prosody
72f7bb3f30d3
util/sasl/external.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

File

util/sasl/external.lua @ 12601:72f7bb3f30d3

net.resolvers.basic: Add opt-out argument for DNSSEC security status This makes explicit which lookups can accept an unsigned response. Insecure (unsigned, as before DNSSEC) A and AAAA records can be used as security would come from TLS, but an insecure TLSA record is worthless.
author Kim Alvefur <zash@zash.se>
date Tue, 02 Aug 2022 16:08:43 +0200
parent 8555:4f0f5b49bb03
child 12975:d10957394a3c
line wrap: on
line source

local saslprep = require "util.encodings".stringprep.saslprep;

local _ENV = nil;
-- luacheck: std none

local function external(self, message)
	message = saslprep(message);
	local state
	self.username, state = self.profile.external(message);

	if state == false then
		return "failure", "account-disabled";
	elseif state == nil  then
		return "failure", "not-authorized";
	elseif state == "expired" then
		return "false", "credentials-expired";
	end

	return "success";
end

local function init(registerMechanism)
	registerMechanism("EXTERNAL", {"external"}, external);
end

return {
	init = init;
}