verse
50d0bd035bb7
util/sasl/oauthbearer.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / verse

File

util/sasl/oauthbearer.lua @ 498:50d0bd035bb7

util.sasl.oauthbearer: Don't send authzid It's not needed and not recommended in XMPP unless we want to act as someone other than who we authenticate as. We find out the JID during resource binding.
author Kim Alvefur <zash@zash.se>
date Fri, 23 Jun 2023 12:09:49 +0200
parent 496:c4ae7aa2958a
line wrap: on
line source


return function (stream, name)
	if name == "OAUTHBEARER" then
		return function (stream)
			local auth = stream.bearer_token and ("Bearer "..stream.bearer_token) or "";
			local message, data = coroutine.yield("n,,\001auth="..auth.."\001\001");
			if message == "success" then
				return true;
			elseif message == "challenge" then
				stream:event("oauth-failure", {
					json = data;
				});
				-- Note: No code after the yield should generally execute, as "failure"
				-- doesn't get passed through to us (it contains no data anyway)
				if coroutine.yield("\001") ~= "failure" then
					error("Unexpected SASL state: expected failure after challenge");
				end
				return false;
			end
		end, stream.bearer_token and 6 or 4; -- Prefer OAUTHBEARER if we have a token, otherwise prefer password if we have one
	end
end