verse
50d0bd035bb7
plugins/legacy.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / verse

File

plugins/legacy.lua @ 498:50d0bd035bb7

util.sasl.oauthbearer: Don't send authzid It's not needed and not recommended in XMPP unless we want to act as someone other than who we authenticate as. We find out the JID during resource binding.
author Kim Alvefur <zash@zash.se>
date Fri, 23 Jun 2023 12:09:49 +0200
parent 490:6b2f31da9610
line wrap: on
line source

local verse = require "verse";
local new_id = require "prosody.util.id".short;

local xmlns_auth = "jabber:iq:auth";

function verse.plugins.legacy(stream)
	local function handle_auth_form(result)
		local query = result:get_child("query", xmlns_auth);
		if result.attr.type ~= "result" or not query then
			local type, cond, text = result:get_error();
                       stream:debug("warn", "%s %s: %s", type, cond, text);
                       --stream:event("authentication-failure", { condition = cond });
                       -- COMPAT continue anyways
		end
		local auth_data = {
			username = stream.username;
			password = stream.password;
			resource = stream.resource or new_id();
			digest = false, sequence = false, token = false;
		};
		local request = verse.iq({ to = stream.host, type = "set" })
			:tag("query", { xmlns = xmlns_auth });
               if #query > 0 then
		for tag in query:childtags() do
			local field = tag.name;
			local value = auth_data[field];
			if value then
				request:tag(field):text(auth_data[field]):up();
			elseif value == nil then
				local cond = "feature-not-implemented";
				stream:event("authentication-failure", { condition = cond });
				return false;
			end
		end
               else -- COMPAT for servers not following XEP 78
                       for field, value in pairs(auth_data) do
                               if value then
                                       request:tag(field):text(value):up();
                               end
                       end
               end
		stream:send_iq(request, function (response)
			if response.attr.type == "result" then
				stream.resource = auth_data.resource;
				stream.jid = auth_data.username.."@"..stream.host.."/"..auth_data.resource;
				stream:event("authentication-success");
				stream:event("bind-success", stream.jid);
			else
				local type, cond, text = response:get_error();
				stream:event("authentication-failure", { condition = cond });
			end
		end);
	end

	local function handle_opened(attr)
		if not attr.version then
			stream:send_iq(verse.iq({type="get"})
				:tag("query", { xmlns = "jabber:iq:auth" })
					:tag("username"):text(stream.username),
				handle_auth_form);
		end
	end
	stream:hook("opened", handle_opened);
end