Software /
code /
prosody-modules
Comparison
mod_auth_cyrus/mod_auth_cyrus.lua @ 4710:099dcdb732b1
mod_auth_cyrus: Import from Prosody rev 8f1e7fd55e7b
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sun, 17 Oct 2021 17:08:07 +0200 |
child | 4926:b8366e31c829 |
comparison
equal
deleted
inserted
replaced
4709:679f1834dbdb | 4710:099dcdb732b1 |
---|---|
1 -- Prosody IM | |
2 -- Copyright (C) 2008-2010 Matthew Wild | |
3 -- Copyright (C) 2008-2010 Waqas Hussain | |
4 -- | |
5 -- This project is MIT/X11 licensed. Please see the | |
6 -- COPYING file in the source package for more information. | |
7 -- | |
8 -- luacheck: ignore 212 | |
9 | |
10 local log = require "util.logger".init("auth_cyrus"); | |
11 | |
12 local usermanager_user_exists = require "core.usermanager".user_exists; | |
13 | |
14 local cyrus_service_realm = module:get_option("cyrus_service_realm"); | |
15 local cyrus_service_name = module:get_option("cyrus_service_name"); | |
16 local cyrus_application_name = module:get_option("cyrus_application_name"); | |
17 local require_provisioning = module:get_option("cyrus_require_provisioning") or false; | |
18 local host_fqdn = module:get_option("cyrus_server_fqdn"); | |
19 | |
20 prosody.unlock_globals(); --FIXME: Figure out why this is needed and | |
21 -- why cyrussasl isn't caught by the sandbox | |
22 local cyrus_new = require "util.sasl_cyrus".new; | |
23 prosody.lock_globals(); | |
24 local new_sasl = function(realm) | |
25 return cyrus_new( | |
26 cyrus_service_realm or realm, | |
27 cyrus_service_name or "xmpp", | |
28 cyrus_application_name or "prosody", | |
29 host_fqdn | |
30 ); | |
31 end | |
32 | |
33 do -- diagnostic | |
34 local list; | |
35 for mechanism in pairs(new_sasl(module.host):mechanisms()) do | |
36 list = (not(list) and mechanism) or (list..", "..mechanism); | |
37 end | |
38 if not list then | |
39 module:log("error", "No Cyrus SASL mechanisms available"); | |
40 else | |
41 module:log("debug", "Available Cyrus SASL mechanisms: %s", list); | |
42 end | |
43 end | |
44 | |
45 local host = module.host; | |
46 | |
47 -- define auth provider | |
48 local provider = {}; | |
49 log("debug", "initializing default authentication provider for host '%s'", host); | |
50 | |
51 function provider.test_password(username, password) | |
52 return nil, "Legacy auth not supported with Cyrus SASL."; | |
53 end | |
54 | |
55 function provider.get_password(username) | |
56 return nil, "Passwords unavailable for Cyrus SASL."; | |
57 end | |
58 | |
59 function provider.set_password(username, password) | |
60 return nil, "Passwords unavailable for Cyrus SASL."; | |
61 end | |
62 | |
63 function provider.user_exists(username) | |
64 if require_provisioning then | |
65 return usermanager_user_exists(username, host); | |
66 end | |
67 return true; | |
68 end | |
69 | |
70 function provider.create_user(username, password) | |
71 return nil, "Account creation/modification not available with Cyrus SASL."; | |
72 end | |
73 | |
74 function provider.get_sasl_handler() | |
75 local handler = new_sasl(host); | |
76 if require_provisioning then | |
77 function handler.require_provisioning(username) | |
78 return usermanager_user_exists(username, host); | |
79 end | |
80 end | |
81 return handler; | |
82 end | |
83 | |
84 module:provides("auth", provider); | |
85 |