Mercurial > prosody-modules
annotate mod_external_services/mod_external_services.lua @ 5401:c8d04ac200fc
mod_http_oauth2: Reject loopback URIs as client_uri
This really should be a proper website with info, https://localhost is
not good enough. Ideally we'd validate that it's got proper DNS and is
actually reachable, but triggering HTTP or even DNS lookups seems like
it would carry abuse potential that would best to avoid.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Tue, 02 May 2023 16:20:55 +0200 |
parents | ede9682c2022 |
children |
rev | line source |
---|---|
4075
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 local dt = require "util.datetime"; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 local base64 = require "util.encodings".base64; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 local hashes = require "util.hashes"; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 local st = require "util.stanza"; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 local jid = require "util.jid"; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 local array = require "util.array"; |
4666
dbc7ba3cc27c
mod_external_services: Filter services by requested credentials using a Set
Kim Alvefur <zash@zash.se>
parents:
4665
diff
changeset
|
8 local set = require "util.set"; |
4075
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
9 |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
10 local default_host = module:get_option_string("external_service_host", module.host); |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
11 local default_port = module:get_option_number("external_service_port"); |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
12 local default_secret = module:get_option_string("external_service_secret"); |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
13 local default_ttl = module:get_option_number("external_service_ttl", 86400); |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
14 |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
15 local configured_services = module:get_option_array("external_services", {}); |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
16 |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
17 local access = module:get_option_set("external_service_access", {}); |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
18 |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
19 -- https://tools.ietf.org/html/draft-uberti-behave-turn-rest-00 |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
20 local function behave_turn_rest_credentials(srv, item, secret) |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
21 local ttl = default_ttl; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
22 if type(item.ttl) == "number" then |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
23 ttl = item.ttl; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
24 end |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
25 local expires = srv.expires or os.time() + ttl; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
26 local username; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
27 if type(item.username) == "string" then |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
28 username = string.format("%d:%s", expires, item.username); |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
29 else |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
30 username = string.format("%d", expires); |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
31 end |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
32 srv.username = username; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
33 srv.password = base64.encode(hashes.hmac_sha1(secret, srv.username)); |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
34 end |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
35 |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
36 local algorithms = { |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
37 turn = behave_turn_rest_credentials; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
38 } |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
39 |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
40 -- filter config into well-defined service records |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
41 local function prepare(item) |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
42 if type(item) ~= "table" then |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
43 module:log("error", "Service definition is not a table: %q", item); |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
44 return nil; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
45 end |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
46 |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
47 local srv = { |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
48 type = nil; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
49 transport = nil; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
50 host = default_host; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
51 port = default_port; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
52 username = nil; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
53 password = nil; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
54 restricted = nil; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
55 expires = nil; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
56 }; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
57 |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
58 if type(item.type) == "string" then |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
59 srv.type = item.type; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
60 else |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
61 module:log("error", "Service missing mandatory 'type' field: %q", item); |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
62 return nil; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
63 end |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
64 if type(item.transport) == "string" then |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
65 srv.transport = item.transport; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
66 end |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
67 if type(item.host) == "string" then |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
68 srv.host = item.host; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
69 end |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
70 if type(item.port) == "number" then |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
71 srv.port = item.port; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
72 end |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
73 if type(item.username) == "string" then |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
74 srv.username = item.username; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
75 end |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
76 if type(item.password) == "string" then |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
77 srv.password = item.password; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
78 srv.restricted = true; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
79 end |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
80 if item.restricted == true then |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
81 srv.restricted = true; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
82 end |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
83 if type(item.expires) == "number" then |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
84 srv.expires = item.expires; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
