Mercurial > prosody-modules
comparison mod_auth_ldap2/mod_auth_ldap2.lua @ 927:a9dfa7232d88
Merge
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Tue, 12 Mar 2013 12:10:25 +0000 |
| parents | 490cb9161c81 |
| children | f2b29183ef08 |
comparison
equal
deleted
inserted
replaced
| 926:f88381a39c56 | 927:a9dfa7232d88 |
|---|---|
| 1 -- vim:sts=4 sw=4 | |
| 2 | |
| 3 -- Prosody IM | |
| 4 -- Copyright (C) 2008-2010 Matthew Wild | |
| 5 -- Copyright (C) 2008-2010 Waqas Hussain | |
| 6 -- Copyright (C) 2012 Rob Hoelz | |
| 7 -- | |
| 8 -- This project is MIT/X11 licensed. Please see the | |
| 9 -- COPYING file in the source package for more information. | |
| 10 -- | |
| 11 -- http://code.google.com/p/prosody-modules/source/browse/mod_auth_ldap/mod_auth_ldap.lua | |
| 12 -- adapted to use common LDAP store | |
| 13 | |
| 14 local ldap = module:require 'ldap'; | |
| 15 local new_sasl = require 'util.sasl'.new; | |
| 16 local jsplit = require 'util.jid'.split; | |
| 17 | |
| 18 if not ldap then | |
| 19 return; | |
| 20 end | |
| 21 | |
| 22 local provider = {} | |
| 23 | |
| 24 function provider.test_password(username, password) | |
| 25 return ldap.bind(username, password); | |
| 26 end | |
| 27 | |
| 28 function provider.user_exists(username) | |
| 29 local params = ldap.getparams() | |
| 30 | |
| 31 local filter = ldap.filter.combine_and(params.user.filter, params.user.usernamefield .. '=' .. username); | |
| 32 | |
| 33 return ldap.singlematch { | |
| 34 base = params.user.basedn, | |
| 35 filter = filter, | |
| 36 }; | |
| 37 end | |
| 38 | |
| 39 function provider.get_password(username) | |
| 40 return nil, "Passwords unavailable for LDAP."; | |
| 41 end | |
| 42 | |
| 43 function provider.set_password(username, password) | |
| 44 return nil, "Passwords unavailable for LDAP."; | |
| 45 end | |
| 46 | |
| 47 function provider.create_user(username, password) | |
| 48 return nil, "Account creation/modification not available with LDAP."; | |
| 49 end | |
| 50 | |
| 51 function provider.get_sasl_handler() | |
| 52 local testpass_authentication_profile = { | |
| 53 plain_test = function(sasl, username, password, realm) | |
| 54 return provider.test_password(username, password), true; | |
| 55 end, | |
| 56 mechanisms = { PLAIN = true }, | |
| 57 }; | |
| 58 return new_sasl(module.host, testpass_authentication_profile); | |
| 59 end | |
| 60 | |
| 61 function provider.is_admin(jid) | |
| 62 local admin_config = ldap.getparams().admin; | |
| 63 | |
| 64 if not admin_config then | |
| 65 return; | |
| 66 end | |
| 67 | |
| 68 local ld = ldap:getconnection(); | |
| 69 local username = jsplit(jid); | |
| 70 local filter = ldap.filter.combine_and(admin_config.filter, admin_config.namefield .. '=' .. username); | |
| 71 | |
| 72 return ldap.singlematch { | |
| 73 base = admin_config.basedn, | |
| 74 filter = filter, | |
| 75 }; | |
| 76 end | |
| 77 | |
| 78 module:provides("auth", provider); |