Mercurial > prosody-modules
comparison mod_sasl2_fast/mod_sasl2_fast.lua @ 5072:d41677929f68
mod_sasl2_fast: Fixes for <authenticate> processing
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Sat, 15 Oct 2022 19:44:54 +0100 |
| parents | bc983da908e6 |
| children | f158f18704c0 |
comparison
equal
deleted
inserted
replaced
| 5071:bc983da908e6 | 5072:d41677929f68 |
|---|---|
| 93 end); | 93 end); |
| 94 | 94 |
| 95 -- Process any FAST elements in <authenticate/> | 95 -- Process any FAST elements in <authenticate/> |
| 96 module:hook_tag(xmlns_sasl2, "authenticate", function (session, auth) | 96 module:hook_tag(xmlns_sasl2, "authenticate", function (session, auth) |
| 97 -- Cache action for future processing (after auth success) | 97 -- Cache action for future processing (after auth success) |
| 98 local fast_auth = auth:get_child(xmlns_fast, "fast"); | 98 local fast_auth = auth:get_child("fast", xmlns_fast); |
| 99 if fast_auth then | 99 if fast_auth then |
| 100 -- Client says it is using FAST auth, so set our SASL handler | 100 -- Client says it is using FAST auth, so set our SASL handler |
| 101 local fast_sasl_handler = session.fast_sasl_handler; | 101 local fast_sasl_handler = session.fast_sasl_handler; |
| 102 if fast_sasl_handler then | 102 local client_id = auth:get_child_attr("user-agent", nil, "id"); |
| 103 if fast_sasl_handler and client_id then | |
| 103 session.log("debug", "Client is authenticating using FAST"); | 104 session.log("debug", "Client is authenticating using FAST"); |
| 104 fast_sasl_handler.profile._client_id = session.client_id; | 105 fast_sasl_handler.profile._client_id = client_id; |
| 105 session.sasl_handler = fast_sasl_handler; | 106 session.sasl_handler = fast_sasl_handler; |
| 106 else | 107 else |
| 107 session.log("warn", "Client asked to auth via FAST, but no SASL handler available"); | 108 session.log("warn", "Client asked to auth via FAST, but no SASL handler available"); |
| 108 local failure = st.stanza("failure", { xmlns = xmlns_sasl2 }) | 109 local failure = st.stanza("failure", { xmlns = xmlns_sasl2 }) |
| 109 :tag("malformed-request"):up() | 110 :tag("malformed-request"):up() |
| 111 session.send(failure); | 112 session.send(failure); |
| 112 return true; | 113 return true; |
| 113 end | 114 end |
| 114 end | 115 end |
| 115 session.fast_sasl_handler = nil; | 116 session.fast_sasl_handler = nil; |
| 116 local fast_token_request = auth:get_child(xmlns_fast, "request-token"); | 117 local fast_token_request = auth:get_child("request-token", xmlns_fast); |
| 117 if fast_token_request then | 118 if fast_token_request then |
| 118 local mech = fast_token_request.attr.mechanism; | 119 local mech = fast_token_request.attr.mechanism; |
| 119 session.log("debug", "Client requested new FAST token for %s", mech); | 120 session.log("debug", "Client requested new FAST token for %s", mech); |
| 120 session.fast_token_request = { | 121 session.fast_token_request = { |
| 121 mechanism = mech; | 122 mechanism = mech; |