prosody-modules
9d88c3d9eea5
mod_extdisco/mod_extdisco.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

File

mod_extdisco/mod_extdisco.lua @ 6281:9d88c3d9eea5

mod_http_oauth2: Enforce the registered grant types Thus a client can limit itself to certain grant types. Not sure if this prevents any attacks, but what was the point of including this in the registration if it was not going to be enforced? This became easier to do with client_id being available earlier.
author Kim Alvefur <zash@zash.se>
date Mon, 02 Jun 2025 20:55:20 +0200
parent 3606:7811ba467525
line wrap: on
line source

local st = require "util.stanza";

local services = module:get_option("external_services");

local xmlns_extdisco_1 = "urn:xmpp:extdisco:1";
local xmlns_extdisco_2 = "urn:xmpp:extdisco:2";

module:add_feature(xmlns_extdisco_1);
module:add_feature(xmlns_extdisco_2);

local function handle_services(event)
	local origin, stanza = event.origin, event.stanza;
	local service = stanza.tags[1];
	local service_type = service.attr.type;
	local reply = st.reply(stanza):tag("services", { xmlns = service.attr.xmlns });
	for host, service_info in pairs(services) do
		if not(service_type) or service_info.type == service_type then
			reply:tag("service", {
				host = host;
				port = service_info.port;
				transport = service_info.transport;
				type = service_info.type;
				username = service_info.username;
				password = service_info.password;
			}):up();
		end
	end
	origin.send(reply);
	return true;
end
module:hook("iq-get/host/"..xmlns_extdisco_1..":services", handle_services);
module:hook("iq-get/host/"..xmlns_extdisco_2..":services", handle_services);

local function handle_credentials(event)
	local origin, stanza = event.origin, event.stanza;
	local credentials = stanza.tags[1];
	local host = credentials.attr.host;
	if not host then
		origin.send(st.error_reply(stanza, "cancel", "bad-request", "No host specified"));
		return true;
	end
	local service_info = services[host];
	if not service_info then
		origin.send(st.error_reply(stanza, "cancel", "item-not-found", "No such service known"));
		return true;
	end
	local reply = st.reply(stanza)
		:tag("credentials", { xmlns = credentials.attr.xmlns })
			:tag("service", {
				host = host;
				username = service_info.username;
				password = service_info.password;
			}):up();
	origin.send(reply);
	return true;
end
module:hook("iq-get/host/"..xmlns_extdisco_1..":credentials", handle_credentials);
module:hook("iq-get/host/"..xmlns_extdisco_2..":credentials", handle_credentials);