Mercurial > prosody-modules
changeset 2161:95a9f2d234da
Add mod_http_roster_admin
author | JC Brand <jc@opkode.com> |
---|---|
date | Fri, 15 Apr 2016 16:59:27 +0000 |
parents | 394a62163a91 |
children | f1ea8044f9f8 4b58e35a72e0 126d79bf079b |
files | mod_http_roster_admin/LICENSE mod_http_roster_admin/README mod_http_roster_admin/mod_http_roster_admin.lua |
diffstat | 3 files changed, 761 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mod_http_roster_admin/LICENSE Fri Apr 15 16:59:27 2016 +0000 @@ -0,0 +1,373 @@ +Mozilla Public License Version 2.0 +================================== + +1. Definitions +-------------- + +1.1. "Contributor" + means each individual or legal entity that creates, contributes to + the creation of, or owns Covered Software. + +1.2. "Contributor Version" + means the combination of the Contributions of others (if any) used + by a Contributor and that particular Contributor's Contribution. + +1.3. "Contribution" + means Covered Software of a particular Contributor. + +1.4. "Covered Software" + means Source Code Form to which the initial Contributor has attached + the notice in Exhibit A, the Executable Form of such Source Code + Form, and Modifications of such Source Code Form, in each case + including portions thereof. + +1.5. "Incompatible With Secondary Licenses" + means + + (a) that the initial Contributor has attached the notice described + in Exhibit B to the Covered Software; or + + (b) that the Covered Software was made available under the terms of + version 1.1 or earlier of the License, but not also under the + terms of a Secondary License. + +1.6. "Executable Form" + means any form of the work other than Source Code Form. + +1.7. "Larger Work" + means a work that combines Covered Software with other material, in + a separate file or files, that is not Covered Software. + +1.8. "License" + means this document. + +1.9. "Licensable" + means having the right to grant, to the maximum extent possible, + whether at the time of the initial grant or subsequently, any and + all of the rights conveyed by this License. + +1.10. "Modifications" + means any of the following: + + (a) any file in Source Code Form that results from an addition to, + deletion from, or modification of the contents of Covered + Software; or + + (b) any new file in Source Code Form that contains any Covered + Software. + +1.11. "Patent Claims" of a Contributor + means any patent claim(s), including without limitation, method, + process, and apparatus claims, in any patent Licensable by such + Contributor that would be infringed, but for the grant of the + License, by the making, using, selling, offering for sale, having + made, import, or transfer of either its Contributions or its + Contributor Version. + +1.12. "Secondary License" + means either the GNU General Public License, Version 2.0, the GNU + Lesser General Public License, Version 2.1, the GNU Affero General + Public License, Version 3.0, or any later versions of those + licenses. + +1.13. "Source Code Form" + means the form of the work preferred for making modifications. + +1.14. "You" (or "Your") + means an individual or a legal entity exercising rights under this + License. For legal entities, "You" includes any entity that + controls, is controlled by, or is under common control with You. For + purposes of this definition, "control" means (a) the power, direct + or indirect, to cause the direction or management of such entity, + whether by contract or otherwise, or (b) ownership of more than + fifty percent (50%) of the outstanding shares or beneficial + ownership of such entity. + +2. License Grants and Conditions +-------------------------------- + +2.1. Grants + +Each Contributor hereby grants You a world-wide, royalty-free, +non-exclusive license: + +(a) under intellectual property rights (other than patent or trademark) + Licensable by such Contributor to use, reproduce, make available, + modify, display, perform, distribute, and otherwise exploit its + Contributions, either on an unmodified basis, with Modifications, or + as part of a Larger Work; and + +(b) under Patent Claims of such Contributor to make, use, sell, offer + for sale, have made, import, and otherwise transfer either its + Contributions or its Contributor Version. + +2.2. Effective Date + +The licenses granted in Section 2.1 with respect to any Contribution +become effective for each Contribution on the date the Contributor first +distributes such Contribution. + +2.3. Limitations on Grant Scope + +The licenses granted in this Section 2 are the only rights granted under +this License. No additional rights or licenses will be implied from the +distribution or licensing of Covered Software under this License. +Notwithstanding Section 2.1(b) above, no patent license is granted by a +Contributor: + +(a) for any code that a Contributor has removed from Covered Software; + or + +(b) for infringements caused by: (i) Your and any other third party's + modifications of Covered Software, or (ii) the combination of its + Contributions with other software (except as part of its Contributor + Version); or + +(c) under Patent Claims infringed by Covered Software in the absence of + its Contributions. + +This License does not grant any rights in the trademarks, service marks, +or logos of any Contributor (except as may be necessary to comply with +the notice requirements in Section 3.4). + +2.4. Subsequent Licenses + +No Contributor makes additional grants as a result of Your choice to +distribute the Covered