Software / code / prosody-modules
Annotate
mod_onhold/mod_onhold.lua @ 5193:2bb29ece216b
mod_http_oauth2: Implement stateless dynamic client registration
Replaces previous explicit registration that required either the
additional module mod_adhoc_oauth2_client or manually editing the
database. That method was enough to have something to test with, but
would not probably not scale easily.
Dynamic client registration allows creating clients on the fly, which
may be even easier in theory.
In order to not allow basically unauthenticated writes to the database,
we implement a stateless model here.
per_host_key := HMAC(config -> oauth2_registration_key, hostname)
client_id := JWT { client metadata } signed with per_host_key
client_secret := HMAC(per_host_key, client_id)
This should ensure everything we need to know is part of the client_id,
allowing redirects etc to be validated, and the client_secret can be
validated with only the client_id and the per_host_key.
A nonce injected into the client_id JWT should ensure nobody can submit
the same client metadata and retrieve the same client_secret
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Fri, 03 Mar 2023 21:14:19 +0100 |
| parent | 1343:7dbde05b48a9 |
| rev | line source |
|---|---|
|
2
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
1 -- Prosody IM |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
2 -- Copyright (C) 2008-2009 Matthew Wild |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
3 -- Copyright (C) 2008-2009 Waqas Hussain |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
4 -- Copyright (C) 2009 Jeff Mitchell |
|
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
2
diff
changeset
|
5 -- |
|
2
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
6 -- This project is MIT/X11 licensed. Please see the |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
7 -- COPYING file in the source package for more information. |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
8 -- |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
9 |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
10 local datamanager = require "util.datamanager"; |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
11 local jid_bare = require "util.jid".bare; |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
12 local jid_split = require "util.jid".split; |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
13 local st = require "util.stanza"; |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
14 local datetime = require "util.datetime"; |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
15 local ipairs = ipairs; |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
16 local onhold_jids = module:get_option("onhold_jids") or {}; |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
17 for _, jid in ipairs(onhold_jids) do onhold_jids[jid] = true; end |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
18 |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
19 function process_message(event) |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
20 local session, stanza = event.origin, event.stanza; |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
21 local to = stanza.attr.to; |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
22 local from = jid_bare(stanza.attr.from); |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
23 local node, host; |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
24 local onhold_node, onhold_host; |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
25 |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
26 if to then |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
27 node, host = jid_split(to) |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
28 else |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
29 node, host = session.username, session.host; |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
30 end |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
31 |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
32 if onhold_jids[from] then |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
33 stanza.attr.stamp, stanza.attr.stamp_legacy = datetime.datetime(), datetime.legacy(); |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
34 local result = datamanager.list_append(node, host, "onhold", st.preserialize(stanza)); |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
35 stanza.attr.stamp, stanza.attr.stamp_legacy = nil, nil; |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
36 return true; |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
37 end |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
38 return nil; |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
39 end |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
40 |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
41 module:hook("message/bare", process_message, 5); |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
42 |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
43 module:hook("message/full", process_message, 5); |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
44 |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
45 module:hook("presence/bare", function(event) |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
46 if event.origin.presence then return nil; end |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
47 local session = event.origin; |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
48 local node, host = session.username, session.host; |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
49 local from; |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
50 local de_stanza; |
|
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
2
diff
changeset
|
51 |
|
2
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
52 local data = datamanager.list_load(node, host, "onhold"); |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
53 local newdata = {}; |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
54 if not data then return nil; end |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
55 for _, stanza in ipairs(data) do |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
56 de_stanza = st.deserialize(stanza); |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
57 from = jid_bare(de_stanza.attr.from); |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
58 if not onhold_jids[from] then |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
59 de_stanza:tag("delay", {xmlns = "urn:xmpp:delay", from = host, stamp = de_stanza.attr.stamp}):up(); -- XEP-0203 |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
60 de_stanza:tag("x", {xmlns = "jabber:x:delay", from = host, stamp = de_stanza.attr.stamp_legacy}):up(); -- XEP-0091 (deprecated) |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
61 de_stanza.attr.stamp, de_stanza.attr.stamp_legacy = nil, nil; |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
62 session.send(de_stanza); |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
63 else |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
64 table.insert(newdata, stanza); |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
65 end |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
66 end |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
67 datamanager.list_store(node, host, "onhold", newdata); |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
68 return nil; |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
69 end, 5); |
|
b8012f99acfb
Initial commit of mod_onhold, using configuration in prosody config file.
Jeff Mitchell <jeffrey.mitchell@gmail.com>
parents:
diff
changeset
|
70 |
