Mercurial > prosody-modules

view mod_ipcheck/mod_ipcheck.lua @ 5405:c7a5caad28ef

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2: Enforce response type encoded in client_id The client promises to only use this response type, so we should hold them to that. This makes it fail earlier if the response type is disabled or the client is trying to use one that it promised not to use. Better than failing after login and consent.
author Kim Alvefur <zash@zash.se>
date Tue, 02 May 2023 16:31:25 +0200
parents b0628bc93acf
children
line wrap: on
line source


-- mod_ipcheck.lua
-- Implementation of XEP-0279: Server IP Check <http://xmpp.org/extensions/xep-0279.html>

local st = require "util.stanza";

module:add_feature("urn:xmpp:sic:0");

module:hook("iq-get/bare/urn:xmpp:sic:0:ip", function(event)
	local origin, stanza = event.origin, event.stanza;
	if stanza.attr.to then
		origin.send(st.error_reply(stanza, "auth", "forbidden", "You can only ask about your own IP address"));
	elseif origin.ip then
		origin.send(st.reply(stanza):tag("ip", {xmlns='urn:xmpp:sic:0'}):text(origin.ip));
	else
		-- IP addresses should normally be available, but in case they are not
		origin.send(st.error_reply(stanza, "cancel", "service-unavailable", "IP address for this session is not available"));
	end
	return true;
end);

module:add_feature("urn:xmpp:sic:1");

module:hook("iq-get/bare/urn:xmpp:sic:1:address", function(event)
	local origin, stanza = event.origin, event.stanza;
	if stanza.attr.to then
		origin.send(st.error_reply(stanza, "auth", "forbidden", "You can only ask about your own IP address"));
	elseif origin.ip then
		local reply = st.reply(stanza):tag("address", {xmlns='urn:xmpp:sic:1'})
			:tag("ip"):text(origin.ip):up()
		if origin.conn and origin.conn.port then -- server_event
			reply:tag("port"):text(tostring(origin.conn:port()))
		elseif origin.conn and origin.conn.clientport then -- server_select
			reply:tag("port"):text(tostring(origin.conn:clientport()))
		end
		origin.send(reply);
	else
		-- IP addresses should normally be available, but in case they are not
		origin.send(st.error_reply(stanza, "cancel", "service-unavailable", "IP address for this session is not available"));
	end
	return true;
end);