Mercurial > prosody-modules
comparison mod_rest/mod_rest.lua @ 3971:ae5ac41c391d
mod_rest: Improve auth error reporting
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sun, 12 Apr 2020 18:07:16 +0200 |
| parents | 93147b89ea67 |
| children | 04c11b652aeb |
comparison
equal
deleted
inserted
replaced
| 3970:e0f3e29ab18a | 3971:ae5ac41c391d |
|---|---|
| 114 end | 114 end |
| 115 return tostring(s); | 115 return tostring(s); |
| 116 end | 116 end |
| 117 | 117 |
| 118 local post_errors = { | 118 local post_errors = { |
| 119 noauthz = { code = 401, type = "auth", condition = "not-authorized", text = "No credentials provided" }, | |
| 120 unauthz = { code = 403, type = "auth", condition = "not-authorized", text = "Credentials not accepted" }, | |
| 119 parse = { code = 400, condition = "not-well-formed", text = "Failed to parse payload", }, | 121 parse = { code = 400, condition = "not-well-formed", text = "Failed to parse payload", }, |
| 120 xmlns = { code = 422, condition = "invalid-namespace", text = "'xmlns' attribute must be empty", }, | 122 xmlns = { code = 422, condition = "invalid-namespace", text = "'xmlns' attribute must be empty", }, |
| 121 name = { code = 422, condition = "unsupported-stanza-type", text = "Invalid stanza, must be 'message', 'presence' or 'iq'.", }, | 123 name = { code = 422, condition = "unsupported-stanza-type", text = "Invalid stanza, must be 'message', 'presence' or 'iq'.", }, |
| 122 to = { code = 422, condition = "improper-addressing", text = "Invalid destination JID", }, | 124 to = { code = 422, condition = "improper-addressing", text = "Invalid destination JID", }, |
| 123 from = { code = 422, condition = "invalid-from", text = "Invalid source JID", }, | 125 from = { code = 422, condition = "invalid-from", text = "Invalid source JID", }, |
| 131 local from; | 133 local from; |
| 132 local origin; | 134 local origin; |
| 133 | 135 |
| 134 if not request.headers.authorization then | 136 if not request.headers.authorization then |
| 135 response.headers.www_authenticate = www_authenticate_header; | 137 response.headers.www_authenticate = www_authenticate_header; |
| 136 return 401; | 138 return errors.new("noauthz", nil, post_errors); |
| 137 else | 139 else |
| 138 origin = check_credentials(request); | 140 origin = check_credentials(request); |
| 139 if not origin then | 141 if not origin then |
| 140 return 401; | 142 return errors.new("unauthz", nil, post_errors); |
| 141 end | 143 end |
| 142 from = jid.join(origin.username, origin.host, origin.resource); | 144 from = jid.join(origin.username, origin.host, origin.resource); |
| 143 end | 145 end |
| 144 local payload, err = parse(request.headers.content_type, request.body); | 146 local payload, err = parse(request.headers.content_type, request.body); |
| 145 if not payload then | 147 if not payload then |