view mod_saslname/mod_saslname.lua @ 5256:44f7edd4f845

mod_http_oauth2: Reject non-local hosts in more code paths We're not issuing tokens for users on remote hosts, we can't even authenticate them since they're remote. Thus the host is always the local module.host so no need to pass around the host in most cases or use it for anything but enforcing the same host.
author Kim Alvefur <zash@zash.se>
date Thu, 16 Mar 2023 17:52:10 +0100
parents e927d95512e8
children
line wrap: on
line source

local hostname = module:get_option_string("sasl_hostname", module.host);

module:hook("stream-features", function(event)
	local features = event.features;
	local mechs = features:get_child("mechanisms", "urn:ietf:params:xml:ns:xmpp-sasl");
	if mechs then
		mechs:tag("hostname", { xmlns = "urn:xmpp:domain-based-name:1" })
			:text(hostname):up();
	end
end);