view mod_s2s_blacklist/mod_s2s_blacklist.lua @ 5383:df11a2cbc7b7

mod_http_oauth2: Implement RFC 7628 Proof Key for Code Exchange Likely to become mandatory in OAuth 2.1. Backwards compatible since the default 'plain' verifier would compare nil with nil if the relevant parameters are left out.
author Kim Alvefur <zash@zash.se>
date Sat, 29 Apr 2023 13:09:46 +0200
parents d958558e0058
children
line wrap: on
line source

local st = require "util.stanza";

local blacklist = module:get_option_inherited_set("s2s_blacklist", {});

module:hook("route/remote", function (event)
	if blacklist:contains(event.to_host) then
		if event.stanza.attr.type ~= "error" then
			module:send(st.error_reply(event.stanza, "cancel", "not-allowed", "Communication with this domain is restricted"));
		end
		return true;
	end
end, 100);

module:hook("s2s-stream-features", function (event)
	if blacklist:contains(event.origin.from_host) then
		event.origin:close({
			condition = "policy-violation";
			text = "Communication with this domain is restricted";
		});
	end
end, 1000);