Mercurial > prosody-modules
annotate mod_auth_custom_http/mod_auth_custom_http.lua @ 5418:f2c7bb3af600
mod_http_oauth2: Add role selector to consent page
List includes all roles available to the user, if more than one.
Defaults to either the first role in the scope string or the users
primary role.
Earlier draft listed all roles, but having options that can't be
selected is bad UX and the entire list of all roles on the server could
be long, and perhaps even sensitive.
Allows e.g. picking a role with fewer permissions than what might
otherwise have been selected.
UX wise, doing this with more checkboxes or possibly radio buttons would
have been confusion and/or looked messier.
Fixes the previous situation where unselecting a role would default to
the primary role, which could be more permissions than requested.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Fri, 05 May 2023 01:23:13 +0200 |
| parents | 32d7f05e062f |
| children |
| rev | line source |
|---|---|
|
1043
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
1 -- Prosody IM |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
2 -- Copyright (C) 2008-2010 Waqas Hussain |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
3 -- |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
4 -- This project is MIT/X11 licensed. Please see the |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
5 -- COPYING file in the source package for more information. |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
6 -- |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
7 |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
8 local new_sasl = require "util.sasl".new; |
|
2867
94d8960385aa
mod_auth_custom_http: Fix json.encode impoper reference
Senya <senya@kinetiksoft.com>
parents:
1343
diff
changeset
|
9 local json = require "util.json"; |
|
3989
32d7f05e062f
mod_auth_custom_http: Unlock globals while loading socket.http
Matthew Wild <mwild1@gmail.com>
parents:
2867
diff
changeset
|
10 prosody.unlock_globals(); |
|
1046
b9d47487d550
mod_auth_custom_http: Organize imports, and make the URL a config option.
Waqas Hussain <waqas20@gmail.com>
parents:
1045
diff
changeset
|
11 local http = require "socket.http"; |
|
3989
32d7f05e062f
mod_auth_custom_http: Unlock globals while loading socket.http
Matthew Wild <mwild1@gmail.com>
parents:
2867
diff
changeset
|
12 prosody.lock_globals(); |
|
1046
b9d47487d550
mod_auth_custom_http: Organize imports, and make the URL a config option.
Waqas Hussain <waqas20@gmail.com>
parents:
1045
diff
changeset
|
13 |
|
b9d47487d550
mod_auth_custom_http: Organize imports, and make the URL a config option.
Waqas Hussain <waqas20@gmail.com>
parents:
1045
diff
changeset
|
14 local options = module:get_option("auth_custom_http"); |
|
b9d47487d550
mod_auth_custom_http: Organize imports, and make the URL a config option.
Waqas Hussain <waqas20@gmail.com>
parents:
1045
diff
changeset
|
15 local post_url = options and options.post_url; |
|
b9d47487d550
mod_auth_custom_http: Organize imports, and make the URL a config option.
Waqas Hussain <waqas20@gmail.com>
parents:
1045
diff
changeset
|
16 assert(post_url, "No HTTP POST URL provided"); |
|
1043
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
17 |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
18 local provider = {}; |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
19 |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
20 function provider.test_password(username, password) |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
21 return nil, "Not supported" |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
22 end |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
23 |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
24 function provider.get_password(username) |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
25 return nil, "Not supported" |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
26 end |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
27 |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
28 function provider.set_password(username, password) |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
29 return nil, "Not supported" |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
30 end |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
31 |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
32 function provider.user_exists(username) |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
33 return true; |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
34 end |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
35 |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
36 function provider.create_user(username, password) |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
37 return nil, "Not supported" |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
38 end |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
39 |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
40 function provider.delete_user(username) |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
41 return nil, "Not supported" |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
42 end |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
43 |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
44 function provider.get_sasl_handler() |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
45 local getpass_authentication_profile = { |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
46 plain_test = function(sasl, username, password, realm) |
|
2867
94d8960385aa
mod_auth_custom_http: Fix json.encode impoper reference
Senya <senya@kinetiksoft.com>
parents:
1343
diff
changeset
|
47 local postdata = json.encode({ username = username, password = password }); |
|
1046
b9d47487d550
mod_auth_custom_http: Organize imports, and make the URL a config option.
Waqas Hussain <waqas20@gmail.com>
parents:
1045
diff
changeset
|
48 local result = http.request(post_url, postdata); |
|
1043
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
49 return result == "true", true; |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
50 end, |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
51 }; |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
52 return new_sasl(module.host, getpass_authentication_profile); |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
53 end |
|
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
1046
diff
changeset
|
54 |
|
1043
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
55 |
|
809f7d46ad5c
mod_auth_custom_http: Initial commit.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
56 module:provides("auth", provider); |