comparison mod_muc_http_auth/mod_muc_http_auth.lua @ 4322:9606e7a63a69

mod_mucc_http_auth: Provide Authorization header setting for deployments behind a login
author Seve Ferrer <seve@delape.net>
date Wed, 06 Jan 2021 20:49:45 +0100
parents caaa40f072da
children 4b3f054666e6
comparison
equal deleted inserted replaced
4321:71498f484c22 4322:9606e7a63a69
8 local authorization_url = module:get_option("muc_http_auth_url", "") 8 local authorization_url = module:get_option("muc_http_auth_url", "")
9 local enabled_for = module:get_option_set("muc_http_auth_enabled_for", nil) 9 local enabled_for = module:get_option_set("muc_http_auth_enabled_for", nil)
10 local disabled_for = module:get_option_set("muc_http_auth_disabled_for", nil) 10 local disabled_for = module:get_option_set("muc_http_auth_disabled_for", nil)
11 local insecure = module:get_option("muc_http_auth_insecure", false) --For development purposes 11 local insecure = module:get_option("muc_http_auth_insecure", false) --For development purposes
12 local authorize_registration = module:get_option("muc_http_auth_authorize_registration", false) 12 local authorize_registration = module:get_option("muc_http_auth_authorize_registration", false)
13 local authorization_header = module:get_option("muc_http_auth_authorization_header", nil)
14
15 local options = {method="GET", insecure=insecure}
16 if authorization_header then
17 options.headers = {["Authorization"] = authorization_header};
18 end
13 19
14 local verbs = {presence='join', iq='register'}; 20 local verbs = {presence='join', iq='register'};
15 21
16 local function must_be_authorized(room_node) 22 local function must_be_authorized(room_node)
17 -- If none of these is set, all rooms need authorization 23 -- If none of these is set, all rooms need authorization
45 if not must_be_authorized(jid_node(room.jid)) then return; end 51 if not must_be_authorized(jid_node(room.jid)) then return; end
46 52
47 local user_bare_jid = jid_bare(stanza.attr.from); 53 local user_bare_jid = jid_bare(stanza.attr.from);
48 local url = authorization_url .. "?userJID=" .. user_bare_jid .."&mucJID=" .. room.jid; 54 local url = authorization_url .. "?userJID=" .. user_bare_jid .."&mucJID=" .. room.jid;
49 55
50 local result = wait_for(http.request(url, {method="GET", insecure=insecure}):next(handle_success, handle_error)); 56 local result = wait_for(http.request(url, options):next(handle_success, handle_error));
51 local response, err = result.response, result.err; 57 local response, err = result.response, result.err;
52 58
53 local verb = verbs[stanza.name]; 59 local verb = verbs[stanza.name];
54 if not (response and response.allowed) then 60 if not (response and response.allowed) then
55 -- User is not authorized to join this room 61 -- User is not authorized to join this room