prosody
c4599a7c534c
plugins/mod_external_services.lua
Software / code / prosody
Comparison
plugins/mod_external_services.lua @ 11753:c4599a7c534c
mod_external_services: Validate required attributes on credentials requests
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sun, 29 Aug 2021 23:26:19 +0200 |
| parent | 11628:0807e835d3b5 |
| child | 11754:21a9b3f2a728 |
comparison
equal
deleted
inserted
replaced
| 11752:6427e2642976 | 11753:c4599a7c534c |
|---|---|
| 173 local function handle_credentials(event) | 173 local function handle_credentials(event) |
| 174 local origin, stanza = event.origin, event.stanza; | 174 local origin, stanza = event.origin, event.stanza; |
| 175 local action = stanza.tags[1]; | 175 local action = stanza.tags[1]; |
| 176 | 176 |
| 177 if origin.type ~= "c2s" then | 177 if origin.type ~= "c2s" then |
| 178 origin.send(st.error_reply(stanza, "auth", "forbidden")); | 178 origin.send(st.error_reply(stanza, "auth", "forbidden", "The 'port' and 'type' attributes are required.")); |
| 179 return true; | 179 return true; |
| 180 end | 180 end |
| 181 | 181 |
| 182 local reply = st.reply(stanza):tag("credentials", { xmlns = action.attr.xmlns }); | 182 local reply = st.reply(stanza):tag("credentials", { xmlns = action.attr.xmlns }); |
| 183 local extras = module:get_host_items("external_service"); | 183 local extras = module:get_host_items("external_service"); |
| 186 return item.restricted; | 186 return item.restricted; |
| 187 end) | 187 end) |
| 188 | 188 |
| 189 local requested_credentials = {}; | 189 local requested_credentials = {}; |
| 190 for service in action:childtags("service") do | 190 for service in action:childtags("service") do |
| 191 if not service.attr.type or not service.attr.host then | |
| 192 origin.send(st.error_reply(stanza, "modify", "bad-request")); | |
| 193 return true; | |
| 194 end | |
| 195 | |
| 191 table.insert(requested_credentials, { | 196 table.insert(requested_credentials, { |
| 192 type = service.attr.type; | 197 type = service.attr.type; |
| 193 host = service.attr.host; | 198 host = service.attr.host; |
| 194 port = tonumber(service.attr.port); | 199 port = tonumber(service.attr.port); |
| 195 }); | 200 }); |
