view mod_ping_muc/mod_ping_muc.lua @ 5264:d3ebaef1ea7a

mod_http_oauth2: Correctly verify OAuth client credentials on revocation Makes no sense to validate against username and password here, or using a token to revoke another token, or itself? In fact, upon further discussion, why do you need credentials to revoke a token? If you are not supposed to have the token, revoking it seems the most responsible thing to do with it, so it should be allowed, while if you are supposed to have it, you should be allowed to revoke it.
author Kim Alvefur <zash@zash.se>
date Tue, 21 Mar 2023 21:57:18 +0100
parents 0772facc786f
children d6a695abb33c
line wrap: on
line source

local id = require "util.id";
local jid = require "util.jid";
local set = require "util.set";
local st = require "util.stanza";

if module:get_host_type() ~= "local" then
	module:log("error", "mod_%s must be loaded as a regular module, not on Components", module.name);
	return
end

module:depends "track_muc_joins";
module:add_feature("https://modules.prosody.im/mod_" .. module.name);

local local_sessions = prosody.hosts[module.host].sessions;

module:hook_global("s2s-destroyed", function(event)
	local s2s_session = event.session;
	if s2s_session.direction == "outgoing" and s2s_session.from_host ~= module.host then
		return
	elseif s2s_session.direction == "incoming" and s2s_session.to_host ~= module.host then
		return
	end

	local related_hosts = set.new({ s2s_session.direction == "outgoing" and s2s_session.to_host or s2s_session.from_host });

	if s2s_session.hosts then
		-- While rarely used, multiplexing is still supported
		for host, state in pairs(s2s_session.hosts) do if state.authed then related_hosts:add(host); end end
	end

	for _, user_session in pairs(local_sessions) do
		for _, session in pairs(user_session.sessions) do
			if session.rooms_joined then
				for room, info in pairs(session.rooms_joined) do
					local nick = info.nick or info;
					local room_nick = room .. "/" .. nick;
					if related_hosts:contains(jid.host(room)) then
						-- User is in a MUC room for which the s2s connection was lost. Now what?

						-- Self-ping
						-- =========
						--
						-- Response of <iq type=result> means the user is still in the room
						-- (and self-ping is supported), so we do nothing.
						--
						-- An error reply either means the user has fallen out of the room,
						-- or that self-ping is unsupported. In the later case, whether the
						-- user is still joined is indeterminate and we might as well
						-- pretend they fell out.
						module:send_iq(st.iq({ type = "get"; id = id.medium(); from = session.full_jid; to = room_nick })
								:tag("ping", { xmlns = "urn:xmpp:ping"; }))
						:catch(function(err)
							module:send(
								st.presence({ type = "unavailable"; id = id.medium(); to = session.full_jid; from = room_nick })
									:tag("x", { xmlns = "http://jabber.org/protocol/muc#user" })
										:tag("item", { affiliation = "none"; role = "none" })
											:text_tag("reason", err.text or "Connection to remote server lost")
										:up()
										:tag("status", { code = "110" }):up()
										:tag("status", { code = "333" }):up()
									:reset());
						end);
						-- TODO do this with some delay?
					end
				end

			end
		end
	end
end);