annotate mod_external_services/mod_external_services.lua @ 5401:c8d04ac200fc

mod_http_oauth2: Reject loopback URIs as client_uri This really should be a proper website with info, https://localhost is not good enough. Ideally we'd validate that it's got proper DNS and is actually reachable, but triggering HTTP or even DNS lookups seems like it would carry abuse potential that would best to avoid.
author Kim Alvefur <zash@zash.se>
date Tue, 02 May 2023 16:20:55 +0200
parents ede9682c2022
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
4075
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
2 local dt = require "util.datetime";
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3 local base64 = require "util.encodings".base64;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4 local hashes = require "util.hashes";
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
5 local st = require "util.stanza";
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
6 local jid = require "util.jid";
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
7 local array = require "util.array";
4666
dbc7ba3cc27c mod_external_services: Filter services by requested credentials using a Set
Kim Alvefur <zash@zash.se>
parents: 4665
diff changeset
8 local set = require "util.set";
4075
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
9
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
10 local default_host = module:get_option_string("external_service_host", module.host);
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
11 local default_port = module:get_option_number("external_service_port");
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
12 local default_secret = module:get_option_string("external_service_secret");
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
13 local default_ttl = module:get_option_number("external_service_ttl", 86400);
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
14
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
15 local configured_services = module:get_option_array("external_services", {});
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
16
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
17 local access = module:get_option_set("external_service_access", {});
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
18
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
19 -- https://tools.ietf.org/html/draft-uberti-behave-turn-rest-00
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
20 local function behave_turn_rest_credentials(srv, item, secret)
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
21 local ttl = default_ttl;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
22 if type(item.ttl) == "number" then
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
23 ttl = item.ttl;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
24 end
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
25 local expires = srv.expires or os.time() + ttl;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
26 local username;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
27 if type(item.username) == "string" then
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
28 username = string.format("%d:%s", expires, item.username);
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
29 else
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
30 username = string.format("%d", expires);
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
31 end
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
32 srv.username = username;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
33 srv.password = base64.encode(hashes.hmac_sha1(secret, srv.username));
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
34 end
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
35
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
36 local algorithms = {
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
37 turn = behave_turn_rest_credentials;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
38 }
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
39
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
40 -- filter config into well-defined service records
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
41 local function prepare(item)
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
42 if type(item) ~= "table" then
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
43 module:log("error", "Service definition is not a table: %q", item);
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
44 return nil;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
45 end
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
46
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
47 local srv = {
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
48 type = nil;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
49 transport = nil;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
50 host = default_host;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
51 port = default_port;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
52 username = nil;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
53 password = nil;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
54 restricted = nil;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
55 expires = nil;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
56 };
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
57
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
58 if type(item.type) == "string" then
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
59 srv.type = item.type;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
60 else
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
61 module:log("error", "Service missing mandatory 'type' field: %q", item);
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
62 return nil;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
63 end
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
64 if type(item.transport) == "string" then
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
65 srv.transport = item.transport;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
66 end
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
67 if type(item.host) == "string" then
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
68 srv.host = item.host;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
69 end
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
70 if type(item.port) == "number" then
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
71 srv.port = item.port;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
72 end
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
73 if type(item.username) == "string" then
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
74 srv.username = item.username;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
75 end
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
76 if type(item.password) == "string" then
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
77 srv.password = item.password;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
78 srv.restricted = true;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
79 end
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
80 if item.restricted == true then
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
81 srv.restricted = true;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
82 end
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
83 if type(item.expires) == "number" then
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
