Software /
code /
prosody-modules
Comparison
mod_s2s_auth_posh/mod_s2s_auth_posh.lua @ 3288:3eee4029ac6c
mod_s2s_auth_posh: Follow reference
https://tools.ietf.org/html/rfc7711#section-3.2
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sat, 25 Aug 2018 20:02:40 +0200 |
parent | 3287:f0e19a77f81e |
child | 3289:f2037a754480 |
comparison
equal
deleted
inserted
replaced
3287:f0e19a77f81e | 3288:3eee4029ac6c |
---|---|
44 log("debug", "Session direction: %s", tostring(host_session.direction)); | 44 log("debug", "Session direction: %s", tostring(host_session.direction)); |
45 | 45 |
46 local url = build_url { scheme = "https", host = target_host, path = "/.well-known/posh/xmpp-server.json" }; | 46 local url = build_url { scheme = "https", host = target_host, path = "/.well-known/posh/xmpp-server.json" }; |
47 | 47 |
48 log("debug", "Request POSH information for %s", tostring(target_host)); | 48 log("debug", "Request POSH information for %s", tostring(target_host)); |
49 http.request(url, nil, function (response, code) | 49 local redirect_followed = false; |
50 local function cb (response, code) | |
50 if code ~= 200 then | 51 if code ~= 200 then |
51 log("debug", "No or invalid POSH response received"); | 52 log("debug", "No or invalid POSH response received"); |
52 resume(); | 53 resume(); |
53 return; | 54 return; |
54 end | 55 end |
57 if not jwk or type(jwk) ~= "table" then | 58 if not jwk or type(jwk) ~= "table" then |
58 log("error", "POSH response is not valid JSON!\n%s", tostring(response)); | 59 log("error", "POSH response is not valid JSON!\n%s", tostring(response)); |
59 resume(); | 60 resume(); |
60 return; | 61 return; |
61 end | 62 end |
63 if type(jwk.url) == "string" then | |
64 if redirect_followed then | |
65 redirect_followed = true; | |
66 http.request(jwk.url, nil, cb); | |
67 else | |
68 log("error", "POSH had invalid redirect:\n%s", tostring(response)); | |
69 resume(); | |
70 return; | |
71 end | |
72 end | |
73 | |
62 host_session.posh = { orig = response }; | 74 host_session.posh = { orig = response }; |
63 jwk.expires = os.time() + tonumber(jwk.expires) or 3600; | 75 jwk.expires = os.time() + tonumber(jwk.expires) or 3600; |
64 host_session.posh.jwk = jwk; | 76 host_session.posh.jwk = jwk; |
65 cache:set(target_host, jwk); | 77 cache:set(target_host, jwk); |
66 resume(); | 78 resume(); |
67 end) | 79 end |
80 http.request(url, nil, cb); | |
68 return true; | 81 return true; |
69 end | 82 end |
70 | 83 |
71 -- Do POSH authentication | 84 -- Do POSH authentication |
72 module:hook("s2s-check-certificate", function (event) | 85 module:hook("s2s-check-certificate", function (event) |