Annotate

mod_auth_http_async/mod_auth_http_async.lua @ 2116:2bb42ba342f3

mod_firewall: Fix usage of incorrect variable current_time in ORIGIN_MARKED condition (thanks Ge0rG)
author Matthew Wild <mwild1@gmail.com>
date Thu, 17 Mar 2016 12:27:48 +0000
parent 1939:54f9e8663139
child 2159:5e8dec076afc
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1421
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 -- Prosody IM
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
2 -- Copyright (C) 2008-2013 Matthew Wild
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3 -- Copyright (C) 2008-2013 Waqas Hussain
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4 -- Copyright (C) 2014 Kim Alvefur
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
5 --
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
6 -- This project is MIT/X11 licensed. Please see the
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
7 -- COPYING file in the source package for more information.
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
8 --
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
9
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
10 local new_sasl = require "util.sasl".new;
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
11 local base64 = require "util.encodings".base64.encode;
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
12 local waiter =require "util.async".waiter;
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
13 local http = require "net.http";
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
14
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
15 local log = module._log;
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
16 local host = module.host;
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
17
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
18 local api_base = module:get_option_string("http_auth_url", ""):gsub("$host", host);
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
19 if api_base == "" then error("http_auth_url required") end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
20
1938
cfe73f64ad29 mod_auth_http_async: Fix syntax error
Kim Alvefur <zash@zash.se>
parents: 1932
diff changeset
21 local function async_http_request(url, ex)
1927
439711709d29 mod_auth_http_async: Wrap up async http request in a function
Kim Alvefur <zash@zash.se>
parents: 1749
diff changeset
22 local wait, done = waiter();
439711709d29 mod_auth_http_async: Wrap up async http request in a function
Kim Alvefur <zash@zash.se>
parents: 1749
diff changeset
23
439711709d29 mod_auth_http_async: Wrap up async http request in a function
Kim Alvefur <zash@zash.se>
parents: 1749
diff changeset
24 local content, code, request, response;
1930
95bbf3c4aa27 mod_auth_http_async: Don't set global
Kim Alvefur <zash@zash.se>
parents: 1927
diff changeset
25 local function cb(content_, code_, request_, response_)
1927
439711709d29 mod_auth_http_async: Wrap up async http request in a function
Kim Alvefur <zash@zash.se>
parents: 1749
diff changeset
26 content, code, request, response = content_, code_, request_, response_;
439711709d29 mod_auth_http_async: Wrap up async http request in a function
Kim Alvefur <zash@zash.se>
parents: 1749
diff changeset
27 done();
439711709d29 mod_auth_http_async: Wrap up async http request in a function
Kim Alvefur <zash@zash.se>
parents: 1749
diff changeset
28 end
1931
bd5412eb0a6d mod_auth_http_async: Actually do the HTTP request
Kim Alvefur <zash@zash.se>
parents: 1930
diff changeset
29 http.request(url, ex, cb);
1927
439711709d29 mod_auth_http_async: Wrap up async http request in a function
Kim Alvefur <zash@zash.se>
parents: 1749
diff changeset
30 wait();
439711709d29 mod_auth_http_async: Wrap up async http request in a function
Kim Alvefur <zash@zash.se>
parents: 1749
diff changeset
31 return content, code, request, response;
439711709d29 mod_auth_http_async: Wrap up async http request in a function
Kim Alvefur <zash@zash.se>
parents: 1749
diff changeset
32 end
439711709d29 mod_auth_http_async: Wrap up async http request in a function
Kim Alvefur <zash@zash.se>
parents: 1749
diff changeset
33
1421
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
34 local provider = {};
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
35
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
36 function provider.test_password(username, password)
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
37 log("debug", "test password for user %s at host %s", username, host);
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
38
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
39
1927
439711709d29 mod_auth_http_async: Wrap up async http request in a function
Kim Alvefur <zash@zash.se>
parents: 1749
diff changeset
40 local _, code = async_http_request(api_base:gsub("$user", username), {
439711709d29 mod_auth_http_async: Wrap up async http request in a function
Kim Alvefur <zash@zash.se>
parents: 1749
diff changeset
41 headers = { Authorization = "Basic "..base64(username..":"..password); };
439711709d29 mod_auth_http_async: Wrap up async http request in a function
Kim Alvefur <zash@zash.se>
parents: 1749
diff changeset
42 });
1421
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
43
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
44 if code >= 200 and code <= 299 then
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
45 return true;
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
46 else
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
47 module:log("debug", "HTTP auth provider returned status code %d", code);
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
48 return nil, "Auth failed. Invalid username or password.";
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
49 end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
50 end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
51
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
52 function provider.set_password(username, password)
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
53 return nil, "Changing passwords not supported";
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
54 end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
55
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
56 function provider.user_exists(username)
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
57 return true;
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
58 end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
59
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
60 function provider.create_user(username, password)
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
61 return nil, "User creation not supported";
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
62 end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
63
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
64 function provider.delete_user(username)
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
65 return nil , "User deletion not supported";
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
66 end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
67
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
68 function provider.get_sasl_handler()
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
69 return new_sasl(host, {
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
70 plain_test = function(sasl, username, password, realm)
1939
54f9e8663139 mod_auth_http_async: Correctly pass password to provider.test_password (thanks mother)
Kim Alvefur <zash@zash.se>
parents: 1938
diff changeset
71 return provider.test_password(username, password), true;
1421
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
72 end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
73 });
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
74 end
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
75
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
76 module:provides("auth", provider);
295c30e44ba8 mod_auth_http_async: Async HTTP auth module
Kim Alvefur <zash@zash.se>
parents:
diff changeset
77