84 srv.expires = item.expires;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
85 elseif type(item.ttl) == "number" then
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
86 srv.expires = os.time() + item.ttl;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
87 end
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
88 if (item.secret == true and default_secret) or type(item.secret) == "string" then
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
89 local secret_cb = item.credentials_cb or algorithms[item.algorithm] or algorithms[srv.type];
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
90 local secret = item.secret;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
91 if secret == true then
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
92 secret = default_secret;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
93 end
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
94 if secret_cb then
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
95 secret_cb(srv, item, secret);
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
96 srv.restricted = true;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
97 end
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
98 end
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
99 return srv;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
100 end
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
101
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
102 function module.load()
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
103 -- Trigger errors on startup
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
104 local services = configured_services / prepare;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
105 if #services == 0 then
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
106 module:log("warn", "No services configured or all had errors");
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
107 end
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
108 end
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
109
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
110 -- Ensure only valid items are added in events
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
111 local services_mt = {
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
112 __index = getmetatable(array()).__index;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
113 __newindex = function (self, i, v)
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
114 rawset(self, i, assert(prepare(v), "Invalid service entry added"));
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
115 end;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
116 }
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
117
4667
1990611691cf mod_external_services: Factor out public function returning current services
Kim Alvefur <zash@zash.se>
parents: 4666
diff changeset
118 function get_services()
1990611691cf mod_external_services: Factor out public function returning current services
Kim Alvefur <zash@zash.se>
parents: 4666
diff changeset
119 local extras = module:get_host_items("external_service");
1990611691cf mod_external_services: Factor out public function returning current services
Kim Alvefur <zash@zash.se>
parents: 4666
diff changeset
120 local services = ( configured_services + extras ) / prepare;
1990611691cf mod_external_services: Factor out public function returning current services
Kim Alvefur <zash@zash.se>
parents: 4666
diff changeset
121
1990611691cf mod_external_services: Factor out public function returning current services
Kim Alvefur <zash@zash.se>
parents: 4666
diff changeset
122 setmetatable(services, services_mt);
1990611691cf mod_external_services: Factor out public function returning current services
Kim Alvefur <zash@zash.se>
parents: 4666
diff changeset
123
1990611691cf mod_external_services: Factor out public function returning current services
Kim Alvefur <zash@zash.se>
parents: 4666
diff changeset
124 return services;
1990611691cf mod_external_services: Factor out public function returning current services
Kim Alvefur <zash@zash.se>
parents: 4666
diff changeset
125 end
1990611691cf mod_external_services: Factor out public function returning current services
Kim Alvefur <zash@zash.se>
parents: 4666
diff changeset
126
4668
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
127 function services_xml(services, name, namespace)
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
128 local reply = st.stanza(name or "services", { xmlns = namespace or "urn:xmpp:extdisco:2" });
4075
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
129
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
130 for _, srv in ipairs(services) do
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
131 reply:tag("service", {
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
132 type = srv.type;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
133 transport = srv.transport;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
134 host = srv.host;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
135 port = srv.port and string.format("%d", srv.port) or nil;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
136 username = srv.username;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
137 password = srv.password;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
138 expires = srv.expires and dt.datetime(srv.expires) or nil;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
139 restricted = srv.restricted and "1" or nil;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
140 }):up();
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
141 end
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
142
4668
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
143 return reply;
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
144 end
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
145
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
146 local function handle_services(event)
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
147 local origin, stanza = event.origin, event.stanza;
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
148 local action = stanza.tags[1];
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
149
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
150 local user_bare = jid.bare(stanza.attr.from);
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
151 local user_host = jid.host(user_bare);
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
152 if not ((access:empty() and origin.type == "c2s") or access:contains(user_bare) or access:contains(user_host)) then
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
153 origin.send(st.error_reply(stanza, "auth", "forbidden"));
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
154 return true;
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
155 end
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
156
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
157 local services = get_services();
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
158
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
159 local requested_type = action.attr.type;
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
160 if requested_type then
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
161 services:filter(function(item)
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
162 return item.type == requested_type;
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
163 end);
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
164 end
