Mercurial > prosody-modules
comparison mod_muc_http_auth/mod_muc_http_auth.lua @ 4304:aec8148df26a
mod_muc_http_auth: Bugfix: Not properly listening on register IQs
| author | Seve Ferrer <seve@delape.net> |
|---|---|
| date | Fri, 18 Dec 2020 16:31:01 +0100 |
| parents | d261233f7ced |
| children | caaa40f072da |
comparison
equal
deleted
inserted
replaced
| 4303:d261233f7ced | 4304:aec8148df26a |
|---|---|
| 8 local authorization_url = module:get_option("muc_http_auth_url", "") | 8 local authorization_url = module:get_option("muc_http_auth_url", "") |
| 9 local enabled_for = module:get_option_set("muc_http_auth_enabled_for", nil) | 9 local enabled_for = module:get_option_set("muc_http_auth_enabled_for", nil) |
| 10 local disabled_for = module:get_option_set("muc_http_auth_disabled_for", nil) | 10 local disabled_for = module:get_option_set("muc_http_auth_disabled_for", nil) |
| 11 local insecure = module:get_option("muc_http_auth_insecure", false) --For development purposes | 11 local insecure = module:get_option("muc_http_auth_insecure", false) --For development purposes |
| 12 local authorize_registration = module:get_option("muc_http_auth_authorize_registration", false) | 12 local authorize_registration = module:get_option("muc_http_auth_authorize_registration", false) |
| 13 | |
| 14 local verbs = {presence='join', iq='register'}; | |
| 13 | 15 |
| 14 local function must_be_authorized(room_node) | 16 local function must_be_authorized(room_node) |
| 15 -- If none of these is set, all rooms need authorization | 17 -- If none of these is set, all rooms need authorization |
| 16 if not enabled_for and not disabled_for then return true; end | 18 if not enabled_for and not disabled_for then return true; end |
| 17 | 19 |
| 33 return {err=err}; | 35 return {err=err}; |
| 34 end | 36 end |
| 35 | 37 |
| 36 local function handle_presence(event) | 38 local function handle_presence(event) |
| 37 local stanza = event.stanza; | 39 local stanza = event.stanza; |
| 38 if stanza.name ~= "presence" or stanza.attr.type == "unavailable" then | 40 if stanza.name ~= "iq" and stanza.name ~= "presence" or stanza.attr.type == "unavailable" then return; end |
| 39 return; | |
| 40 end | |
| 41 | 41 |
| 42 local room, origin = event.room, event.origin; | 42 local room, origin = event.room, event.origin; |
| 43 if (not room) or (not origin) then return; end | 43 if (not room) or (not origin) then return; end |
| 44 | 44 |
| 45 if not must_be_authorized(jid_node(room.jid)) then return; end | 45 if not must_be_authorized(jid_node(room.jid)) then return; end |
| 48 local url = authorization_url .. "?userJID=" .. user_bare_jid .."&mucJID=" .. room.jid; | 48 local url = authorization_url .. "?userJID=" .. user_bare_jid .."&mucJID=" .. room.jid; |
| 49 | 49 |
| 50 local result = wait_for(http.request(url, {method="GET", insecure=insecure}):next(handle_success, handle_error)); | 50 local result = wait_for(http.request(url, {method="GET", insecure=insecure}):next(handle_success, handle_error)); |
| 51 local response, err = result.response, result.err; | 51 local response, err = result.response, result.err; |
| 52 | 52 |
| 53 local verb = verbs[stanza.name]; | |
| 53 if not (response and response.allowed) then | 54 if not (response and response.allowed) then |
| 54 -- User is not authorized to join this room | 55 -- User is not authorized to join this room |
| 55 err = (response or {}).err or err | 56 err = (response or {}).err or err |
| 56 module:log("debug", user_bare_jid .. " is not authorized to join " .. room.jid .. " Error: " .. tostring(err)); | 57 module:log("debug", user_bare_jid .. " is not authorized to " ..verb.. ": " .. room.jid .. " Error: " .. tostring(err)); |
| 57 origin.send(st.error_reply(stanza, "error", "not-authorized", nil, module.host)); | 58 origin.send(st.error_reply(stanza, "error", "not-authorized", nil, module.host)); |
| 58 return true; | 59 return true; |
| 59 end | 60 end |
| 60 | 61 |
| 61 module:log("debug", user_bare_jid .. " is authorized to join " .. room.jid); | 62 module:log("debug", user_bare_jid .. " is authorized to " .. verb .. ": " .. room.jid); |
| 62 return; | 63 return; |
| 63 end | 64 end |
| 64 | 65 |
| 65 if authorize_registration then | 66 if authorize_registration then |
| 66 module:hook("muc-register-iq", handle_presence); | 67 module:hook("muc-register-iq", handle_presence); |