changeset 3288:3eee4029ac6c

mod_s2s_auth_posh: Follow reference https://tools.ietf.org/html/rfc7711#section-3.2
author Kim Alvefur <zash@zash.se>
date Sat, 25 Aug 2018 20:02:40 +0200 (2018-08-25)
parents f0e19a77f81e
children f2037a754480
files mod_s2s_auth_posh/mod_s2s_auth_posh.lua
diffstat 1 files changed, 15 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/mod_s2s_auth_posh/mod_s2s_auth_posh.lua	Sat Aug 25 20:00:45 2018 +0200
+++ b/mod_s2s_auth_posh/mod_s2s_auth_posh.lua	Sat Aug 25 20:02:40 2018 +0200
@@ -46,7 +46,8 @@
 	local url = build_url { scheme = "https", host = target_host, path = "/.well-known/posh/xmpp-server.json" };
 
 	log("debug", "Request POSH information for %s", tostring(target_host));
-	http.request(url, nil, function (response, code)
+	local redirect_followed = false;
+	local function cb (response, code)
 		if code ~= 200 then
 			log("debug", "No or invalid POSH response received");
 			resume();
@@ -59,12 +60,24 @@
 			resume();
 			return;
 		end
+		if type(jwk.url) == "string" then
+			if redirect_followed then
+				redirect_followed = true;
+				http.request(jwk.url, nil, cb);
+			else
+				log("error", "POSH had invalid redirect:\n%s", tostring(response));
+				resume();
+				return;
+			end
+		end
+
 		host_session.posh = { orig = response };
 		jwk.expires = os.time() + tonumber(jwk.expires) or 3600;
 		host_session.posh.jwk = jwk;
 		cache:set(target_host, jwk);
 		resume();
-	end)
+	end
+	http.request(url, nil, cb);
 	return true;
 end