File

mod_http_health/mod_http_health.lua @ 5738:8488ebde5739

mod_http_oauth2: Skip consent screen if requested by client and same scopes already granted This follows the intent behind the OpenID Connect 'prompt' parameter when it does not include the 'consent' keyword, that is the client wishes to skip the consent screen. If the user has already granted the exact same scopes to the exact same client in the past, then one can assume that they may grant it again.
author Kim Alvefur <zash@zash.se>
date Tue, 14 Nov 2023 23:03:37 +0100
parent 5712:09233b625cb9
line wrap: on
line source

module:set_global();

local ip = require "util.ip";

local modulemanager = require "core.modulemanager";

local permitted_ips = module:get_option_set("http_health_allow_ips", { "::1", "127.0.0.1" });
local permitted_cidr = module:get_option_string("http_health_allow_cidr");

local function is_permitted(request)
	local ip_raw = request.ip;
	if permitted_ips:contains(ip_raw) or
	   (permitted_cidr and ip.match(ip.new_ip(ip_raw), ip.parse_cidr(permitted_cidr))) then
		return true;
	end
	return false;
end

module:provides("http", {
	route = {
		GET = function(event)
			local request = event.request;
			if not is_permitted(request) then
				return 403; -- Forbidden
			end

			for host in pairs(prosody.hosts) do
				local mods = modulemanager.get_modules(host);
				for _, mod in pairs(mods) do
					if mod.module.status_type == "error" then
						return { status_code = 500; headers = { content_type = "text/plain" }; body = "HAS ERRORS\n" };
					end
				end
			end

			return { status_code = 200; headers = { content_type = "text/plain" }; body = "OK\n" };
		end;
	};
});