash.se>
date	Tue, 02 May 2023 16:20:55 +0200
parents	7811ba467525
children

rev	line source
281 e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	1 local st = require "util.stanza";
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	2
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	3 local services = module:get_option("external_services");
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	4
3605 452ae6effd02 mod_extdisco: Also handle XEP-0215 v0.7 Kim Alvefur <zash@zash.se> parents: 3604 diff changeset	5 local xmlns_extdisco_1 = "urn:xmpp:extdisco:1";
452ae6effd02 mod_extdisco: Also handle XEP-0215 v0.7 Kim Alvefur <zash@zash.se> parents: 3604 diff changeset	6 local xmlns_extdisco_2 = "urn:xmpp:extdisco:2";
281 e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	7
3605 452ae6effd02 mod_extdisco: Also handle XEP-0215 v0.7 Kim Alvefur <zash@zash.se> parents: 3604 diff changeset	8 module:add_feature(xmlns_extdisco_1);
452ae6effd02 mod_extdisco: Also handle XEP-0215 v0.7 Kim Alvefur <zash@zash.se> parents: 3604 diff changeset	9 module:add_feature(xmlns_extdisco_2);
281 e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	10
3605 452ae6effd02 mod_extdisco: Also handle XEP-0215 v0.7 Kim Alvefur <zash@zash.se> parents: 3604 diff changeset	11 local function handle_services(event)
281 e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	12 local origin, stanza = event.origin, event.stanza;
3605 452ae6effd02 mod_extdisco: Also handle XEP-0215 v0.7 Kim Alvefur <zash@zash.se> parents: 3604 diff changeset	13 local service = stanza.tags[1];
3606 7811ba467525 mod_extdisco: Remove redundant condition Kim Alvefur <zash@zash.se> parents: 3605 diff changeset	14 local service_type = service.attr.type;
3605 452ae6effd02 mod_extdisco: Also handle XEP-0215 v0.7 Kim Alvefur <zash@zash.se> parents: 3604 diff changeset	15 local reply = st.reply(stanza):tag("services", { xmlns = service.attr.xmlns });
281 e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	16 for host, service_info in pairs(services) do
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	17 if not(service_type) or service_info.type == service_type then
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	18 reply:tag("service", {
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	19 host = host;
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	20 port = service_info.port;
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	21 transport = service_info.transport;
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	22 type = service_info.type;
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	23 username = service_info.username;
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	24 password = service_info.password;
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	25 }):up();
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	26 end
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	27 end
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	28 origin.send(reply);
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	29 return true;
3605 452ae6effd02 mod_extdisco: Also handle XEP-0215 v0.7 Kim Alvefur <zash@zash.se> parents: 3604 diff changeset	30 end
452ae6effd02 mod_extdisco: Also handle XEP-0215 v0.7 Kim Alvefur <zash@zash.se> parents: 3604 diff changeset	31 module:hook("iq-get/host/"..xmlns_extdisco_1..":services", handle_services);
452ae6effd02 mod_extdisco: Also handle XEP-0215 v0.7 Kim Alvefur <zash@zash.se> parents: 3604 diff changeset	32 module:hook("iq-get/host/"..xmlns_extdisco_2..":services", handle_services);
281 e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	33
3605 452ae6effd02 mod_extdisco: Also handle XEP-0215 v0.7 Kim Alvefur <zash@zash.se> parents: 3604 diff changeset	34 local function handle_credentials(event)
281 e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	35 local origin, stanza = event.origin, event.stanza;
3605 452ae6effd02 mod_extdisco: Also handle XEP-0215 v0.7 Kim Alvefur <zash@zash.se> parents: 3604 diff changeset	36 local credentials = stanza.tags[1];
3606 7811ba467525 mod_extdisco: Remove redundant condition Kim Alvefur <zash@zash.se> parents: 3605 diff changeset	37 local host = credentials.attr.host;
281 e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	38 if not host then
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	39 origin.send(st.error_reply(stanza, "cancel", "bad-request", "No host specified"));
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	40 return true;
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	41 end
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	42 local service_info = services[host];
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	43 if not service_info then
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	44 origin.send(st.error_reply(stanza, "cancel", "item-not-found", "No such service known"));
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	45 return true;
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	46 end
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	47 local reply = st.reply(stanza)
3605 452ae6effd02 mod_extdisco: Also handle XEP-0215 v0.7 Kim Alvefur <zash@zash.se> parents: 3604 diff changeset	48 :tag("credentials", { xmlns = credentials.attr.xmlns })
281 e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	49 :tag("service", {
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	50 host = host;
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	51 username = service_info.username;
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	52 password = service_info.password;
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	53 }):up();
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	54 origin.send(reply);
e5c16c87383c mod_extdisco: XEP-0215: External Service Discovery Matthew Wild <mwild1@gmail.com> parents: diff changeset	55 return true;
3605 452ae6effd02 mod_extdisco: Also handle XEP-0215 v0.7 Kim Alvefur <zash@zash.se> parents: 3604 diff changeset	56 end
452ae6effd02 mod_extdisco: Also handle XEP-0215 v0.7 Kim Alvefur <zash@zash.se> parents: 3604 diff changeset	57 module:hook("iq-get/host/"..xmlns_extdisco_1..":credentials", handle_credentials);
452ae6effd02 mod_extdisco: Also handle XEP-0215 v0.7 Kim Alvefur <zash@zash.se> parents: 3604 diff changeset	58 module:hook("iq-get/host/"..xmlns_extdisco_2..":credentials", handle_credentials);

Mercurial > prosody-modules

annotate mod_extdisco/mod_extdisco.lua @ 5401:c8d04ac200fc