Mercurial > prosody-modules

comparison mod_s2s_auth_posh/mod_s2s_auth_posh.lua @ 3288:3eee4029ac6c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_s2s_auth_posh: Follow reference https://tools.ietf.org/html/rfc7711#section-3.2
author Kim Alvefur <zash@zash.se>
date Sat, 25 Aug 2018 20:02:40 +0200
parents f0e19a77f81e
children f2037a754480
comparison
equal deleted inserted replaced
3287:f0e19a77f81e 3288:3eee4029ac6c
44 log("debug", "Session direction: %s", tostring(host_session.direction)); 44 log("debug", "Session direction: %s", tostring(host_session.direction));
45 45
46 local url = build_url { scheme = "https", host = target_host, path = "/.well-known/posh/xmpp-server.json" }; 46 local url = build_url { scheme = "https", host = target_host, path = "/.well-known/posh/xmpp-server.json" };
47 47
48 log("debug", "Request POSH information for %s", tostring(target_host)); 48 log("debug", "Request POSH information for %s", tostring(target_host));
49 http.request(url, nil, function (response, code) 49 local redirect_followed = false;
50 local function cb (response, code)
50 if code ~= 200 then 51 if code ~= 200 then
51 log("debug", "No or invalid POSH response received"); 52 log("debug", "No or invalid POSH response received");
52 resume(); 53 resume();
53 return; 54 return;
54 end 55 end
57 if not jwk or type(jwk) ~= "table" then 58 if not jwk or type(jwk) ~= "table" then
58 log("error", "POSH response is not valid JSON!\n%s", tostring(response)); 59 log("error", "POSH response is not valid JSON!\n%s", tostring(response));
59 resume(); 60 resume();
60 return; 61 return;
61 end 62 end
63 if type(jwk.url) == "string" then
64 if redirect_followed then
65 redirect_followed = true;
66 http.request(jwk.url, nil, cb);
67 else
68 log("error", "POSH had invalid redirect:\n%s", tostring(response));
69 resume();
70 return;
71 end
72 end
73
62 host_session.posh = { orig = response }; 74 host_session.posh = { orig = response };
63 jwk.expires = os.time() + tonumber(jwk.expires) or 3600; 75 jwk.expires = os.time() + tonumber(jwk.expires) or 3600;
64 host_session.posh.jwk = jwk; 76 host_session.posh.jwk = jwk;
65 cache:set(target_host, jwk); 77 cache:set(target_host, jwk);
66 resume(); 78 resume();
67 end) 79 end
80 http.request(url, nil, cb);
68 return true; 81 return true;
69 end 82 end
70 83
71 -- Do POSH authentication 84 -- Do POSH authentication
72 module:hook("s2s-check-certificate", function (event) 85 module:hook("s2s-check-certificate", function (event)