85 elseif type(item.ttl) == "number" then |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
86 srv.expires = os.time() + item.ttl; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
87 end |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
88 if (item.secret == true and default_secret) or type(item.secret) == "string" then |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
89 local secret_cb = item.credentials_cb or algorithms[item.algorithm] or algorithms[srv.type]; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
90 local secret = item.secret; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
91 if secret == true then |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
92 secret = default_secret; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
93 end |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
94 if secret_cb then |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
95 secret_cb(srv, item, secret); |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
96 srv.restricted = true; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
97 end |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
98 end |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
99 return srv; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
100 end |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
101 |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
102 function module.load() |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
103 -- Trigger errors on startup |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
104 local services = configured_services / prepare; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
105 if #services == 0 then |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
106 module:log("warn", "No services configured or all had errors"); |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
107 end |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
108 end |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
109 |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
110 -- Ensure only valid items are added in events |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
111 local services_mt = { |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
112 __index = getmetatable(array()).__index; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
113 __newindex = function (self, i, v) |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
114 rawset(self, i, assert(prepare(v), "Invalid service entry added")); |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
115 end; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
116 } |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
117 |
4667
1990611691cf
mod_external_services: Factor out public function returning current services
Kim Alvefur <zash@zash.se>
parents:
4666
diff
changeset
|
118 function get_services() |
1990611691cf
mod_external_services: Factor out public function returning current services
Kim Alvefur <zash@zash.se>
parents:
4666
diff
changeset
|
119 local extras = module:get_host_items("external_service"); |
1990611691cf
mod_external_services: Factor out public function returning current services
Kim Alvefur <zash@zash.se>
parents:
4666
diff
changeset
|
120 local services = ( configured_services + extras ) / prepare; |
1990611691cf
mod_external_services: Factor out public function returning current services
Kim Alvefur <zash@zash.se>
parents:
4666
diff
changeset
|
121 |
1990611691cf
mod_external_services: Factor out public function returning current services
Kim Alvefur <zash@zash.se>
parents:
4666
diff
changeset
|
122 setmetatable(services, services_mt); |
1990611691cf
mod_external_services: Factor out public function returning current services
Kim Alvefur <zash@zash.se>
parents:
4666
diff
changeset
|
123 |
1990611691cf
mod_external_services: Factor out public function returning current services
Kim Alvefur <zash@zash.se>
parents:
4666
diff
changeset
|
124 return services; |
1990611691cf
mod_external_services: Factor out public function returning current services
Kim Alvefur <zash@zash.se>
parents:
4666
diff
changeset
|
125 end |
1990611691cf
mod_external_services: Factor out public function returning current services
Kim Alvefur <zash@zash.se>
parents:
4666
diff
changeset
|
126 |
4668
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
127 function services_xml(services, name, namespace) |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
128 local reply = st.stanza(name or "services", { xmlns = namespace or "urn:xmpp:extdisco:2" }); |
4075
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
129 |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
130 for _, srv in ipairs(services) do |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
131 reply:tag("service", { |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
132 type = srv.type; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
133 transport = srv.transport; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
134 host = srv.host; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
135 port = srv.port and string.format("%d", srv.port) or nil; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
136 username = srv.username; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
137 password = srv.password; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
138 expires = srv.expires and dt.datetime(srv.expires) or nil; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
139 restricted = srv.restricted and "1" or nil; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
140 }):up(); |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
141 end |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
142 |
4668
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
143 return reply; |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
144 end |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
145 |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
146 local function handle_services(event) |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
147 local origin, stanza = event.origin, event.stanza; |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
148 local action = stanza.tags[1]; |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
149 |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
150 local user_bare = jid.bare(stanza.attr.from); |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
151 local user_host = jid.host(user_bare); |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
152 if not ((access:empty() and origin.type == "c2s") or access:contains(user_bare) or access:contains(user_host)) then |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
153 origin.send(st.error_reply(stanza, "auth", "forbidden")); |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
154 return true; |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
155 end |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
156 |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
157 local services = get_services(); |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
158 |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
159 local requested_type = action.attr.type; |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
160 if requested_type then |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
161 services:filter(function(item) |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
162 return item.type == requested_type; |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
163 end); |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
164 end |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
165 |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
