Comparison

mod_rest/mod_rest.lua @ 3802:f88e07630e4e

mod_rest: Add support for simple Bearer token auth Token specified in config
author Kim Alvefur <zash@zash.se>
date Tue, 31 Dec 2019 03:37:46 +0100
parent 3801:d59fb4dcf100
child 3803:dc2b5a412286
comparison
equal deleted inserted replaced
3801:d59fb4dcf100 3802:f88e07630e4e
11 local st = require "util.stanza"; 11 local st = require "util.stanza";
12 local xml = require "util.xml"; 12 local xml = require "util.xml";
13 13
14 local allow_any_source = module:get_host_type() == "component"; 14 local allow_any_source = module:get_host_type() == "component";
15 local validate_from_addresses = module:get_option_boolean("validate_from_addresses", true); 15 local validate_from_addresses = module:get_option_boolean("validate_from_addresses", true);
16 local secret = assert(module:get_option_string("rest_credentials"), "rest_credentials is a required setting");
17 local auth_type = assert(secret:match("^%S+"), "Format of rest_credentials MUST be like 'Bearer secret'");
18 assert(auth_type == "Bearer", "Only 'Bearer' is supported in rest_credentials");
19
20 -- Bearer token
21 local function check_credentials(request)
22 return request.headers.authorization == secret;
23 end
16 24
17 local function handle_post(event) 25 local function handle_post(event)
18 local request, response = event.request, event.response; 26 local request, response = event.request, event.response;
27 if not request.headers.authorization then
28 response.headers.www_authenticate = ("%s realm=%q"):format(auth_type, module.host.."/"..module.name);
29 return 401;
30 elseif not check_credentials(request) then
31 return 401;
32 end
19 if request.headers.content_type ~= "application/xmpp+xml" then 33 if request.headers.content_type ~= "application/xmpp+xml" then
20 return errors.new({ code = 415, text = "'application/xmpp+xml' expected" }); 34 return errors.new({ code = 415, text = "'application/xmpp+xml' expected" });
21 end 35 end
22 local payload, err = xml.parse(request.body); 36 local payload, err = xml.parse(request.body);
23 if not payload then 37 if not payload then