Mercurial > prosody-modules
comparison mod_rest/mod_rest.lua @ 3802:f88e07630e4e
mod_rest: Add support for simple Bearer token auth
Token specified in config
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Tue, 31 Dec 2019 03:37:46 +0100 |
| parents | d59fb4dcf100 |
| children | dc2b5a412286 |
comparison
equal
deleted
inserted
replaced
| 3801:d59fb4dcf100 | 3802:f88e07630e4e |
|---|---|
| 11 local st = require "util.stanza"; | 11 local st = require "util.stanza"; |
| 12 local xml = require "util.xml"; | 12 local xml = require "util.xml"; |
| 13 | 13 |
| 14 local allow_any_source = module:get_host_type() == "component"; | 14 local allow_any_source = module:get_host_type() == "component"; |
| 15 local validate_from_addresses = module:get_option_boolean("validate_from_addresses", true); | 15 local validate_from_addresses = module:get_option_boolean("validate_from_addresses", true); |
| 16 local secret = assert(module:get_option_string("rest_credentials"), "rest_credentials is a required setting"); | |
| 17 local auth_type = assert(secret:match("^%S+"), "Format of rest_credentials MUST be like 'Bearer secret'"); | |
| 18 assert(auth_type == "Bearer", "Only 'Bearer' is supported in rest_credentials"); | |
| 19 | |
| 20 -- Bearer token | |
| 21 local function check_credentials(request) | |
| 22 return request.headers.authorization == secret; | |
| 23 end | |
| 16 | 24 |
| 17 local function handle_post(event) | 25 local function handle_post(event) |
| 18 local request, response = event.request, event.response; | 26 local request, response = event.request, event.response; |
| 27 if not request.headers.authorization then | |
| 28 response.headers.www_authenticate = ("%s realm=%q"):format(auth_type, module.host.."/"..module.name); | |
| 29 return 401; | |
| 30 elseif not check_credentials(request) then | |
| 31 return 401; | |
| 32 end | |
| 19 if request.headers.content_type ~= "application/xmpp+xml" then | 33 if request.headers.content_type ~= "application/xmpp+xml" then |
| 20 return errors.new({ code = 415, text = "'application/xmpp+xml' expected" }); | 34 return errors.new({ code = 415, text = "'application/xmpp+xml' expected" }); |
| 21 end | 35 end |
| 22 local payload, err = xml.parse(request.body); | 36 local payload, err = xml.parse(request.body); |
| 23 if not payload then | 37 if not payload then |