Annotate

plugins/muc/occupant_id.lib.lua @ 12998:601d9a375b86

mod_tokenauth: Refactor API to separate tokens and grants This is another iteration on top of the previous sub-tokens work. Essentially, the concept of a "parent token" has been replaced with the concept of a "grant" to which all tokens now belong. The grant does not have any tokens when first created, but the create_token() call can add them.
author Matthew Wild <mwild1@gmail.com>
date Mon, 27 Mar 2023 18:35:57 +0100
parent 12977:74b9e05af71e
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
11215
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1 -- Implementation of https://xmpp.org/extensions/inbox/occupant-id.html
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
2 -- XEP-0421: Anonymous unique occupant identifiers for MUCs
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
3
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
4 -- (C) 2020 Maxime “pep” Buquet <pep@bouah.net>
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
5 -- (C) 2020 Matthew Wild <mwild1@gmail.com>
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
6
12977
74b9e05af71e plugins: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12108
diff changeset
7 local uuid = require "prosody.util.uuid";
74b9e05af71e plugins: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12108
diff changeset
8 local hmac_sha256 = require "prosody.util.hashes".hmac_sha256;
74b9e05af71e plugins: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12108
diff changeset
9 local b64encode = require "prosody.util.encodings".base64.encode;
11215
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
10
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
11 local xmlns_occupant_id = "urn:xmpp:occupant-id:0";
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
12
12108
e9882c4c397f MUC: Add method for getting the occupant id salt to allow reuse
Kim Alvefur <zash@zash.se>
parents: 11215
diff changeset
13 local function get_room_salt(room)
e9882c4c397f MUC: Add method for getting the occupant id salt to allow reuse
Kim Alvefur <zash@zash.se>
parents: 11215
diff changeset
14 local salt = room._data.occupant_id_salt;
e9882c4c397f MUC: Add method for getting the occupant id salt to allow reuse
Kim Alvefur <zash@zash.se>
parents: 11215
diff changeset
15 if not salt then
e9882c4c397f MUC: Add method for getting the occupant id salt to allow reuse
Kim Alvefur <zash@zash.se>
parents: 11215
diff changeset
16 salt = uuid.generate();
e9882c4c397f MUC: Add method for getting the occupant id salt to allow reuse
Kim Alvefur <zash@zash.se>
parents: 11215
diff changeset
17 room._data.occupant_id_salt = salt;
e9882c4c397f MUC: Add method for getting the occupant id salt to allow reuse
Kim Alvefur <zash@zash.se>
parents: 11215
diff changeset
18 end
e9882c4c397f MUC: Add method for getting the occupant id salt to allow reuse
Kim Alvefur <zash@zash.se>
parents: 11215
diff changeset
19 return salt;
e9882c4c397f MUC: Add method for getting the occupant id salt to allow reuse
Kim Alvefur <zash@zash.se>
parents: 11215
diff changeset
20 end
e9882c4c397f MUC: Add method for getting the occupant id salt to allow reuse
Kim Alvefur <zash@zash.se>
parents: 11215
diff changeset
21
11215
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
22 local function get_occupant_id(room, occupant)
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
23 if occupant.stable_id then
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
24 return occupant.stable_id;
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
25 end
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
26
12108
e9882c4c397f MUC: Add method for getting the occupant id salt to allow reuse
Kim Alvefur <zash@zash.se>
parents: 11215
diff changeset
27 local salt = get_room_salt(room)
11215
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
28
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
29 occupant.stable_id = b64encode(hmac_sha256(occupant.bare_jid, salt));
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
30
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
31 return occupant.stable_id;
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
32 end
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
33
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
34 local function update_occupant(event)
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
35 local stanza, room, occupant, dest_occupant = event.stanza, event.room, event.occupant, event.dest_occupant;
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
36
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
37 -- "muc-occupant-pre-change" provides "dest_occupant" but not "occupant".
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
38 if dest_occupant ~= nil then
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
39 occupant = dest_occupant;
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
40 end
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
41
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
42 -- strip any existing <occupant-id/> tags to avoid forgery
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
43 stanza:remove_children("occupant-id", xmlns_occupant_id);
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
44
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
45 local unique_id = get_occupant_id(room, occupant);
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
46 stanza:tag("occupant-id", { xmlns = xmlns_occupant_id, id = unique_id }):up();
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
47 end
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
48
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
49 local function muc_private(event)
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
50 local stanza, room = event.stanza, event.room;
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
51 local occupant = room._occupants[stanza.attr.from];
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
52
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
53 update_occupant({
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
54 stanza = stanza,
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
55 room = room,
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
56 occupant = occupant,
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
57 });
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
58 end
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
59
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
60 if module:get_option_boolean("muc_occupant_id", true) then
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
61 module:add_feature(xmlns_occupant_id);
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
62 module:hook("muc-disco#info", function (event)
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
63 event.reply:tag("feature", { var = xmlns_occupant_id }):up();
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
64 end);
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
65
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
66 module:hook("muc-broadcast-presence", update_occupant);
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
67 module:hook("muc-occupant-pre-join", update_occupant);
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
68 module:hook("muc-occupant-pre-change", update_occupant);
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
69 module:hook("muc-occupant-groupchat", update_occupant);
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
70 module:hook("muc-private-message", muc_private);
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
71 end
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
72
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
73 return {
12108
e9882c4c397f MUC: Add method for getting the occupant id salt to allow reuse
Kim Alvefur <zash@zash.se>
parents: 11215
diff changeset
74 get_room_salt = get_room_salt;
11215
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
75 get_occupant_id = get_occupant_id;
9ce0a899ff07 MUC: Merge mod_muc_occupant_id into a sub-module (thanks pep.!)
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
76 };