Mercurial > prosody-modules
view mod_http_avatar/mod_http_avatar.lua @ 5223:8b2a36847912
mod_http_oauth2: Support HTTP Basic auth on token endpoint
This is described in RFC 6749 section 2.3.1 and draft-ietf-oauth-v2-1-07 2.3.1
as the recommended way to transmit the client's credentials.
The older spec even calls it the "client password", but the new spec clarifies
that this is just another term for the client secret.
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Tue, 07 Mar 2023 15:27:50 +0000 |
| parents | 5b4e7db5943c |
| children | 0f103a6e9ba4 |
line wrap: on
line source
-- Prosody IM -- Copyright (C) 2018 Emmanuel Gil Peyrot -- -- This project is MIT/X11 licensed. Please see the -- COPYING file in the source package for more information. local base64 = require"util.encodings".base64; local sha1 = require"util.hashes".sha1; local st = require"util.stanza"; module:depends"http"; local vcard_storage = module:open_store"vcard"; local default_avatar = [[<svg xmlns='http://www.w3.org/2000/svg' version='1.1' viewBox='0 0 150 150'> <rect width='150' height='150' fill='#888' stroke-width='1' stroke='#000'/> <text x='75' y='100' text-anchor='middle' font-size='100'>?</text> </svg>]]; local function get_avatar(event, path) local request, response = event.request, event.response; local photo_type, binval; local vcard, err = vcard_storage:get(path); if vcard then vcard = st.deserialize(vcard); local photo = vcard:get_child("PHOTO", "vcard-temp"); if photo then photo_type = photo:get_child_text("TYPE", "vcard-temp"); binval = photo:get_child_text("BINVAL", "vcard-temp"); end end if not photo_type or not binval then response.status_code = 404; response.headers.content_type = "image/svg+xml"; return default_avatar; end local avatar = base64.decode(binval); local hash = sha1(avatar, true); if request.headers.if_none_match == hash then return 304; end response.headers.content_type = photo_type; response.headers.etag = hash; return avatar; end module:provides("http", { route = { ["GET /*"] = get_avatar; }; });