prosody-modules: mod_dwd/mod

annotate mod_dwd/mod_dwd.lua @ 5646:d67980d9e12d

mod_http_oauth2: Apply refresh token ttl to refresh token instead of grant The intent in 59d5fc50f602 was for refresh tokens to extend the lifetime of the grant, but the refresh token ttl was applied to the grant and mod_tokenauth does not change it, leading to the grant expiring regardless of refresh token usage. This makes grant lifetimes unlimited, which seems to be standard practice in the wild.

author	Kim Alvefur <zash@zash.se>
date	Mon, 11 Sep 2023 10:48:31 +0200
parents	4e235e565693
children

rev	line source
928 4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	1 local hosts = _G.hosts;
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	2 local st = require "util.stanza";
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	3 local nameprep = require "util.encodings".stringprep.nameprep;
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	4 local cert_verify_identity = require "util.x509".verify_identity;
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	5
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	6 module:hook("stanza/jabber:server:dialback:result", function(event)
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	7 local origin, stanza = event.origin, event.stanza;
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	8
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	9 if origin.cert_chain_status == "valid" and origin.type == "s2sin_unauthed" or origin.type == "s2sin" then
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	10 local attr = stanza.attr;
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	11 local to, from = nameprep(attr.to), nameprep(attr.from);
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	12
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	13 local conn = origin.conn:socket()
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	14 local cert;
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	15 if conn.getpeercertificate then
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	16 cert = conn:getpeercertificate()
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	17 end
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	18
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	19 if cert and hosts[to] and cert_verify_identity(from, "xmpp-server", cert) then
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	20
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	21 -- COMPAT: ejabberd, gmail and perhaps others do not always set 'to' and 'from'
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	22 -- on streams. We fill in the session's to/from here instead.
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	23 if not origin.from_host then
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	24 origin.from_host = from;
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	25 end
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	26 if not origin.to_host then
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	27 origin.to_host = to;
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	28 end
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	29
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	30 module:log("info", "Accepting Dialback without Dialback for %s", from);
932 4e235e565693 mod_bidi, mod_dwd, mod_s2s_idle_timeout: Update for recent 0.9 changes (612467e263af) Matthew Wild <mwild1@gmail.com> parents: 928 diff changeset	31 module:fire_event("s2s-authenticated", { session = origin, host = from });
928 4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	32 origin.sends2s(
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	33 st.stanza("db:result", { from = attr.to, to = attr.from, id = attr.id, type = "valid" }));
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	34
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	35 return true;
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	36 end
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	37 end
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	38 end, 100);
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	39
4584c3303bb4 mod_dwd: Initial commit. Kim Alvefur <zash@zash.se> parents: diff changeset	40

Mercurial > prosody-modules

annotate mod_dwd/mod_dwd.lua @ 5646:d67980d9e12d