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
165
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
166 module:fire_event("external_service/services", {
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
167 origin = origin;
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
168 stanza = stanza;
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
169 requested_type = requested_type;
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
170 services = services;
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
171 });
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
172
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
173 local reply = st.reply(stanza):add_child(services_xml(services, action.name, action.attr.xmlns));
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
174
4075
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
175 origin.send(reply);
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
176 return true;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
177 end
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
178
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
179 local function handle_credentials(event)
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
180 local origin, stanza = event.origin, event.stanza;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
181 local action = stanza.tags[1];
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
182
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
183 if origin.type ~= "c2s" then
4665
f0ffa8cf3ce6 mod_external_services: Validate required attributes on credentials requests
Kim Alvefur <zash@zash.se>
parents: 4075
diff changeset
184 origin.send(st.error_reply(stanza, "auth", "forbidden", "The 'port' and 'type' attributes are required."));
4075
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
185 return true;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
186 end
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
187
4667
1990611691cf mod_external_services: Factor out public function returning current services
Kim Alvefur <zash@zash.se>
parents: 4666
diff changeset
188 local services = get_services();
4075
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
189 services:filter(function (item)
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
190 return item.restricted;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
191 end)
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
192
4666
dbc7ba3cc27c mod_external_services: Filter services by requested credentials using a Set
Kim Alvefur <zash@zash.se>
parents: 4665
diff changeset
193 local requested_credentials = set.new();
4075
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
194 for service in action:childtags("service") do
4665
f0ffa8cf3ce6 mod_external_services: Validate required attributes on credentials requests
Kim Alvefur <zash@zash.se>
parents: 4075
diff changeset
195 if not service.attr.type or not service.attr.host then
f0ffa8cf3ce6 mod_external_services: Validate required attributes on credentials requests
Kim Alvefur <zash@zash.se>
parents: 4075
diff changeset
196 origin.send(st.error_reply(stanza, "modify", "bad-request"));
f0ffa8cf3ce6 mod_external_services: Validate required attributes on credentials requests
Kim Alvefur <zash@zash.se>
parents: 4075
diff changeset
197 return true;
f0ffa8cf3ce6 mod_external_services: Validate required attributes on credentials requests
Kim Alvefur <zash@zash.se>
parents: 4075
diff changeset
198 end
f0ffa8cf3ce6 mod_external_services: Validate required attributes on credentials requests
Kim Alvefur <zash@zash.se>
parents: 4075
diff changeset
199
4666
dbc7ba3cc27c mod_external_services: Filter services by requested credentials using a Set
Kim Alvefur <zash@zash.se>
parents: 4665
diff changeset
200 requested_credentials:add(string.format("%s:%s:%d", service.attr.type, service.attr.host,
dbc7ba3cc27c mod_external_services: Filter services by requested credentials using a Set
Kim Alvefur <zash@zash.se>
parents: 4665
diff changeset
201 tonumber(service.attr.port) or 0));
4075
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
202 end
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
203
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
204 module:fire_event("external_service/credentials", {
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
205 origin = origin;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
206 stanza = stanza;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
207 requested_credentials = requested_credentials;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
208 services = services;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
209 });
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
210
4666
dbc7ba3cc27c mod_external_services: Filter services by requested credentials using a Set
Kim Alvefur <zash@zash.se>
parents: 4665
diff changeset
211 services:filter(function (srv)
dbc7ba3cc27c mod_external_services: Filter services by requested credentials using a Set
Kim Alvefur <zash@zash.se>
parents: 4665
diff changeset
212 local port_key = string.format("%s:%s:%d", srv.type, srv.host, srv.port or 0);
dbc7ba3cc27c mod_external_services: Filter services by requested credentials using a Set
Kim Alvefur <zash@zash.se>
parents: 4665
diff changeset
213 local portless_key = string.format("%s:%s:%d", srv.type, srv.host, 0);
dbc7ba3cc27c mod_external_services: Filter services by requested credentials using a Set
Kim Alvefur <zash@zash.se>
parents: 4665
diff changeset
214 return requested_credentials:contains(port_key) or requested_credentials:contains(portless_key);
dbc7ba3cc27c mod_external_services: Filter services by requested credentials using a Set
Kim Alvefur <zash@zash.se>
parents: 4665
diff changeset
215 end);
dbc7ba3cc27c mod_external_services: Filter services by requested credentials using a Set
Kim Alvefur <zash@zash.se>
parents: 4665
diff changeset
216
4668
ede9682c2022 mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents: 4667
diff changeset
217 local reply = st.reply(stanza):add_child(services_xml(services, action.name, action.attr.xmlns));
4075
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
218
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
219 origin.send(reply);
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
220 return true;
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
221 end
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
222
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
223 -- XEP-0215 v0.7
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
224 module:add_feature("urn:xmpp:extdisco:2");
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
225 module:hook("iq-get/host/urn:xmpp:extdisco:2:services", handle_services);
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
226 module:hook("iq-get/host/urn:xmpp:extdisco:2:credentials", handle_credentials);
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
227
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
228 -- COMPAT XEP-0215 v0.6
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
229 -- Those still on the old version gets to deal with undefined attributes until they upgrade.
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
230 module:add_feature("urn:xmpp:extdisco:1");
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
231 module:hook("iq-get/host/urn:xmpp:extdisco:1:services", handle_services);
4841cf3fded5 mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff changeset
232 module:hook("iq-get/host/urn:xmpp:extdisco:1:credentials", handle_credentials);