Mercurial > prosody-modules
view mod_auth_token/test_token_auth.lua @ 6352:525655adfd3e
mod_report_affiliations: Fix traceback a non-user is sending a presence
For now we won’t touch their presence instead of emiting this traceback:
error Traceback[s2s]: /usr/lib/prosody/core/rostermanager.lua:275: attempt to concatenate a nil value (local 'username')
stack traceback:
/usr/lib/prosody/core/rostermanager.lua:275: in function 'prosody.core.rostermanager.is_user_subscribed'
...ules/mod_report_affiliations/mod_report_affiliations.lua:116: in field '?'
/usr/lib/prosody/util/events.lua:81: in function </usr/lib/prosody/util/events.lua:77>
(...tail calls...)
/usr/lib/prosody/core/stanza_router.lua:184: in upvalue 'core_post_stanza'
/usr/lib/prosody/modules/mod_presence.lua:244: in function </usr/lib/prosody/modules/mod_presence.lua:231>
(...tail calls...)
/usr/lib/prosody/util/events.lua:81: in function </usr/lib/prosody/util/events.lua:77>
(...tail calls...)
/usr/lib/prosody/core/stanza_router.lua:188: in upvalue 'core_post_stanza'
/usr/lib/prosody/core/stanza_router.lua:128: in upvalue 'core_process_stanza'
/usr/lib/prosody/modules/mod_s2s.lua:818: in upvalue 'func'
/usr/lib/prosody/util/async.lua:149: in function </usr/lib/prosody/util/async.lua:147>
| author | Link Mauve <linkmauve@linkmauve.fr> |
|---|---|
| date | Tue, 30 Dec 2025 13:19:43 +0100 |
| parents | d0ca211e1b0e |
| children |
line wrap: on
line source
local base64 = require "util.encodings".base64; local hmac = require "openssl.hmac"; local luatz = require "luatz"; local luaunit = require "luaunit"; local uuid = require "uuid"; local otp = require "otp"; local mock = require "mock"; local pkey = require "openssl.pkey"; local token_utils = dofile("token_auth_utils.lib.lua"); math.randomseed(os.time()) local OTP_SEED = 'E3W374VRSFO4NVKE'; function generate_token(jid, key) local nonce = ''; for i=1,32 do nonce = nonce..math.random(9); end local utc_time_table = luatz.gmtime(luatz.time()); local totp = otp.new_totp_from_key( OTP_SEED, token_utils.OTP_DIGITS, token_utils.OTP_INTERVAL ):generate(0, utc_time_table); local hmac_ctx = hmac.new(key, token_utils.DIGEST_TYPE) local signature = hmac_ctx:final(totp..nonce..jid) return totp..nonce..' '..base64.encode(signature) end function test_token_verification() -- Test verification of a valid token local key = uuid(); local result = token_utils.verify_token( 'root', generate_token('root@localhost', key), 'localhost', OTP_SEED, key ) luaunit.assert_is(result, true) end function test_token_is_valid_only_once() local key = uuid(); local token = generate_token('root@localhost', key); local result = token_utils.verify_token( 'root', token, 'localhost', OTP_SEED, key ) luaunit.assert_is(result, true) result = token_utils.verify_token( 'root', token, 'localhost', OTP_SEED, key ) luaunit.assert_is(result, false) end function test_token_expiration() -- Test that a token expires after (at most) the configured interval plus -- any amount of deviations. local key = uuid(); local token = generate_token('root@localhost', key); -- Wait two ticks of the interval window and then check that the token is -- no longer valid. mock.mock(os); os.time.replace(function () return os.time.original() + (token_utils.OTP_INTERVAL + (token_utils.OTP_DEVIATION * token_utils.OTP_INTERVAL)); end) result = token_utils.verify_token( 'root', token, 'localhost', OTP_SEED, key ) mock.unmock(os); luaunit.assert_is(result, false) end os.exit(luaunit.LuaUnit.run())