Software under a subsequent version of this +License (see Section 10.2) or under the terms of a Secondary License (if +permitted under the terms of Section 3.3). + +2.5. Representation + +Each Contributor represents that the Contributor believes its +Contributions are its original creation(s) or it has sufficient rights +to grant the rights to its Contributions conveyed by this License. + +2.6. Fair Use + +This License is not intended to limit any rights You have under +applicable copyright doctrines of fair use, fair dealing, or other +equivalents. + +2.7. Conditions + +Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted +in Section 2.1. + +3. Responsibilities +------------------- + +3.1. Distribution of Source Form + +All distribution of Covered Software in Source Code Form, including any +Modifications that You create or to which You contribute, must be under +the terms of this License. You must inform recipients that the Source +Code Form of the Covered Software is governed by the terms of this +License, and how they can obtain a copy of this License. You may not +attempt to alter or restrict the recipients' rights in the Source Code +Form. + +3.2. Distribution of Executable Form + +If You distribute Covered Software in Executable Form then: + +(a) such Covered Software must also be made available in Source Code + Form, as described in Section 3.1, and You must inform recipients of + the Executable Form how they can obtain a copy of such Source Code + Form by reasonable means in a timely manner, at a charge no more + than the cost of distribution to the recipient; and + +(b) You may distribute such Executable Form under the terms of this + License, or sublicense it under different terms, provided that the + license for the Executable Form does not attempt to limit or alter + the recipients' rights in the Source Code Form under this License. + +3.3. Distribution of a Larger Work + +You may create and distribute a Larger Work under terms of Your choice, +provided that You also comply with the requirements of this License for +the Covered Software. If the Larger Work is a combination of Covered +Software with a work governed by one or more Secondary Licenses, and the +Covered Software is not Incompatible With Secondary Licenses, this +License permits You to additionally distribute such Covered Software +under the terms of such Secondary License(s), so that the recipient of +the Larger Work may, at their option, further distribute the Covered +Software under the terms of either this License or such Secondary +License(s). + +3.4. Notices + +You may not remove or alter the substance of any license notices +(including copyright notices, patent notices, disclaimers of warranty, +or limitations of liability) contained within the Source Code Form of +the Covered Software, except that You may alter any license notices to +the extent required to remedy known factual inaccuracies. + +3.5. Application of Additional Terms + +You may choose to offer, and to charge a fee for, warranty, support, +indemnity or liability obligations to one or more recipients of Covered +Software. However, You may do so only on Your own behalf, and not on +behalf of any Contributor. You must make it absolutely clear that any +such warranty, support, indemnity, or liability obligation is offered by +You alone, and You hereby agree to indemnify every Contributor for any +liability incurred by such Contributor as a result of warranty, support, +indemnity or liability terms You offer. You may include additional +disclaimers of warranty and limitations of liability specific to any +jurisdiction. + +4. Inability to Comply Due to Statute or Regulation +--------------------------------------------------- + +If it is impossible for You to comply with any of the terms of this +License with respect to some or all of the Covered Software due to +statute, judicial order, or regulation then You must: (a) comply with +the terms of this License to the maximum extent possible; and (b) +describe the limitations and the code they affect. Such description must +be placed in a text file included with all distributions of the Covered +Software under this License. Except to the extent prohibited by statute +or regulation, such description must be sufficiently detailed for a +recipient of ordinary skill to be able to understand it. + +5. Termination +-------------- + +5.1. The rights granted under this License will terminate automatically +if You fail to comply with any of its terms. However, if You become +compliant, then the rights granted under this License from a particular +Contributor are reinstated (a) provisionally, unless and until such +Contributor explicitly and finally terminates Your grants, and (b) on an +ongoing basis, if such Contributor fails to notify You of the +non-compliance by some reasonable means prior to 60 days after You have +come back into compliance. Moreover, Your grants from a particular +Contributor are reinstated on an ongoing basis if such Contributor +notifies You of the non-compliance by some reasonable means, this is the +first time You have received notice of non-compliance with this License +from such Contributor, and You become compliant prior to 30 days after +Your receipt of the notice. + +5.2. If You initiate litigation against any entity by asserting a patent +infringement claim (excluding declaratory judgment actions, +counter-claims, and cross-claims) alleging that a Contributor Version +directly or indirectly infringes any patent, then