Software /
code /
prosody-modules
Diff
mod_rest/mod_rest.lua @ 3971:ae5ac41c391d
mod_rest: Improve auth error reporting
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sun, 12 Apr 2020 18:07:16 +0200 |
parent | 3933:93147b89ea67 |
child | 4036:04c11b652aeb |
line wrap: on
line diff
--- a/mod_rest/mod_rest.lua Tue Apr 07 22:11:52 2020 +0200 +++ b/mod_rest/mod_rest.lua Sun Apr 12 18:07:16 2020 +0200 @@ -116,6 +116,8 @@ end local post_errors = { + noauthz = { code = 401, type = "auth", condition = "not-authorized", text = "No credentials provided" }, + unauthz = { code = 403, type = "auth", condition = "not-authorized", text = "Credentials not accepted" }, parse = { code = 400, condition = "not-well-formed", text = "Failed to parse payload", }, xmlns = { code = 422, condition = "invalid-namespace", text = "'xmlns' attribute must be empty", }, name = { code = 422, condition = "unsupported-stanza-type", text = "Invalid stanza, must be 'message', 'presence' or 'iq'.", }, @@ -133,11 +135,11 @@ if not request.headers.authorization then response.headers.www_authenticate = www_authenticate_header; - return 401; + return errors.new("noauthz", nil, post_errors); else origin = check_credentials(request); if not origin then - return 401; + return errors.new("unauthz", nil, post_errors); end from = jid.join(origin.username, origin.host, origin.resource); end