comparison mod_unified_push/mod_unified_push.lua @ 5139:449e4ca4de32

mod_unified_push: Remove dependency on trunk util.jwt (0.12 compat) This should allow the module to work on 0.12, while preserving expiry checking (which was not built in to 0.12's util.jwt).
author Matthew Wild <mwild1@gmail.com>
date Tue, 10 Jan 2023 16:34:21 +0000
parents 67b2c982bea2
children a86022d702b2
comparison
equal deleted inserted replaced
5138:4511e90d1d08 5139:449e4ca4de32
2 local push_registration_ttl = module:get_option_number("unified_push_registration_ttl", 86400); 2 local push_registration_ttl = module:get_option_number("unified_push_registration_ttl", 86400);
3 3
4 local base64 = require "util.encodings".base64; 4 local base64 = require "util.encodings".base64;
5 local datetime = require "util.datetime"; 5 local datetime = require "util.datetime";
6 local id = require "util.id"; 6 local id = require "util.id";
7 local jwt_sign, jwt_verify = require "util.jwt".init("HS256", unified_push_secret); 7 local jwt = require "util.jwt";
8 local st = require "util.stanza"; 8 local st = require "util.stanza";
9 local urlencode = require "util.http".urlencode; 9 local urlencode = require "util.http".urlencode;
10 10
11 local xmlns_up = "http://gultsch.de/xmpp/drafts/unified-push"; 11 local xmlns_up = "http://gultsch.de/xmpp/drafts/unified-push";
12 12
19 if not s then return nil, "no value provided"; end 19 if not s then return nil, "no value provided"; end
20 local d = base64.decode(s); 20 local d = base64.decode(s);
21 if not d then return nil, "invalid base64"; end 21 if not d then return nil, "invalid base64"; end
22 if #d ~= 32 then return nil, "incorrect decoded length, expected 32"; end 22 if #d ~= 32 then return nil, "incorrect decoded length, expected 32"; end
23 return s; 23 return s;
24 end
25
26 -- COMPAT w/0.12
27 local function jwt_sign(data)
28 return jwt.sign(data, unified_push_secret);
29 end
30
31 -- COMPAT w/0.12: add expiry check
32 local function jwt_verify(token)
33 local ok, result = jwt.verify(token, unified_push_secret);
34 if not ok then
35 return ok, result;
36 end
37 if result.exp and result.exp < os.time() then
38 return nil, "token-expired";
39 end
40 return ok, result;
24 end 41 end
25 42
26 -- Handle incoming registration from XMPP client 43 -- Handle incoming registration from XMPP client
27 function handle_register(event) 44 function handle_register(event)
28 local origin, stanza = event.origin, event.stanza; 45 local origin, stanza = event.origin, event.stanza;