prosody-modules
694f8fab07d4
mod_auth_http_async/mod_auth_http_async.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

File

mod_auth_http_async/mod_auth_http_async.lua @ 6251:694f8fab07d4

: mod_sasl2*** : Update Compability for all of them diff --git a/mod_sasl2/README.md b/mod_sasl2/README.md --- a/mod_sasl2/README.md +++ b/mod_sasl2/README.md @@ -31,6 +31,7 @@ This module requires Prosody **trunk** a Prosody Version Status ----------------------- ---------------- - trunk as of 2024-11-24 Works + trunk as of 2025-05-25 Works + 0.13 Works 0.12 Does not work ----------------------- ---------------- diff --git a/mod_sasl2_bind2/README.md b/mod_sasl2_bind2/README.md --- a/mod_sasl2_bind2/README.md +++ b/mod_sasl2_bind2/README.md @@ -16,5 +16,6 @@ This module depends on [mod_sasl2]. It e Prosody-Version Status --------------- ---------------------- - trunk Works as of 2024-12-21 + trunk Works as of 2025-05-25 + 0.13 Works 0.12 Does not work diff --git a/mod_sasl2_fast/README.md b/mod_sasl2_fast/README.md --- a/mod_sasl2_fast/README.md +++ b/mod_sasl2_fast/README.md @@ -33,5 +33,6 @@ clients being logged out unexpectedly. Prosody-Version Status --------------- ---------------------- - trunk Works as of 2024-12-21 + trunk Works as of 2025-05-25 + 0.13 Work 0.12 Does not work diff --git a/mod_sasl2_sm/README.md b/mod_sasl2_sm/README.md --- a/mod_sasl2_sm/README.md +++ b/mod_sasl2_sm/README.md @@ -17,5 +17,6 @@ configuration options. Prosody-Version Status --------------- ---------------------- - trunk Works as of 2024-12-21 + trunk Works as of 2025-05-25 + 0.13 Work 0.12 Does not work diff --git a/mod_sasl_ssdp/README.md b/mod_sasl_ssdp/README.md --- a/mod_sasl_ssdp/README.md +++ b/mod_sasl_ssdp/README.md @@ -18,8 +18,8 @@ There are no configuration options for t # Compatibility -For SASL2 (XEP-0388) clients, it is compatible with the mod_sasl2 community module. - -For clients using RFC 6120 SASL, it requires Prosody trunk 33e5edbd6a4a or -later. It is not compatible with Prosody 0.12 (it will load, but simply -won't do anything) for "legacy SASL". + Prosody-Version Status + --------------- ---------------------- + trunk Works as of 2025-05-25 + 0.13 Works + 0.12 Does not work
author Menel <menel@snikket.de>
date Mon, 12 May 2025 11:07:45 +0200
parent 2811:39156d6f7268
line wrap: on
line source

-- Prosody IM
-- Copyright (C) 2008-2013 Matthew Wild
-- Copyright (C) 2008-2013 Waqas Hussain
-- Copyright (C) 2014 Kim Alvefur
--
-- This project is MIT/X11 licensed. Please see the
-- COPYING file in the source package for more information.
--

local new_sasl = require "util.sasl".new;
local base64 = require "util.encodings".base64.encode;
local have_async, async = pcall(require, "util.async");

local log = module._log;
local host = module.host;

local api_base = module:get_option_string("http_auth_url",  ""):gsub("$host", host);
if api_base == "" then error("http_auth_url required") end

local provider = {};

-- globals required by socket.http
if rawget(_G, "PROXY") == nil then
	rawset(_G, "PROXY", false)
end
if rawget(_G, "base_parsed") == nil then
	rawset(_G, "base_parsed", false)
end
if not have_async then -- FINE! Set your globals then
	prosody.unlock_globals()
	require "ltn12"
	require "socket"
	require "socket.http"
	require "ssl.https"
	prosody.lock_globals()
end

local function async_http_auth(url, username, password)
	module:log("debug", "async_http_auth()");
	local http = require "net.http";
	local wait, done = async.waiter();
	local content, code, request, response;
	local ex = {
		headers = { Authorization = "Basic "..base64(username..":"..password); };
	}
	local function cb(content_, code_, request_, response_)
		content, code, request, response = content_, code_, request_, response_;
		done();
	end
	http.request(url, ex, cb);
	wait();
	if code >= 200 and code <= 299 then
		module:log("debug", "HTTP auth provider confirmed valid password");
		return true;
	else
		module:log("debug", "HTTP auth provider returned status code %d", code);
	end
	return nil, "Auth failed. Invalid username or password.";
end

local function sync_http_auth(url,username, password)
	module:log("debug", "sync_http_auth()");
	require "ltn12";
	local http = require "socket.http";
	local https = require "ssl.https";
	local request;
	if string.sub(url, 1, string.len('https')) == 'https' then
		request = https.request;
	else
		request = http.request;
	end
	local _, code, headers, status = request{
		url = url,
		headers = { Authorization = "Basic "..base64(username..":"..password);  }
	};
	if type(code) == "number" and code >= 200 and code <= 299 then
		module:log("debug", "HTTP auth provider confirmed valid password");
		return true;
	else
		module:log("debug", "HTTP auth provider returned status code: "..code);
	end
	return nil, "Auth failed. Invalid username or password.";
end

function provider.test_password(username, password)
	local url = api_base:gsub("$user", username):gsub("$password", password);
	log("debug", "Testing password for user %s at host %s with URL %s", username, host, url);
	if (have_async) then
		return async_http_auth(url, username, password);
	else
		return sync_http_auth(url, username, password);
	end
end

function provider.users()
	return function()
		return nil;
	end
end

function provider.set_password(username, password)
	return nil, "Changing passwords not supported";
end

function provider.user_exists(username)
	return true;
end

function provider.create_user(username, password)
	return nil, "User creation not supported";
end

function provider.delete_user(username)
	return nil , "User deletion not supported";
end

function provider.get_sasl_handler()
	return new_sasl(host, {
		plain_test = function(sasl, username, password, realm)
			return provider.test_password(username, password), true;
		end
	});
end

module:provides("auth", provider);