the rights granted to +You by any and all Contributors for the Covered Software under Section +2.1 of this License shall terminate. + +5.3. In the event of termination under Sections 5.1 or 5.2 above, all +end user license agreements (excluding distributors and resellers) which +have been validly granted by You or Your distributors under this License +prior to termination shall survive termination. + +************************************************************************ +* * +* 6. Disclaimer of Warranty * +* ------------------------- * +* * +* Covered Software is provided under this License on an "as is" * +* basis, without warranty of any kind, either expressed, implied, or * +* statutory, including, without limitation, warranties that the * +* Covered Software is free of defects, merchantable, fit for a * +* particular purpose or non-infringing. The entire risk as to the * +* quality and performance of the Covered Software is with You. * +* Should any Covered Software prove defective in any respect, You * +* (not any Contributor) assume the cost of any necessary servicing, * +* repair, or correction. This disclaimer of warranty constitutes an * +* essential part of this License. No use of any Covered Software is * +* authorized under this License except under this disclaimer. * +* * +************************************************************************ + +************************************************************************ +* * +* 7. Limitation of Liability * +* -------------------------- * +* * +* Under no circumstances and under no legal theory, whether tort * +* (including negligence), contract, or otherwise, shall any * +* Contributor, or anyone who distributes Covered Software as * +* permitted above, be liable to You for any direct, indirect, * +* special, incidental, or consequential damages of any character * +* including, without limitation, damages for lost profits, loss of * +* goodwill, work stoppage, computer failure or malfunction, or any * +* and all other commercial damages or losses, even if such party * +* shall have been informed of the possibility of such damages. This * +* limitation of liability shall not apply to liability for death or * +* personal injury resulting from such party's negligence to the * +* extent applicable law prohibits such limitation. Some * +* jurisdictions do not allow the exclusion or limitation of * +* incidental or consequential damages, so this exclusion and * +* limitation may not apply to You. * +* * +************************************************************************ + +8. Litigation +------------- + +Any litigation relating to this License may be brought only in the +courts of a jurisdiction where the defendant maintains its principal +place of business and such litigation shall be governed by laws of that +jurisdiction, without reference to its conflict-of-law provisions. +Nothing in this Section shall prevent a party's ability to bring +cross-claims or counter-claims. + +9. Miscellaneous +---------------- + +This License represents the complete agreement concerning the subject +matter hereof. If any provision of this License is held to be +unenforceable, such provision shall be reformed only to the extent +necessary to make it enforceable. Any law or regulation which provides +that the language of a contract shall be construed against the drafter +shall not be used to construe this License against a Contributor. + +10. Versions of the License +--------------------------- + +10.1. New Versions + +Mozilla Foundation is the license steward. Except as provided in Section +10.3, no one other than the license steward has the right to modify or +publish new versions of this License. Each version will be given a +distinguishing version number. + +10.2. Effect of New Versions + +You may distribute the Covered Software under the terms of the version +of the License under which You originally received the Covered Software, +or under the terms of any subsequent version published by the license +steward. + +10.3. Modified Versions + +If you create software not governed by this License, and you want to +create a new license for such software, you may create and use a +modified version of this License if you rename the license and remove +any references to the name of the license steward (except to note that +such modified license differs from this License). + +10.4. Distributing Source Code Form that is Incompatible With Secondary +Licenses + +If You choose to distribute Source Code Form that is Incompatible With +Secondary Licenses under the terms of this version of the License, the +notice described in Exhibit B of this License must be attached. + +Exhibit A - Source Code Form License Notice +------------------------------------------- + + This Source Code Form is subject to the terms of the Mozilla Public + License, v. 2.0. If a copy of the MPL was not distributed with this + file, You can obtain one at http://mozilla.org/MPL/2.0/. + +If it is not possible or desirable to put the notice in a particular +file, then You may include the notice in a location (such as a LICENSE +file in a relevant directory) where a recipient would be likely to look +for such a notice. + +You may add additional accurate notices of copyright ownership. + +Exhibit B - "Incompatible With Secondary Licenses" Notice +--------------------------------------------------------- + + This Source Code Form is "Incompatible With Secondary Licenses", as + defined by the Mozilla Public License, v. 2.0.
