Annotate

mod_isr/mod_isr.lua @ 5704:8cb3da7df521

mod_http_oauth2: Restrict introspection to clients own tokens The introspection code was added before the client hash was added in 0860497152af which allows connecting tokens to clients.
author Kim Alvefur <zash@zash.se>
date Sun, 29 Oct 2023 11:20:15 +0100
parent 5024:1cb762f72a91
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
5024
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1 local st = require "util.stanza";
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
2
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
3 local mod_smacks = module:depends("smacks");
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
4
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
5 local xmlns_sasl2 = "urn:xmpp:sasl:1";
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
6 local xmlns_sm = "urn:xmpp:sm:3";
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
7 local xmlns_isr = "https://xmpp.org/extensions/isr/0";
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
8 local xmlns_errors = "urn:ietf:params:xml:ns:xmpp-stanzas";
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
9
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
10 module:hook_tag(xmlns_sasl2, "authenticate", function (session, auth)
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
11 local isr_resume = auth:get_child("inst-resume", xmlns_isr);
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
12 if not isr_resume then return end
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
13 local is_using_token = isr_resume.attr["with-isr-token"] ~= "false";
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
14 if is_using_token then
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
15 -- TODO: If authing with token, set session.sasl_handler to our own
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
16 -- event.session.sasl_handler = ...
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
17 error("not yet implemented");
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
18 end
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
19
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
20 -- Cache resume element for future processing after SASL success
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
21 session.isr_sm_resume = isr_resume:get_child("resume", "urn:xmpp:sm:3");
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
22 end, 100);
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
23
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
24 module:hook("sasl2/c2s/success", function (event)
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
25 local session = event.session;
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
26 local sm_resume = session.isr_sm_resume;
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
27 if sm_resume then
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
28 session.isr_sm_resume = nil;
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
29 local resumed, err = mod_smacks.do_resume(session, sm_resume);
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
30 if not resumed then
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
31 local failed = st.stanza("failed", { xmlns = xmlns_sm, h = ("%d"):format(err.context.h) })
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
32 :tag(err.condition, { xmlns = xmlns_errors });
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
33 event.success:add_child(failed);
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
34 else
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
35 event.session = resumed.session;
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
36 event.isr_resumed = resumed;
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
37 event.success:tag("resumed", { xmlns = xmlns_sm,
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
38 h = ("%d"):format(event.session.handled_stanza_count);
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
39 previd = resumed.id; }):up();
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
40 end
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
41 end
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
42 end, 100);
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
43
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
44 module:hook("sasl2/c2s/success", function (event)
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
45 -- The authenticate response has already been sent at this point
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
46 local resumed = event.isr_resumed;
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
47 if resumed then
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
48 resumed.finish(); -- Finish resume and sync stanzas
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
49 end
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
50 end, -1100);
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
51
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
52 module:hook("sasl2/c2s/failure", function (event)
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
53 event.session.isr_sm_resume = nil;
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
54 end);
1cb762f72a91 mod_isr: XEP-0397: Instant Stream Resumption
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
55