Software / code / verse
Changeset
477:b0a8d4e9934e
sasl: Add oauthbearer mechanism
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Fri, 17 Mar 2023 12:25:58 +0000 |
| parents | 476:c34b263499be |
| children | 478:cf6626a12e0e |
| files | util/sasl/oauthbearer.lua |
| diffstat | 1 files changed, 22 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/util/sasl/oauthbearer.lua Fri Mar 17 12:25:58 2023 +0000 @@ -0,0 +1,22 @@ + +return function (stream, name) + if name == "OAUTHBEARER" and stream.username then + return function (stream) + local auth = stream.bearer_token and ("Bearer "..stream.bearer_token) or ""; + local message, data = coroutine.yield("n,a="..stream.username.."@"..stream.host..",\001auth="..auth.."\001"); + if message == "success" then + return true; + elseif message == "challenge" then + stream:event("oauth-failure", { + json = data; + }); + -- Note: No code after the yield should generally execute, as "failure" + -- doesn't get passed through to us (it contains no data anyway) + if coroutine.yield("\001") ~= "failure" then + error("Unexpected SASL state: expected failure after challenge"); + end + return false; + end + end, stream.bearer_token and 6 or 4; -- Prefer OAUTHBEARER if we have a token, otherwise prefer password if we have one + end +end
