prosody
c690e3c5105c
plugins/mod_saslauth.lua
Software / code / prosody
Comparison
plugins/mod_saslauth.lua @ 3188:c690e3c5105c
mod_saslauth: Updated to use usermanager.get_sasl_handler.
| author | Waqas Hussain <waqas20@gmail.com> |
|---|---|
| date | Mon, 07 Jun 2010 02:40:14 +0500 |
| parent | 3178:46f5ed897beb |
| child | 3240:9782a222e941 |
comparison
equal
deleted
inserted
replaced
| 3187:a475fbce1990 | 3188:c690e3c5105c |
|---|---|
| 14 local base64 = require "util.encodings".base64; | 14 local base64 = require "util.encodings".base64; |
| 15 | 15 |
| 16 local nodeprep = require "util.encodings".stringprep.nodeprep; | 16 local nodeprep = require "util.encodings".stringprep.nodeprep; |
| 17 local datamanager_load = require "util.datamanager".load; | 17 local datamanager_load = require "util.datamanager".load; |
| 18 local usermanager_get_provider = require "core.usermanager".get_provider; | 18 local usermanager_get_provider = require "core.usermanager".get_provider; |
| 19 local usermanager_get_supported_methods = require "core.usermanager".get_supported_methods; | 19 local usermanager_get_sasl_handler = require "core.usermanager".get_sasl_handler; |
| 20 local usermanager_user_exists = require "core.usermanager".user_exists; | 20 local usermanager_user_exists = require "core.usermanager".user_exists; |
| 21 local usermanager_get_password = require "core.usermanager".get_password; | 21 local usermanager_get_password = require "core.usermanager".get_password; |
| 22 local usermanager_test_password = require "core.usermanager".test_password; | 22 local usermanager_test_password = require "core.usermanager".test_password; |
| 23 local t_concat, t_insert = table.concat, table.insert; | 23 local t_concat, t_insert = table.concat, table.insert; |
| 24 local tostring = tostring; | 24 local tostring = tostring; |
| 65 else | 65 else |
| 66 module:log("error", "Unknown SASL backend: %s", sasl_backend); | 66 module:log("error", "Unknown SASL backend: %s", sasl_backend); |
| 67 error("Unknown SASL backend"); | 67 error("Unknown SASL backend"); |
| 68 end | 68 end |
| 69 | 69 |
| 70 local getpass_authentication_profile = { | |
| 71 plain = function(username, realm) | |
| 72 local prepped_username = nodeprep(username); | |
| 73 if not prepped_username then | |
| 74 log("debug", "NODEprep failed on username: %s", username); | |
| 75 return "", nil; | |
| 76 end | |
| 77 local password = usermanager_get_password(prepped_username, realm); | |
| 78 if not password then | |
| 79 return "", nil; | |
| 80 end | |
| 81 return password, true; | |
| 82 end | |
| 83 }; | |
| 84 | |
| 85 local testpass_authentication_profile = { | |
| 86 plain_test = function(username, password, realm) | |
| 87 local prepped_username = nodeprep(username); | |
| 88 if not prepped_username then | |
| 89 log("debug", "NODEprep failed on username: %s", username); | |
| 90 return "", nil; | |
| 91 end | |
| 92 return usermanager_test_password(prepped_username, password, realm), true; | |
| 93 end | |
| 94 }; | |
| 95 | |
| 96 local anonymous_authentication_profile = { | 70 local anonymous_authentication_profile = { |
| 97 anonymous = function(username, realm) | 71 anonymous = function(username, realm) |
| 98 return true; -- for normal usage you should always return true here | 72 return true; -- for normal usage you should always return true here |
| 99 end | 73 end |
| 100 }; | 74 }; |
| 193 end | 167 end |
| 194 local realm = module:get_option("sasl_realm") or origin.host; | 168 local realm = module:get_option("sasl_realm") or origin.host; |
| 195 if module:get_option("anonymous_login") then | 169 if module:get_option("anonymous_login") then |
| 196 origin.sasl_handler = new_sasl(realm, anonymous_authentication_profile); | 170 origin.sasl_handler = new_sasl(realm, anonymous_authentication_profile); |
| 197 else | 171 else |
| 198 if usermanager_get_provider(realm).get_password then | 172 origin.sasl_handler = usermanager_get_sasl_handler(module.host); |
| 199 origin.sasl_handler = new_sasl(realm, getpass_authentication_profile); | |
| 200 elseif usermanager_get_provider(realm).test_password then | |
| 201 origin.sasl_handler = new_sasl(realm, testpass_authentication_profile); | |
| 202 else | |
| 203 log("warn", "AUTH: Could not load an authentication profile for the given provider."); | |
| 204 end | |
| 205 if not (module:get_option("allow_unencrypted_plain_auth")) and not origin.secure then | 173 if not (module:get_option("allow_unencrypted_plain_auth")) and not origin.secure then |
| 206 origin.sasl_handler:forbidden({"PLAIN"}); | 174 origin.sasl_handler:forbidden({"PLAIN"}); |
| 207 end | 175 end |
| 208 end | 176 end |
| 209 features:tag("mechanisms", mechanisms_attr); | 177 features:tag("mechanisms", mechanisms_attr); |