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mod_http_roster_admin/README Fri Apr 15 16:59:27 2016 +0000 @@ -0,0 +1,91 @@ +mod_http_roster_admin +===================== + +NOTE: THIS MODULE IS RELEASED UNDER THE MOZILLA PUBLIC LICENSE VERSION 2. + +Normally the XMPP server will store and maintain the users' contact +rosters. This module lets you delegate roster management to an external +service. + +Prosody will make an HTTP request to fetch the roster from the external +service. The service will need to notify Prosody whenever a user's roster +changes, so that Prosody can fetch a new roster for that user. + +Configuring this module +----------------------- + +This module relies on `mod_storage_memory` and `mod_block_subscriptions`. + +In `.parts/prosody/etc/prosody/prosody.cfg.lua`, where your particular +`VirtualHost` is being configured, add the following: + + modules_enabled = { + "http_roster_admin", + "block_subscriptions", + "storage_memory", + "http_files" + } + modules_disabled = { + -- Prosody will get the roster from the backend app, + -- so we disable the default roster module. + "roster" + } + storage = { roster = "memory" } + http_roster_url = "http://localhost/contacts/%s" -- %s will be replaced by an URL-encoded username + +The `http_roster_url` parameter needs to be configured to point to the +URL in the backend application which returns users' contacts rosters. + +In this URL, the pattern `%s` is replaced by an URL-encoded username. + +When the user *john* then connects to Prosody, and `http_roster_url` is +set to “http://app.example.org/contacts/%s”, then Prosody will make a +GET request to http://app.example.org/contacts/john + +Notifying Prosody of roster changes +*********************************** + +The external service needs to notify Prosody whenever a user's roster +changes. To do this, it must make an HTTP POST request to either: + +* http://localhost:5280/roster_admin/refresh +* https://localhost:5281/roster_admin/refresh + +Make sure that the "http_files" module is enabled in Prosody's configuration, +for the above URLs to served. + +Ports 5280/5281 can be firewalled and the web server (i.e. Apache or Nginx) +can be configured to reverse proxy those URLs to for example +https://example.org/http-bind. + +The contents of the POST should be a JSON encoded array of usernames whose +rosters have changed. + +For example, if user ‘john’ became friends with ‘aaron’, both john’s +contact list and aaron’s contact lists have changed: + +``` + ["john", "aaron"] +``` + +When the operation is complete Prosody will reply with a summary of the +operation - a JSON object containing: + +* **status**: either “ok” (success) or “error” (operation completely failed) +* **message**: A human-readable message (for logging and debugging purposes) +* **updated**: The number of rosters successfully updated +* **errors**: The number of rosters that failed to update + +Example: + +``` + { + "status": "ok", + "message": "roster update complete", + "updated": 2, + "errors": 0 + } +``` + +Prosody may also return status codes `400` or `500` in case of errors (such +as a missing/malformed body).
