# HG changeset patch
# User Matthew Wild <mwild1@gmail.com>
# Date 1677675368 0
# Node ID 44a78985471f803254e0093075645c5aea370317
# Parent  ab1164eda011ca5f1f64dfd0f04ec62958ee192f
mod_saslauth: Support for SASL handlers forcing a specific resource

The token layer supports tokens that are tied to a given resource.

diff -r ab1164eda011 -r 44a78985471f plugins/mod_saslauth.lua
--- a/plugins/mod_saslauth.lua	Wed Mar 01 12:55:00 2023 +0000
+++ b/plugins/mod_saslauth.lua	Wed Mar 01 12:56:08 2023 +0000
@@ -54,6 +54,7 @@
 	elseif status == "success" then
 		local ok, err = sm_make_authenticated(session, session.sasl_handler.username, session.sasl_handler.role);
 		if ok then
+			session.sasl_resource = session.sasl_handler.resource;
 			module:fire_event("authentication-success", { session = session });
 			session.sasl_handler = nil;
 			session:reset_stream();
@@ -374,14 +375,15 @@
 
 module:hook("stanza/iq/urn:ietf:params:xml:ns:xmpp-bind:bind", function(event)
 	local origin, stanza = event.origin, event.stanza;
-	local resource;
-	if stanza.attr.type == "set" then
+	local resource = origin.sasl_resource;
+	if stanza.attr.type == "set" and not resource then
 		local bind = stanza.tags[1];
 		resource = bind:get_child("resource");
 		resource = resource and #resource.tags == 0 and resource[1] or nil;
 	end
 	local success, err_type, err, err_msg = sm_bind_resource(origin, resource);
 	if success then
+		origin.sasl_resource = nil;
 		origin.send(st.reply(stanza)
 			:tag("bind", { xmlns = xmlns_bind })
 			:tag("jid"):text(origin.full_jid));