view mod_csi_compat/mod_csi_compat.lua @ 5447:aa4828f040c5

mod_http_oauth2: Enforce client scope restrictions in authorization When registering a client, a scope field can be included as a promise to only ever use those. Here we enforce that promise, if given, ensuring a client can't request or be granted a scope it didn't provide in its registration. While currently there is no restrictions at registration time, this could be changed in the future in various ways.
author Kim Alvefur <zash@zash.se>
date Thu, 11 May 2023 19:33:44 +0200
parents db8b256f51ff
children
line wrap: on
line source

local st = require "util.stanza";

module:depends("csi");

module:add_feature("google:queue");

module:hook("iq-set/self/google:queue:query", function(event)
	local origin, stanza = event.origin, event.stanza;
	(origin.log or module._log)("debug", "Google queue invoked (CSI compat mode)")
	local payload = stanza:get_child("query", "google:queue");
	if payload:get_child("enable") then
		module:fire_event("csi-client-inactive", event);
	elseif payload:get_child("disable") then
		module:fire_event("csi-client-active", event);
	end
	-- <flush/> is implemented as a noop, any IQ stanza would flush the queue anyways.
	origin.send(st.reply(stanza));
	return true;
end, 10);