Software /
code /
prosody-modules
Comparison
mod_s2s_auth_posh/mod_s2s_auth_posh.lua @ 3225:517c7f0333e3
mod_s2s_auth_posh: Add a command for generating the JSON file
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Mon, 13 Aug 2018 03:35:42 +0200 |
parent | 3205:7bfb25111ea6 |
child | 3287:f0e19a77f81e |
comparison
equal
deleted
inserted
replaced
3224:b7aa8630438e | 3225:517c7f0333e3 |
---|---|
112 end | 112 end |
113 end | 113 end |
114 | 114 |
115 log("debug", "POSH authentication failed!"); | 115 log("debug", "POSH authentication failed!"); |
116 end); | 116 end); |
117 | |
118 function module.command(arg) | |
119 if not arg[1] then | |
120 print("Usage: mod_s2s_auth_posh /path/to/cert.pem") | |
121 return 1; | |
122 end | |
123 local jwkset = { fingerprints = { }; expires = 86400; } | |
124 | |
125 for i, cert_file in ipairs(arg) do | |
126 local cert, err = io.open(cert_file); | |
127 if not cert then | |
128 io.stderr:write(err, "\n"); | |
129 return 1; | |
130 end | |
131 local cert_pem = cert:read("*a"); | |
132 local cert_der, typ = pem2der(cert_pem); | |
133 if typ == "CERTIFICATE" then | |
134 table.insert(jwkset.fingerprints, { ["sha-256"] = base64.encode(hashes.sha256(cert_der)); }); | |
135 elseif typ then | |
136 io.stderr:write(cert_file, " contained a ", typ:lower(), ", was expecting a certificate\n"); | |
137 return 1; | |
138 else | |
139 io.stderr:write(cert_file, " did not contain a certificate in PEM format\n"); | |
140 return 1; | |
141 end | |
142 end | |
143 print(json.encode(jwkset)); | |
144 return 0; | |
145 end | |
146 |