Annotate

mod_unified_push/mod_unified_push.lua @ 5139:449e4ca4de32

mod_unified_push: Remove dependency on trunk util.jwt (0.12 compat) This should allow the module to work on 0.12, while preserving expiry checking (which was not built in to 0.12's util.jwt).
author Matthew Wild <mwild1@gmail.com>
date Tue, 10 Jan 2023 16:34:21 +0000
parent 5136:67b2c982bea2
child 5146:a86022d702b2
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
5128
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1 local unified_push_secret = assert(module:get_option_string("unified_push_secret"), "required option: unified_push_secret");
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
2 local push_registration_ttl = module:get_option_number("unified_push_registration_ttl", 86400);
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
3
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
4 local base64 = require "util.encodings".base64;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
5 local datetime = require "util.datetime";
5136
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
6 local id = require "util.id";
5139
449e4ca4de32 mod_unified_push: Remove dependency on trunk util.jwt (0.12 compat)
Matthew Wild <mwild1@gmail.com>
parents: 5136
diff changeset
7 local jwt = require "util.jwt";
5128
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
8 local st = require "util.stanza";
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
9 local urlencode = require "util.http".urlencode;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
10
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
11 local xmlns_up = "http://gultsch.de/xmpp/drafts/unified-push";
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
12
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
13 module:depends("http");
5136
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
14 module:depends("disco");
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
15
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
16 module:add_feature(xmlns_up);
5128
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
17
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
18 local function check_sha256(s)
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
19 if not s then return nil, "no value provided"; end
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
20 local d = base64.decode(s);
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
21 if not d then return nil, "invalid base64"; end
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
22 if #d ~= 32 then return nil, "incorrect decoded length, expected 32"; end
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
23 return s;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
24 end
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
25
5139
449e4ca4de32 mod_unified_push: Remove dependency on trunk util.jwt (0.12 compat)
Matthew Wild <mwild1@gmail.com>
parents: 5136
diff changeset
26 -- COMPAT w/0.12
449e4ca4de32 mod_unified_push: Remove dependency on trunk util.jwt (0.12 compat)
Matthew Wild <mwild1@gmail.com>
parents: 5136
diff changeset
27 local function jwt_sign(data)
449e4ca4de32 mod_unified_push: Remove dependency on trunk util.jwt (0.12 compat)
Matthew Wild <mwild1@gmail.com>
parents: 5136
diff changeset
28 return jwt.sign(data, unified_push_secret);
449e4ca4de32 mod_unified_push: Remove dependency on trunk util.jwt (0.12 compat)
Matthew Wild <mwild1@gmail.com>
parents: 5136
diff changeset
29 end
449e4ca4de32 mod_unified_push: Remove dependency on trunk util.jwt (0.12 compat)
Matthew Wild <mwild1@gmail.com>
parents: 5136
diff changeset
30
449e4ca4de32 mod_unified_push: Remove dependency on trunk util.jwt (0.12 compat)
Matthew Wild <mwild1@gmail.com>
parents: 5136
diff changeset
31 -- COMPAT w/0.12: add expiry check
449e4ca4de32 mod_unified_push: Remove dependency on trunk util.jwt (0.12 compat)
Matthew Wild <mwild1@gmail.com>
parents: 5136
diff changeset
32 local function jwt_verify(token)
449e4ca4de32 mod_unified_push: Remove dependency on trunk util.jwt (0.12 compat)
Matthew Wild <mwild1@gmail.com>
parents: 5136
diff changeset
33 local ok, result = jwt.verify(token, unified_push_secret);
449e4ca4de32 mod_unified_push: Remove dependency on trunk util.jwt (0.12 compat)
Matthew Wild <mwild1@gmail.com>
parents: 5136
diff changeset
34 if not ok then
449e4ca4de32 mod_unified_push: Remove dependency on trunk util.jwt (0.12 compat)
Matthew Wild <mwild1@gmail.com>
parents: 5136
diff changeset
35 return ok, result;
449e4ca4de32 mod_unified_push: Remove dependency on trunk util.jwt (0.12 compat)
Matthew Wild <mwild1@gmail.com>
parents: 5136
diff changeset
36 end
449e4ca4de32 mod_unified_push: Remove dependency on trunk util.jwt (0.12 compat)
Matthew Wild <mwild1@gmail.com>
parents: 5136
diff changeset
37 if result.exp and result.exp < os.time() then
449e4ca4de32 mod_unified_push: Remove dependency on trunk util.jwt (0.12 compat)
Matthew Wild <mwild1@gmail.com>
parents: 5136
diff changeset
38 return nil, "token-expired";
449e4ca4de32 mod_unified_push: Remove dependency on trunk util.jwt (0.12 compat)
Matthew Wild <mwild1@gmail.com>
parents: 5136
diff changeset
39 end
449e4ca4de32 mod_unified_push: Remove dependency on trunk util.jwt (0.12 compat)
Matthew Wild <mwild1@gmail.com>
parents: 5136
diff changeset
40 return ok, result;
449e4ca4de32 mod_unified_push: Remove dependency on trunk util.jwt (0.12 compat)
Matthew Wild <mwild1@gmail.com>
parents: 5136
diff changeset
41 end
449e4ca4de32 mod_unified_push: Remove dependency on trunk util.jwt (0.12 compat)
Matthew Wild <mwild1@gmail.com>
parents: 5136
diff changeset
42
5128
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
43 -- Handle incoming registration from XMPP client
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
44 function handle_register(event)
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
45 local origin, stanza = event.origin, event.stanza;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
46 local instance, instance_err = check_sha256(stanza.tags[1].attr.instance);
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
47 if not instance then
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
48 return st.error_reply(stanza, "modify", "bad-request", "instance: "..instance_err);
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
49 end
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
