Mercurial > prosody-modules
comparison mod_muc_http_auth/mod_muc_http_auth.lua @ 4322:9606e7a63a69
mod_mucc_http_auth: Provide Authorization header setting for deployments behind a login
author | Seve Ferrer <seve@delape.net> |
---|---|
date | Wed, 06 Jan 2021 20:49:45 +0100 |
parents | caaa40f072da |
children | 4b3f054666e6 |
comparison
equal
deleted
inserted
replaced
4321:71498f484c22 | 4322:9606e7a63a69 |
---|---|
8 local authorization_url = module:get_option("muc_http_auth_url", "") | 8 local authorization_url = module:get_option("muc_http_auth_url", "") |
9 local enabled_for = module:get_option_set("muc_http_auth_enabled_for", nil) | 9 local enabled_for = module:get_option_set("muc_http_auth_enabled_for", nil) |
10 local disabled_for = module:get_option_set("muc_http_auth_disabled_for", nil) | 10 local disabled_for = module:get_option_set("muc_http_auth_disabled_for", nil) |
11 local insecure = module:get_option("muc_http_auth_insecure", false) --For development purposes | 11 local insecure = module:get_option("muc_http_auth_insecure", false) --For development purposes |
12 local authorize_registration = module:get_option("muc_http_auth_authorize_registration", false) | 12 local authorize_registration = module:get_option("muc_http_auth_authorize_registration", false) |
13 local authorization_header = module:get_option("muc_http_auth_authorization_header", nil) | |
14 | |
15 local options = {method="GET", insecure=insecure} | |
16 if authorization_header then | |
17 options.headers = {["Authorization"] = authorization_header}; | |
18 end | |
13 | 19 |
14 local verbs = {presence='join', iq='register'}; | 20 local verbs = {presence='join', iq='register'}; |
15 | 21 |
16 local function must_be_authorized(room_node) | 22 local function must_be_authorized(room_node) |
17 -- If none of these is set, all rooms need authorization | 23 -- If none of these is set, all rooms need authorization |
45 if not must_be_authorized(jid_node(room.jid)) then return; end | 51 if not must_be_authorized(jid_node(room.jid)) then return; end |
46 | 52 |
47 local user_bare_jid = jid_bare(stanza.attr.from); | 53 local user_bare_jid = jid_bare(stanza.attr.from); |
48 local url = authorization_url .. "?userJID=" .. user_bare_jid .."&mucJID=" .. room.jid; | 54 local url = authorization_url .. "?userJID=" .. user_bare_jid .."&mucJID=" .. room.jid; |
49 | 55 |
50 local result = wait_for(http.request(url, {method="GET", insecure=insecure}):next(handle_success, handle_error)); | 56 local result = wait_for(http.request(url, options):next(handle_success, handle_error)); |
51 local response, err = result.response, result.err; | 57 local response, err = result.response, result.err; |
52 | 58 |
53 local verb = verbs[stanza.name]; | 59 local verb = verbs[stanza.name]; |
54 if not (response and response.allowed) then | 60 if not (response and response.allowed) then |
55 -- User is not authorized to join this room | 61 -- User is not authorized to join this room |