view mod_auth_http_async/mod_auth_http_async.lua @ 2494:d300ae5dba87

mod_smacks: Fix some bugs with smacks-ack-delayed event triggering. The old code had several flaws which are addressed here. First of all this fixes the if statement guarding the event generation There where some timing glitches addressed by this commit as well.
author tmolitor <thilo@eightysoft.de>
date Sun, 12 Feb 2017 21:23:22 +0100
parents b2a198665946
children a11568bfaf4c
line wrap: on
line source

-- Prosody IM
-- Copyright (C) 2008-2013 Matthew Wild
-- Copyright (C) 2008-2013 Waqas Hussain
-- Copyright (C) 2014 Kim Alvefur
--
-- This project is MIT/X11 licensed. Please see the
-- COPYING file in the source package for more information.
--

local new_sasl = require "util.sasl".new;
local base64 = require "util.encodings".base64.encode;
local have_async, async = pcall(require, "util.async");
local http = require "net.http";

local log = module._log;
local host = module.host;

local api_base = module:get_option_string("http_auth_url",  ""):gsub("$host", host);
if api_base == "" then error("http_auth_url required") end

local function async_http_request(url, ex)
	local wait, done = async.waiter();
	local content, code, request, response;
	local function cb(content_, code_, request_, response_)
		content, code, request, response = content_, code_, request_, response_;
		done();
	end
	http.request(url, ex, cb);
	wait();
	return content, code, request, response;
end

local provider = {};

function provider.test_password(username, password)
	local url = api_base:gsub("$user", username);
	log("debug", "Testing password for user %s at host %s with URL %s", username, host, url);
	local ex = {
		headers = { Authorization = "Basic "..base64(username..":"..password); };
	}
	if (have_async) then
	    local _, code = async_http_request(url, ex);
	    if code >= 200 and code <= 299 then
			module:log("debug", "HTTP auth provider confirmed valid password");
	        return true;
	    else
	        module:log("debug", "HTTP auth provider returned status code %d", code);
	    end
	else
	    local ok, err = http.request(url, ex, function(body, code)
			if code >= 200 and code <= 299 then
				module:log("debug", "HTTP auth provider confirmed valid password");
			else
				module:log("debug", "HTTP auth provider returned status code %d", code);
			end
		end);
	    if ok then
	        return true;
	    end
	end
	return nil, "Auth failed. Invalid username or password.";
end

function provider.set_password(username, password)
	return nil, "Changing passwords not supported";
end

function provider.user_exists(username)
	return true;
end

function provider.create_user(username, password)
	return nil, "User creation not supported";
end

function provider.delete_user(username)
	return nil , "User deletion not supported";
end

function provider.get_sasl_handler()
	return new_sasl(host, {
		plain_test = function(sasl, username, password, realm)
			return provider.test_password(username, password), true;
		end
	});
end
	
module:provides("auth", provider);