50 local application, application_err = check_sha256(stanza.tags[1].attr.application);
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
51 if not application then
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
52 return st.error_reply(stanza, "modify", "bad-request", "application: "..application_err);
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
53 end
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
54 local expiry = os.time() + push_registration_ttl;
5136
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
55 local url = module:http_url("push").."/"..urlencode(jwt_sign({
5128
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
56 instance = instance;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
57 application = application;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
58 sub = stanza.attr.from;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
59 exp = expiry;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
60 }));
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
61 module:log("debug", "New push registration successful");
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
62 return origin.send(st.reply(stanza):tag("registered", {
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
63 expiration = datetime.datetime(expiry);
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
64 endpoint = url;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
65 xmlns = xmlns_up;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
66 }));
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
67 end
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
68
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
69 module:hook("iq-set/host/"..xmlns_up..":register", handle_register);
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
70
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
71 -- Handle incoming POST
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
72 function handle_push(event, subpath)
5136
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
73 module:log("debug", "Incoming push received!");
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
74 local ok, data = jwt_verify(subpath);
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
75 if not ok then
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
76 module:log("debug", "Received push to unacceptable token (%s)", data);
5128
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
77 return 404;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
78 end
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
79 local payload = event.request.body;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
80 if not payload or payload == "" then
5136
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
81 module:log("warn", "Missing or empty push payload");
5128
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
82 return 400;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
83 elseif #payload > 4096 then
5136
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
84 module:log("warn", "Push payload too large");
5128
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
85 return 413;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
86 end
5136
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
87 local push_id = event.request.id or id.short();
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
88 module:log("debug", "Push notification received [%s], relaying to device...", push_id);
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
89 local push_iq = st.iq({ type = "set", to = data.sub, from = module.host, id = push_id })
5128
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
90 :text_tag("push", base64.encode(payload), { instance = data.instance, application = data.application, xmlns = xmlns_up });
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
91 return module:send_iq(push_iq):next(function ()
5136
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
92 module:log("debug", "Push notification delivered [%s]", push_id);
5128
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
93 return 201;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
94 end, function (error_event)
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
95 local e_type, e_cond, e_text = error_event.stanza:get_error();
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
96 if e_cond == "item-not-found" or e_cond == "feature-not-implemented" then
5136
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
97 module:log("debug", "Push rejected [%s]", push_id);
5128
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
98 return 404;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
99 elseif e_cond == "service-unavailable" or e_cond == "recipient-unavailable" then
5136
67b2c982bea2 mod_unified_push: Various fixes, now working with Conversations
Matthew Wild <mwild1@gmail.com>
parents: 5128
diff changeset
100 module:log("debug", "Recipient temporarily unavailable [%s]", push_id);
5128
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
101 return 503;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
102 end
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
103 module:log("warn", "Unexpected push error response: %s/%s/%s", e_type, e_cond, e_text);
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
104 return 500;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
105 end);
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
106 end
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
107
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
108 module:provides("http", {
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
109 name = "push";
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
110 route = {
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
111 ["GET /*"] = function (event)
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
112 event.response.headers.content_type = "application/json";
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
113 return [[{"unifiedpush":{"version":1}}]];
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
114 end;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
115 ["POST /*"] = handle_push;
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
116 };
7cc0f68b8715 mod_unified_push: Experimenal Unified Push provider
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
117 });