prosody-modules: mod_c2s_limit_sessions/mod_c2s_limit

annotate mod_c2s_limit_sessions/mod_c2s_limit_sessions.lua @ 5390:f2363e6d9a64

mod_http_oauth2: Advertise the currently supported id_token signing algorithm This field is REQUIRED. The algorithm RS256 MUST be included, but isn't because we don't implement it, as that would require implementing a pile of additional cryptography and JWT stuff. Instead the id_token is signed using the client secret, which allows verification by the client, since it's a shared secret per OpenID Connect Core 1.0 § 10.1 under Symmetric Signatures. OpenID Connect Discovery 1.0 has a lot of REQUIRED and MUST clauses that are not supported here, but that's okay because this is served from the RFC 8414 OAuth 2.0 Authorization Server Metadata .well-known endpoint!

author	Kim Alvefur <zash@zash.se>
date	Sun, 30 Apr 2023 16:13:40 +0200
parents	f581210093a7
children

rev	line source
1365 ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect Kim Alvefur <zash@zash.se> parents: diff changeset	1 -- mod_c2s_limit_sessions
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect Kim Alvefur <zash@zash.se> parents: diff changeset	2
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect Kim Alvefur <zash@zash.se> parents: diff changeset	3 local next, count = next, require "util.iterators".count;
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect Kim Alvefur <zash@zash.se> parents: diff changeset	4
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect Kim Alvefur <zash@zash.se> parents: diff changeset	5 local max_resources = module:get_option_number("max_resources", 10);
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect Kim Alvefur <zash@zash.se> parents: diff changeset	6
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect Kim Alvefur <zash@zash.se> parents: diff changeset	7 local sessions = hosts[module.host].sessions;
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect Kim Alvefur <zash@zash.se> parents: diff changeset	8 module:hook("resource-bind", function(event)
1366 f581210093a7 mod_c2s_limit_sessions: Fix global access Kim Alvefur <zash@zash.se> parents: 1365 diff changeset	9 local session = event.session;
f581210093a7 mod_c2s_limit_sessions: Fix global access Kim Alvefur <zash@zash.se> parents: 1365 diff changeset	10 if count(next, sessions[session.username].sessions) > max_resources then
1365 ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect Kim Alvefur <zash@zash.se> parents: diff changeset	11 session:close{ condition = "policy-violation", text = "Too many resources" };
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect Kim Alvefur <zash@zash.se> parents: diff changeset	12 return false
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect Kim Alvefur <zash@zash.se> parents: diff changeset	13 end
ecc948f8d47d mod_c2s_limit_sessions: Limit number of resources a user may connect Kim Alvefur <zash@zash.se> parents: diff changeset	14 end, -1);

Mercurial > prosody-modules

annotate mod_c2s_limit_sessions/mod_c2s_limit_sessions.lua @ 5390:f2363e6d9a64