Changeset

2629:a11568bfaf4c

mod_auth_http_async: For sync calls, use LuaSockets' HTTP lib
author JC Brand <jc@opkode.com>
date Tue, 21 Mar 2017 09:14:03 +0000
parents 2628:fbb26a56a667
children 2630:96eb1c4f9ff7
files mod_auth_http_async/mod_auth_http_async.lua
diffstat 1 files changed, 52 insertions(+), 27 deletions(-) [+]
line wrap: on
line diff
--- a/mod_auth_http_async/mod_auth_http_async.lua	Tue Mar 21 04:48:37 2017 +0100
+++ b/mod_auth_http_async/mod_auth_http_async.lua	Tue Mar 21 09:14:03 2017 +0000
@@ -8,9 +8,10 @@
 --
 
 local new_sasl = require "util.sasl".new;
+local http = require "socket.http";
+local https = require "ssl.https";
 local base64 = require "util.encodings".base64.encode;
 local have_async, async = pcall(require, "util.async");
-local http = require "net.http";
 
 local log = module._log;
 local host = module.host;
@@ -18,47 +19,71 @@
 local api_base = module:get_option_string("http_auth_url",  ""):gsub("$host", host);
 if api_base == "" then error("http_auth_url required") end
 
-local function async_http_request(url, ex)
+local provider = {};
+
+-- globals required by socket.http
+if rawget(_G, "PROXY") == nil then
+	rawset(_G, "PROXY", false)
+end
+if rawget(_G, "base_parsed") == nil then
+	rawset(_G, "base_parsed", false)
+end
+
+local function async_http_auth(url, username, password)
 	local wait, done = async.waiter();
 	local content, code, request, response;
+	local ex = {
+		headers = { Authorization = "Basic "..base64(username..":"..password); };
+	}
 	local function cb(content_, code_, request_, response_)
 		content, code, request, response = content_, code_, request_, response_;
 		done();
 	end
 	http.request(url, ex, cb);
 	wait();
-	return content, code, request, response;
+	if code >= 200 and code <= 299 then
+		module:log("debug", "HTTP auth provider confirmed valid password");
+		return true;
+	else
+		module:log("debug", "HTTP auth provider returned status code %d", code);
+	end
+	return nil, "Auth failed. Invalid username or password.";
 end
 
-local provider = {};
+local function sync_http_auth(url)
+	local request;
+	if string.sub(url, 1, string.len('https')) == 'https' then
+		request = https.request;
+	else
+		request = http.request;
+	end
+	local _, code, headers, status = request{
+		url = url,
+		headers = { ACCEPT = "application/json, text/plain, */*"; }
+	};
+	if type(code) == "number" and code >= 200 and code <= 299 then
+		module:log("debug", "HTTP auth provider confirmed valid password");
+		return true;
+	else
+		module:log("debug", "HTTP auth provider returned status code: "..code);
+	end
+	return nil, "Auth failed. Invalid username or password.";
+end
 
 function provider.test_password(username, password)
-	local url = api_base:gsub("$user", username);
+	local url = api_base:gsub("$user", username):gsub("$password", password);
 	log("debug", "Testing password for user %s at host %s with URL %s", username, host, url);
-	local ex = {
-		headers = { Authorization = "Basic "..base64(username..":"..password); };
-	}
 	if (have_async) then
-	    local _, code = async_http_request(url, ex);
-	    if code >= 200 and code <= 299 then
-			module:log("debug", "HTTP auth provider confirmed valid password");
-	        return true;
-	    else
-	        module:log("debug", "HTTP auth provider returned status code %d", code);
-	    end
+		return async_http_auth(url, username, password);
 	else
-	    local ok, err = http.request(url, ex, function(body, code)
-			if code >= 200 and code <= 299 then
-				module:log("debug", "HTTP auth provider confirmed valid password");
-			else
-				module:log("debug", "HTTP auth provider returned status code %d", code);
-			end
-		end);
-	    if ok then
-	        return true;
-	    end
+		return sync_http_auth(url);
 	end
-	return nil, "Auth failed. Invalid username or password.";
+end
+
+function provider.users()
+	return function()
+		return nil;
+	end
 end
 
 function provider.set_password(username, password)
@@ -84,5 +109,5 @@
 		end
 	});
 end
-	
+
 module:provides("auth", provider);