166 module:fire_event("external_service/services", { |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
167 origin = origin; |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
168 stanza = stanza; |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
169 requested_type = requested_type; |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
170 services = services; |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
171 }); |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
172 |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
173 local reply = st.reply(stanza):add_child(services_xml(services, action.name, action.attr.xmlns)); |
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
174 |
4075
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
175 origin.send(reply); |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
176 return true; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
177 end |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
178 |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
179 local function handle_credentials(event) |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
180 local origin, stanza = event.origin, event.stanza; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
181 local action = stanza.tags[1]; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
182 |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
183 if origin.type ~= "c2s" then |
4665
f0ffa8cf3ce6
mod_external_services: Validate required attributes on credentials requests
Kim Alvefur <zash@zash.se>
parents:
4075
diff
changeset
|
184 origin.send(st.error_reply(stanza, "auth", "forbidden", "The 'port' and 'type' attributes are required.")); |
4075
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
185 return true; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
186 end |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
187 |
4667
1990611691cf
mod_external_services: Factor out public function returning current services
Kim Alvefur <zash@zash.se>
parents:
4666
diff
changeset
|
188 local services = get_services(); |
4075
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
189 services:filter(function (item) |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
190 return item.restricted; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
191 end) |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
192 |
4666
dbc7ba3cc27c
mod_external_services: Filter services by requested credentials using a Set
Kim Alvefur <zash@zash.se>
parents:
4665
diff
changeset
|
193 local requested_credentials = set.new(); |
4075
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
194 for service in action:childtags("service") do |
4665
f0ffa8cf3ce6
mod_external_services: Validate required attributes on credentials requests
Kim Alvefur <zash@zash.se>
parents:
4075
diff
changeset
|
195 if not service.attr.type or not service.attr.host then |
f0ffa8cf3ce6
mod_external_services: Validate required attributes on credentials requests
Kim Alvefur <zash@zash.se>
parents:
4075
diff
changeset
|
196 origin.send(st.error_reply(stanza, "modify", "bad-request")); |
f0ffa8cf3ce6
mod_external_services: Validate required attributes on credentials requests
Kim Alvefur <zash@zash.se>
parents:
4075
diff
changeset
|
197 return true; |
f0ffa8cf3ce6
mod_external_services: Validate required attributes on credentials requests
Kim Alvefur <zash@zash.se>
parents:
4075
diff
changeset
|
198 end |
f0ffa8cf3ce6
mod_external_services: Validate required attributes on credentials requests
Kim Alvefur <zash@zash.se>
parents:
4075
diff
changeset
|
199 |
4666
dbc7ba3cc27c
mod_external_services: Filter services by requested credentials using a Set
Kim Alvefur <zash@zash.se>
parents:
4665
diff
changeset
|
200 requested_credentials:add(string.format("%s:%s:%d", service.attr.type, service.attr.host, |
dbc7ba3cc27c
mod_external_services: Filter services by requested credentials using a Set
Kim Alvefur <zash@zash.se>
parents:
4665
diff
changeset
|
201 tonumber(service.attr.port) or 0)); |
4075
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
202 end |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
203 |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
204 module:fire_event("external_service/credentials", { |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
205 origin = origin; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
206 stanza = stanza; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
207 requested_credentials = requested_credentials; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
208 services = services; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
209 }); |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
210 |
4666
dbc7ba3cc27c
mod_external_services: Filter services by requested credentials using a Set
Kim Alvefur <zash@zash.se>
parents:
4665
diff
changeset
|
211 services:filter(function (srv) |
dbc7ba3cc27c
mod_external_services: Filter services by requested credentials using a Set
Kim Alvefur <zash@zash.se>
parents:
4665
diff
changeset
|
212 local port_key = string.format("%s:%s:%d", srv.type, srv.host, srv.port or 0); |
dbc7ba3cc27c
mod_external_services: Filter services by requested credentials using a Set
Kim Alvefur <zash@zash.se>
parents:
4665
diff
changeset
|
213 local portless_key = string.format("%s:%s:%d", srv.type, srv.host, 0); |
dbc7ba3cc27c
mod_external_services: Filter services by requested credentials using a Set
Kim Alvefur <zash@zash.se>
parents:
4665
diff
changeset
|
214 return requested_credentials:contains(port_key) or requested_credentials:contains(portless_key); |
dbc7ba3cc27c
mod_external_services: Filter services by requested credentials using a Set
Kim Alvefur <zash@zash.se>
parents:
4665
diff
changeset
|
215 end); |
dbc7ba3cc27c
mod_external_services: Filter services by requested credentials using a Set
Kim Alvefur <zash@zash.se>
parents:
4665
diff
changeset
|
216 |
4668
ede9682c2022
mod_external_services: Factor out public function for converting to XML
Kim Alvefur <zash@zash.se>
parents:
4667
diff
changeset
|
217 local reply = st.reply(stanza):add_child(services_xml(services, action.name, action.attr.xmlns)); |
4075
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
218 |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
219 origin.send(reply); |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
220 return true; |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
221 end |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
222 |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
223 -- XEP-0215 v0.7 |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
224 module:add_feature("urn:xmpp:extdisco:2"); |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
225 module:hook("iq-get/host/urn:xmpp:extdisco:2:services", handle_services); |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
226 module:hook("iq-get/host/urn:xmpp:extdisco:2:credentials", handle_credentials); |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
227 |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
228 -- COMPAT XEP-0215 v0.6 |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
229 -- Those still on the old version gets to deal with undefined attributes until they upgrade. |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
230 module:add_feature("urn:xmpp:extdisco:1"); |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
231 module:hook("iq-get/host/urn:xmpp:extdisco:1:services", handle_services); |
4841cf3fded5
mod_external_service: Include for users of older versions of Prosody
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
232 module:hook("iq-get/host/urn:xmpp:extdisco:1:credentials", handle_credentials); |