# HG changeset patch # User Waqas Hussain # Date 1347477462 -18000 # Node ID 960007b0901e57faf56983e78c1da73b111b3e93 # Parent b16b291d68c33f1ce453cacb56966d48f526ce0f mod_auth_external, mod_auth_internal_yubikey: Get rid of useless wrapper function around the auth provider. diff -r b16b291d68c3 -r 960007b0901e mod_auth_external/mod_auth_external.lua --- a/mod_auth_external/mod_auth_external.lua Wed Sep 12 19:15:45 2012 +0000 +++ b/mod_auth_external/mod_auth_external.lua Thu Sep 13 00:17:42 2012 +0500 @@ -93,53 +93,50 @@ end end -function new_external_provider(host) - local provider = {}; - - function provider.test_password(username, password) - return do_query("auth", username, password); - end +local host = module.host; +local provider = {}; - function provider.set_password(username, password) - return do_query("setpass", username, password); - end - - function provider.user_exists(username) - return do_query("isuser", username); - end +function provider.test_password(username, password) + return do_query("auth", username, password); +end - function provider.create_user(username, password) return nil, "Account creation/modification not available."; end - - function provider.get_sasl_handler() - local testpass_authentication_profile = { - plain_test = function(sasl, username, password, realm) - local prepped_username = nodeprep(username); - if not prepped_username then - log("debug", "NODEprep failed on username: %s", username); - return "", nil; - end - return usermanager.test_password(prepped_username, realm, password), true; - end, - }; - return new_sasl(module.host, testpass_authentication_profile); - end +function provider.set_password(username, password) + return do_query("setpass", username, password); +end - function provider.is_admin(jid) - local admins = config.get(host, "core", "admins"); - if admins ~= config.get("*", "core", "admins") then - if type(admins) == "table" then - jid = jid_bare(jid); - for _,admin in ipairs(admins) do - if admin == jid then return true; end - end - elseif admins then - log("error", "Option 'admins' for host '%s' is not a table", host); - end - end - return usermanager.is_admin(jid); -- Test whether it's a global admin instead - end - - return provider; +function provider.user_exists(username) + return do_query("isuser", username); end -module:provides("auth", new_external_provider(module.host)); +function provider.create_user(username, password) return nil, "Account creation/modification not available."; end + +function provider.get_sasl_handler() + local testpass_authentication_profile = { + plain_test = function(sasl, username, password, realm) + local prepped_username = nodeprep(username); + if not prepped_username then + log("debug", "NODEprep failed on username: %s", username); + return "", nil; + end + return usermanager.test_password(prepped_username, realm, password), true; + end, + }; + return new_sasl(host, testpass_authentication_profile); +end + +function provider.is_admin(jid) + local admins = config.get(host, "core", "admins"); + if admins ~= config.get("*", "core", "admins") then + if type(admins) == "table" then + jid = jid_bare(jid); + for _,admin in ipairs(admins) do + if admin == jid then return true; end + end + elseif admins then + log("error", "Option 'admins' for host '%s' is not a table", host); + end + end + return usermanager.is_admin(jid); -- Test whether it's a global admin instead +end + +module:provides("auth", provider); diff -r b16b291d68c3 -r 960007b0901e mod_auth_internal_yubikey/mod_auth_internal_yubikey.lua --- a/mod_auth_internal_yubikey/mod_auth_internal_yubikey.lua Wed Sep 12 19:15:45 2012 +0000 +++ b/mod_auth_internal_yubikey/mod_auth_internal_yubikey.lua Thu Sep 13 00:17:42 2012 +0500 @@ -45,83 +45,80 @@ local global_yubikey_key = module:get_option_string("yubikey_key"); -function new_default_provider(host) - local provider = {}; - log("debug", "initializing default authentication provider for host '%s'", host); +local host = module.host; +local provider = {}; +log("debug", "initializing default authentication provider for host '%s'", host); + +function provider.test_password(username, password) + log("debug", "test password '%s' for user %s at host %s", password, username, module.host); - function provider.test_password(username, password) - log("debug", "test password '%s' for user %s at host %s", password, username, module.host); - - local account_info = datamanager.load(username, host, "accounts") or {}; - local yubikey_key = account_info.yubikey_key or global_yubikey_key; - if account_info.yubikey_key then - log("debug", "Authenticating Yubikey OTP for %s", username); - local authed, err = yubikey:authenticate(password, account_info.yubikey_key, account_info.yubikey_state or {}, { account = account_info, username = username, host = host }); - if not authed then - log("debug", "Failed to authenticate %s via OTP: %s", username, err); - return authed, err; - end - return authed; - elseif account_info.password and password == account_info.password then - -- No yubikey configured for this user, treat as normal password - log("debug", "No yubikey configured for %s, successful login using password auth", username); - return true; - else - return nil, "Auth failed. Invalid username or password."; - end - end - - function provider.get_password(username) - log("debug", "get_password for username '%s' at host '%s'", username, module.host); - return (datamanager.load(username, host, "accounts") or {}).password; - end - - function provider.set_password(username, password) - local account = datamanager.load(username, host, "accounts"); - if account then - account.password = password; - return datamanager.store(username, host, "accounts", account); + local account_info = datamanager.load(username, host, "accounts") or {}; + local yubikey_key = account_info.yubikey_key or global_yubikey_key; + if account_info.yubikey_key then + log("debug", "Authenticating Yubikey OTP for %s", username); + local authed, err = yubikey:authenticate(password, account_info.yubikey_key, account_info.yubikey_state or {}, { account = account_info, username = username, host = host }); + if not authed then + log("debug", "Failed to authenticate %s via OTP: %s", username, err); + return authed, err; end - return nil, "Account not available."; - end - - function provider.user_exists(username) - local account = datamanager.load(username, host, "accounts"); - if not account then - log("debug", "account not found for username '%s' at host '%s'", username, module.host); - return nil, "Auth failed. Invalid username"; - end + return authed; + elseif account_info.password and password == account_info.password then + -- No yubikey configured for this user, treat as normal password + log("debug", "No yubikey configured for %s, successful login using password auth", username); return true; - end - - function provider.create_user(username, password) - return datamanager.store(username, host, "accounts", {password = password}); - end - - function provider.delete_user(username) - return datamanager.store(username, host, "accounts", nil); + else + return nil, "Auth failed. Invalid username or password."; end +end - function provider.get_sasl_handler() - local realm = module:get_option("sasl_realm") or module.host; - local getpass_authentication_profile = { - plain_test = function(sasl, username, password, realm) - local prepped_username = nodeprep(username); - if not prepped_username then - log("debug", "NODEprep failed on username: %s", username); - return false, nil; - end - - return usermanager.test_password(username, realm, password), true; - end - }; - return new_sasl(realm, getpass_authentication_profile); - end - - return provider; +function provider.get_password(username) + log("debug", "get_password for username '%s' at host '%s'", username, module.host); + return (datamanager.load(username, host, "accounts") or {}).password; end -module:provides("auth", new_default_provider(module.host)); +function provider.set_password(username, password) + local account = datamanager.load(username, host, "accounts"); + if account then + account.password = password; + return datamanager.store(username, host, "accounts", account); + end + return nil, "Account not available."; +end + +function provider.user_exists(username) + local account = datamanager.load(username, host, "accounts"); + if not account then + log("debug", "account not found for username '%s' at host '%s'", username, module.host); + return nil, "Auth failed. Invalid username"; + end + return true; +end + +function provider.create_user(username, password) + return datamanager.store(username, host, "accounts", {password = password}); +end + +function provider.delete_user(username) + return datamanager.store(username, host, "accounts", nil); +end + +function provider.get_sasl_handler() + local realm = module:get_option("sasl_realm") or module.host; + local getpass_authentication_profile = { + plain_test = function(sasl, username, password, realm) + local prepped_username = nodeprep(username); + if not prepped_username then + log("debug", "NODEprep failed on username: %s", username); + return false, nil; + end + + return usermanager.test_password(username, realm, password), true; + end + }; + return new_sasl(realm, getpass_authentication_profile); +end + +module:provides("auth", provider); function module.command(arg) local command = arg[1];