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mod_http_roster_admin/mod_http_roster_admin.lua Fri Apr 15 16:59:27 2016 +0000 @@ -0,0 +1,297 @@ +-- mod_http_roster_admin +-- Description: Allow user rosters to be sourced from a remote HTTP API +-- +-- Version: 1.0 +-- Date: 2015-03-06 +-- Author: Matthew Wild <matthew@prosody.im> +-- License: MPLv2 +-- +-- Requirements: +-- Prosody config: +-- storage = { roster = "memory" } +-- modules_disabled = { "roster" } +-- Dependencies: +-- Prosody 0.9 +-- lua-cjson (Debian/Ubuntu/LuaRocks: lua-cjson) + +local http = require "net.http"; +local json = require "cjson"; +local it = require "util.iterators"; +local set = require "util.set"; +local rm = require "core.rostermanager"; +local st = require "util.stanza"; +local array = require "util.array"; + +local host = module.host; +local sessions = hosts[host].sessions; + +local roster_url = module:get_option_string("http_roster_url", "http://localhost/%s"); + +-- Send a roster push to the named user, with the given roster, for the specified +-- contact's roster entry. Used to notify clients of changes/removals. +local function roster_push(username, roster, contact_jid) + local stanza = st.iq({type="set"}) + :tag("query", {xmlns = "jabber:iq:roster" }); + local item = roster[contact_jid]; + if item then + stanza:tag("item", {jid = contact_jid, subscription = item.subscription, name = item.name, ask = item.ask}); + for group in pairs(item.groups) do + stanza:tag("group"):text(group):up(); + end + else + stanza:tag("item", {jid = contact_jid, subscription = "remove"}); + end + stanza:up():up(); -- move out from item + for _, session in pairs(hosts[host].sessions[username].sessions) do + if session.interested then + session.send(stanza); + end + end +end + +-- Send latest presence from the named local user to a contact. +local function send_presence(username, contact_jid, available) + module:log("debug", "Sending %savailable presence from %s to contact %s", (available and "" or "un"), username, contact_jid); + for resource, session in pairs(sessions[username].sessions) do + local pres; + if available then + pres = st.clone(session.presence); + pres.attr.to = contact_jid; + else + pres = st.presence({ to = contact_jid, from = session.full_jid, type = "unavailable" }); + end + module:send(pres); + end +end + +-- Converts a 'friend' object from the API to a Prosody roster item object +local function friend_to_roster_item(friend) + return { + name = friend.name; + subscription = "both"; + groups = friend.groups or {}; + }; +end + +-- Returns a handler function to consume the data returned from +-- the API, compare it to the user's current roster, and perform +-- any actions necessary (roster pushes, presence probes) to +-- synchronize them. +local function updated_friends_handler(username, cb) + return (function (ok, code, friends) + if not ok then + cb(false, code); + end + local user = sessions[username]; + local roster = user.roster; + local old_contacts = set.new(array.collect(it.keys(roster))); + local new_contacts = set.new(array.collect(it.keys(friends))); + + -- These two entries are not real contacts, ignore them + old_contacts:remove(false); + old_contacts:remove("pending"); + + module:log("debug", "New friends list of %s: %s", username, json.encode(friends)); + + -- Calculate which contacts have been added/removed since + -- the last time we fetched the roster + local added_contacts = new_contacts - old_contacts; + local removed_contacts = old_contacts - new_contacts; + + local added, removed = 0, 0; + + -- Add new contacts and notify connected clients + for contact_jid in added_contacts do + module:log("debug", "Processing new friend of %s: %s", username, contact_jid); + roster[contact_jid] = friend_to_roster_item(friends[contact_jid]); + roster_push(username, roster, contact_jid); + send_presence(username, contact_jid, true); + added = added + 1; + end + + -- Remove contacts and notify connected clients + for contact_jid in removed_contacts do + module:log("debug", "Processing removed friend of %s: %s", username, contact_jid); + roster[contact_jid] = nil; + roster_push(username, roster, contact_jid); + send_presence(username, contact_jid, false); + removed = removed + 1; + end + module:log("debug", "User %s: added %d new contacts, removed %d contacts", username, added, removed); + cb(true); + end); +end + +-- Fetch the named user's roster from the API, call callback (cb) +-- with status and result (friends list) when received. +function fetch_roster(username, cb) + local x = {headers = {}}; + x["headers"]["ACCEPT"] = "application/json, text/plain, */*"; + local ok, err = http.request( + roster_url:format(username), + x, + function (roster_data, code) + if code ~= 200 then + if code ~= 0 then + module:log("error", "Error fetching roster from %s (code %d): %s", roster_url:format(username), code, tostring(roster_data):sub(1, 40):match("^[^\r\n]+")); + cb(nil, code, roster_data); + end + return; + end + module:log("debug", "Successfully fetched roster for %s", username); + module:log("debug", "The roster data is %s", roster_data); + cb(true, code, json.decode(roster_data)); + end); + if not ok then + module:log("error", "Failed to connect to roster API at %s: %s", roster_url:format(username), err); + cb(false, 0, err); + end +end + +-- Fetch the named user's roster from the API, synchronize it with +-- the user's current roster. Notify callback (cb) with true/false +-- depending on success or failure. +function refresh_roster(username, cb) + local user = sessions[username]; + if not (user and user.roster) then + module:log("debug", "User's (%q) roster updated, but they are not online - ignoring", username); + cb(true); + return; + end + fetch_roster(username, updated_friends_handler(username, cb)); +end + +--- Roster protocol handling --- + +-- Build a reply to a "roster get" request +local function build_roster_reply(stanza, roster_data) + local roster = st.reply(stanza) + :tag("query", { xmlns = "jabber:iq:roster" }); + + for jid, item in pairs(roster_data) do + if jid and jid ~= "pending" then + roster:tag("item", { + jid = jid, + subscription = item.subscription, + ask = item.ask, + name = item.name, + }); + for group in pairs(item.groups) do + roster:tag("group"):text(group):up(); + end + roster:up(); -- move out from item + end + end + return roster; +end + +-- Handle clients requesting their roster (generally at login) +-- This will not work if mod_roster is loaded (in 0.9). +module:hook("iq-get/self/jabber:iq:roster:query", function(event) + local session, stanza = event.origin, event.stanza; + + session.interested = true; -- resource is interested in roster updates + + local roster = session.roster; + if roster[false].downloaded then + return session.send(build_roster_reply(stanza, roster)); + end + + -- It's possible that we can call this more than once for a new roster + -- Should happen rarely (multiple clients of the same user request the + -- roster in the time it takes the API to respond). Currently we just + -- issue multiple requests, as it's harmless apart from the wasted + -- requests. + fetch_roster(session.username, function (ok, code, friends) + if not ok then + session.send(st.error_reply(stanza, "cancel", "internal-server-error")); + session:close("internal-server-error"); + return; + end + + -- Are we the first callback to handle the downloaded roster? + local first = roster[false].downloaded == nil; + + if first then + -- Fill out new roster + for jid, friend in pairs(friends) do + roster[jid] = friend_to_roster_item(friend); + end + end + + -- Send full roster to client + session.send(build_roster_reply(stanza, roster)); + + if not first then + -- We already had a roster, make sure to handle any changes... + updated_friends_handler(session.username, nil)(ok, code, friends); + end + end); + + return true; +end); + +-- Prevent client from making changes to the roster. This will not +-- work if mod_roster is loaded (in 0.9). +module:hook("iq-set/self/jabber:iq:roster:query", function(event) + local session, stanza = event.origin, event.stanza; + return session.send(st.error_reply(stanza, "cancel", "service-unavailable")); +end); + +--- HTTP endpoint to trigger roster refresh --- + +-- Handles updating for a single user: GET /roster_admin/refresh/USERNAME +function handle_refresh_single(event, username) + refresh_roster(username, function (ok, code, err) + event.response.headers["Content-Type"] = "application/json"; + event.response:send(json.encode({ + status = ok and "ok" or "error"; + message = err or "roster update complete"; + })); + end); + return true; +end + +-- Handles updating for multiple users: POST /roster_admin/refresh +-- Payload should be a JSON array of usernames, e.g. ["user1", "user2", "user3"] +function handle_refresh_multi(event) + local users = json.decode(event.request.body); + if not users then + module:log("warn", "Multi-user refresh attempted with missing/invalid payload"); + event.response:send(400); + return true; + end + + local count, count_err = 0, 0; + + local function cb(ok) + count = count + 1; + if not ok then + count_err = count_err + 1; + end + + if count == #users then + event.response.headers["Content-Type"] = "application/json"; + event.response:send(json.encode({ + status = "ok"; + message = "roster update complete"; + updated = count - count_err; + errors = count_err; + })); + end + end + + for _, username in ipairs(users) do + refresh_roster(username, cb); + end + + return true; +end + + +module:provides("http", { + route = { + ["POST /refresh"] = handle_refresh_multi; + ["GET /refresh/*"] = handle_refresh_single; + }; +});