Mercurial > prosody-modules
comparison mod_s2s_auth_posh/mod_s2s_auth_posh.lua @ 3225:517c7f0333e3
mod_s2s_auth_posh: Add a command for generating the JSON file
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Mon, 13 Aug 2018 03:35:42 +0200 |
| parents | 7bfb25111ea6 |
| children | f0e19a77f81e |
comparison
equal
deleted
inserted
replaced
| 3224:b7aa8630438e | 3225:517c7f0333e3 |
|---|---|
| 112 end | 112 end |
| 113 end | 113 end |
| 114 | 114 |
| 115 log("debug", "POSH authentication failed!"); | 115 log("debug", "POSH authentication failed!"); |
| 116 end); | 116 end); |
| 117 | |
| 118 function module.command(arg) | |
| 119 if not arg[1] then | |
| 120 print("Usage: mod_s2s_auth_posh /path/to/cert.pem") | |
| 121 return 1; | |
| 122 end | |
| 123 local jwkset = { fingerprints = { }; expires = 86400; } | |
| 124 | |
| 125 for i, cert_file in ipairs(arg) do | |
| 126 local cert, err = io.open(cert_file); | |
| 127 if not cert then | |
| 128 io.stderr:write(err, "\n"); | |
| 129 return 1; | |
| 130 end | |
| 131 local cert_pem = cert:read("*a"); | |
| 132 local cert_der, typ = pem2der(cert_pem); | |
| 133 if typ == "CERTIFICATE" then | |
| 134 table.insert(jwkset.fingerprints, { ["sha-256"] = base64.encode(hashes.sha256(cert_der)); }); | |
| 135 elseif typ then | |
| 136 io.stderr:write(cert_file, " contained a ", typ:lower(), ", was expecting a certificate\n"); | |
| 137 return 1; | |
| 138 else | |
| 139 io.stderr:write(cert_file, " did not contain a certificate in PEM format\n"); | |
| 140 return 1; | |
| 141 end | |
| 142 end | |
| 143 print(json.encode(jwkset)); | |
| 144 return 0; | |
| 145 end | |
| 146 |