Mercurial > prosody-modules
view mod_auth_any/mod_auth_any.lua @ 5512:1fbc8718bed6
mod_http_oauth2: Bind refresh tokens to client
Prevent one OAuth client from using the refresh tokens issued to another
client as required by RFC 6819 section 5.2.2.2
See also draft-ietf-oauth-security-topics-22 section 2.2.2
Thanks to OAuch for pointing out this issue
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Fri, 02 Jun 2023 10:40:48 +0200 |
parents | 1f7820f68868 |
children |
line wrap: on
line source
-- Prosody IM -- Copyright (C) 2008-2010 Matthew Wild -- Copyright (C) 2008-2010 Waqas Hussain -- -- This project is MIT/X11 licensed. Please see the -- COPYING file in the source package for more information. -- -- luacheck: ignore 212 local datamanager = require "util.datamanager"; local new_sasl = require "util.sasl".new; local host = module.host; local provider = { name = "any" }; function provider.test_password(username, password) return true; end function provider.set_password(username, password) local account = datamanager.load(username, host, "accounts"); if account then account.password = password; return datamanager.store(username, host, "accounts", account); end return nil, "Account not available."; end function provider.user_exists(username) return true; end function provider.create_user(username, password) return datamanager.store(username, host, "accounts", {password = password}); end function provider.delete_user(username) return datamanager.store(username, host, "accounts", nil); end function provider.get_sasl_handler() local getpass_authentication_profile = { plain_test = function(sasl, username, password, realm) return true, true; end }; return new_sasl(module.host, getpass_authentication_profile); end module:add_item("auth-provider", provider);