mirrors/prosody
1
0
Fork 0
mirror of https://github.com/bjc/prosody.git synced 2025-04-04 13:47:41 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

mod_tokenauth: Add SASL handler backend that can accept and verify tokens

Browse source 
This is designed for use by other modules that want to accept tokens issued
by mod_tokenauth, without duplicating all the necessary logic.
This commit is contained in:
Matthew Wild 2023-03-01 13:04:36 +00:00
parent f3d152eb1b
commit b435f6d52a
1 changed files with 18 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

18
plugins/mod_tokenauth.lua
View file

@ -122,3 +122,21 @@ function revoke_token(token)
end end
return token_store:set(token_user, token_id, nil); return token_store:set(token_user, token_id, nil);
end end
function sasl_handler(auth_provider, purpose, extra)
return function (_, username, token, realm)
local token_info, err = get_token_info(token);
if not token_info then
module:log("debug", "SASL handler failed to verify token: %s", err);
return nil, nil, extra;
end
local token_user, token_host = jid.split(token_info.jid);
if username ~= token_user or realm ~= token_host or (purpose and token_info.purpose ~= purpose) then
return nil, nil, extra;
end
if auth_provider.is_enabled and not auth_provider.is_enabled(username) then
return true, false, token_info;
end
return true, true, token_info;
end;
end