Software / code / verse
Annotate
plugins/legacy.lua @ 498:50d0bd035bb7
util.sasl.oauthbearer: Don't send authzid
It's not needed and not recommended in XMPP unless we want to act as
someone other than who we authenticate as. We find out the JID during
resource binding.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Fri, 23 Jun 2023 12:09:49 +0200 |
| parent | 490:6b2f31da9610 |
| rev | line source |
|---|---|
| 250 | 1 local verse = require "verse"; |
|
490
6b2f31da9610
Update for new Prosody module namespace
Kim Alvefur <zash@zash.se>
parents:
457
diff
changeset
|
2 local new_id = require "prosody.util.id".short; |
|
152
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
4 local xmlns_auth = "jabber:iq:auth"; |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 function verse.plugins.legacy(stream) |
|
381
65533afab352
plugins.legacy: Make functions local
Kim Alvefur <zash@zash.se>
parents:
380
diff
changeset
|
7 local function handle_auth_form(result) |
|
152
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 local query = result:get_child("query", xmlns_auth); |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
9 if result.attr.type ~= "result" or not query then |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
10 local type, cond, text = result:get_error(); |
|
169
4bb1e9c91fbe
plugins.legacy: Try to login anyways, compat for servers not supporting XEP 78 properly.
Kim Alvefur <zash@zash.se>
parents:
152
diff
changeset
|
11 stream:debug("warn", "%s %s: %s", type, cond, text); |
|
4bb1e9c91fbe
plugins.legacy: Try to login anyways, compat for servers not supporting XEP 78 properly.
Kim Alvefur <zash@zash.se>
parents:
152
diff
changeset
|
12 --stream:event("authentication-failure", { condition = cond }); |
|
4bb1e9c91fbe
plugins.legacy: Try to login anyways, compat for servers not supporting XEP 78 properly.
Kim Alvefur <zash@zash.se>
parents:
152
diff
changeset
|
13 -- COMPAT continue anyways |
|
152
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
14 end |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
15 local auth_data = { |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
16 username = stream.username; |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
17 password = stream.password; |
|
457
73d4eb93657b
Update to use util.id for random ids instead of counters (thanks Zash)
Matthew Wild <mwild1@gmail.com>
parents:
381
diff
changeset
|
18 resource = stream.resource or new_id(); |
|
152
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
19 digest = false, sequence = false, token = false; |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
20 }; |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
21 local request = verse.iq({ to = stream.host, type = "set" }) |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
22 :tag("query", { xmlns = xmlns_auth }); |
|
169
4bb1e9c91fbe
plugins.legacy: Try to login anyways, compat for servers not supporting XEP 78 properly.
Kim Alvefur <zash@zash.se>
parents:
152
diff
changeset
|
23 if #query > 0 then |
|
152
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
24 for tag in query:childtags() do |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
25 local field = tag.name; |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
26 local value = auth_data[field]; |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
27 if value then |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
28 request:tag(field):text(auth_data[field]):up(); |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
29 elseif value == nil then |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
30 local cond = "feature-not-implemented"; |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
31 stream:event("authentication-failure", { condition = cond }); |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
32 return false; |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
33 end |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
34 end |
|
169
4bb1e9c91fbe
plugins.legacy: Try to login anyways, compat for servers not supporting XEP 78 properly.
Kim Alvefur <zash@zash.se>
parents:
152
diff
changeset
|
35 else -- COMPAT for servers not following XEP 78 |
|
4bb1e9c91fbe
plugins.legacy: Try to login anyways, compat for servers not supporting XEP 78 properly.
Kim Alvefur <zash@zash.se>
parents:
152
diff
changeset
|
36 for field, value in pairs(auth_data) do |
|
4bb1e9c91fbe
plugins.legacy: Try to login anyways, compat for servers not supporting XEP 78 properly.
Kim Alvefur <zash@zash.se>
parents:
152
diff
changeset
|
37 if value then |
|
4bb1e9c91fbe
plugins.legacy: Try to login anyways, compat for servers not supporting XEP 78 properly.
Kim Alvefur <zash@zash.se>
parents:
152
diff
changeset
|
38 request:tag(field):text(value):up(); |
|
4bb1e9c91fbe
plugins.legacy: Try to login anyways, compat for servers not supporting XEP 78 properly.
Kim Alvefur <zash@zash.se>
parents:
152
diff
changeset
|
39 end |
|
4bb1e9c91fbe
plugins.legacy: Try to login anyways, compat for servers not supporting XEP 78 properly.
Kim Alvefur <zash@zash.se>
parents:
152
diff
changeset
|
40 end |
|
4bb1e9c91fbe
plugins.legacy: Try to login anyways, compat for servers not supporting XEP 78 properly.
Kim Alvefur <zash@zash.se>
parents:
152
diff
changeset
|
41 end |
|
152
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
42 stream:send_iq(request, function (response) |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
43 if response.attr.type == "result" then |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
44 stream.resource = auth_data.resource; |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
45 stream.jid = auth_data.username.."@"..stream.host.."/"..auth_data.resource; |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
46 stream:event("authentication-success"); |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
47 stream:event("bind-success", stream.jid); |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
48 else |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
49 local type, cond, text = response:get_error(); |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
50 stream:event("authentication-failure", { condition = cond }); |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
51 end |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
52 end); |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
53 end |
| 380 | 54 |
|
381
65533afab352
plugins.legacy: Make functions local
Kim Alvefur <zash@zash.se>
parents:
380
diff
changeset
|
55 local function handle_opened(attr) |
|
152
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
56 if not attr.version then |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
57 stream:send_iq(verse.iq({type="get"}) |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
58 :tag("query", { xmlns = "jabber:iq:auth" }) |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
59 :tag("username"):text(stream.username), |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
60 handle_auth_form); |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
61 end |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
62 end |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
63 stream:hook("opened", handle_opened); |
|
55ea7ffafd7f
plugins.legacy: Support for legacy non-SASL authentication :(
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
64 end |
