prosody-modules
2bb29ece216b
mod_auto_accept_subscriptions/mod_auto_accept_subscriptions.lua
- Annotate
- comparison
- diff
Software / code / prosody-modules
Annotate
mod_auto_accept_subscriptions/mod_auto_accept_subscriptions.lua @ 5193:2bb29ece216b
mod_http_oauth2: Implement stateless dynamic client registration
Replaces previous explicit registration that required either the
additional module mod_adhoc_oauth2_client or manually editing the
database. That method was enough to have something to test with, but
would not probably not scale easily.
Dynamic client registration allows creating clients on the fly, which
may be even easier in theory.
In order to not allow basically unauthenticated writes to the database,
we implement a stateless model here.
per_host_key := HMAC(config -> oauth2_registration_key, hostname)
client_id := JWT { client metadata } signed with per_host_key
client_secret := HMAC(per_host_key, client_id)
This should ensure everything we need to know is part of the client_id,
allowing redirects etc to be validated, and the client_secret can be
validated with only the client_id and the per_host_key.
A nonce injected into the client_id JWT should ensure nobody can submit
the same client metadata and retrieve the same client_secret
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Fri, 03 Mar 2023 21:14:19 +0100 |
| parent | 1949:6d2ec330fbcf |
| rev | line source |
|---|---|
|
596
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
1 local rostermanager = require "core.rostermanager"; |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 local jid = require "util.jid"; |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 local st = require "util.stanza"; |
|
776
841b5eb5fe52
mod_auto_accept_subscriptions: Import core_post_stanza
Matthew Wild <mwild1@gmail.com>
parents:
596
diff
changeset
|
4 local core_post_stanza = prosody.core_post_stanza; |
|
596
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 local function handle_inbound_subscription_request(origin, stanza) |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
7 local to_bare, from_bare = jid.bare(stanza.attr.to), jid.bare(stanza.attr.from); |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 local node, host = jid.split(to_bare); |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
9 stanza.attr.from, stanza.attr.to = from_bare, to_bare; |
|
1694
25412e94fb3e
mod_auto_accept_subscriptions: Fix passing nil in log message
Matthew Wild <mwild1@gmail.com>
parents:
1343
diff
changeset
|
10 module:log("info", "Auto-accepting inbound subscription request from %s to %s", tostring(from_bare), tostring(to_bare)); |
|
596
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
11 |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
12 if not rostermanager.is_contact_subscribed(node, host, from_bare) then |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
13 core_post_stanza(hosts[host], st.presence({from=to_bare, to=from_bare, type="unavailable"}), true); -- acknowledging receipt |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
14 module:log("debug", "receipt acknowledged"); |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
15 if rostermanager.set_contact_pending_in(node, host, from_bare) then |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
16 module:log("debug", "set pending in"); |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
17 if rostermanager.subscribed(node, host, from_bare) then |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
18 module:log("debug", "set subscribed"); |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
19 rostermanager.roster_push(node, host, to_bare); |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
20 module:log("debug", "pushed roster item"); |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
21 local subscribed_stanza = st.reply(stanza); |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
22 subscribed_stanza.attr.type = "subscribed"; |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
23 core_post_stanza(hosts[host], subscribed_stanza); |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
24 module:log("debug", "sent subscribed"); |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
25 hosts[host].modules.presence.send_presence_of_available_resources(node, host, to_bare, origin); |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
26 module:log("debug", "sent available presence of all resources"); |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
27 -- Add return subscription from user to contact |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
28 local subscribe_stanza = st.reply(stanza); |
|
1949
6d2ec330fbcf
mod_auto_accept_subscriptions: Fix typo in variable name, which would prevent subscription request being sent to contact (thanks Andrey)
Matthew Wild <mwild1@gmail.com>
parents:
1694
diff
changeset
|
29 subscribe_stanza.attr.type = "subscribe"; |
|
596
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
30 if rostermanager.set_contact_pending_out(node, host, from_bare) then |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
31 rostermanager.roster_push(node, host, from_bare); |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
32 end |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
33 core_post_stanza(hosts[host], subscribe_stanza); |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
34 return true; |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
35 end |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
36 end |
|
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
776
diff
changeset
|
37 end |
|
1694
25412e94fb3e
mod_auto_accept_subscriptions: Fix passing nil in log message
Matthew Wild <mwild1@gmail.com>
parents:
1343
diff
changeset
|
38 module:log("warn", "Failed to auto-accept subscription request from %s to %s", tostring(from_bare), tostring(to_bare)); |
|
596
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
39 end |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
40 |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
41 module:hook("presence/bare", function (event) |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
42 local stanza = event.stanza; |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
43 if stanza.attr.type == "subscribe" then |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
44 handle_inbound_subscription_request(event.origin, stanza); |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
45 return true; |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
46 end |
|
b1d82ae063e1
mod_auto_accept_subscriptions: New module to automatically accept incoming subscription requests on behalf of users
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
47 end, 0.1); |
