Mercurial > prosody-modules
changeset 6364:9c110fbecd86
mod_auth_oauth_external: Record existence of users
This allows iterating over users as well as existence checks.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sat, 17 Jan 2026 05:14:25 +0100 |
| parents | 8f65b23a5fd2 |
| children | 42866d42e267 |
| files | mod_auth_oauth_external/mod_auth_oauth_external.lua |
| diffstat | 1 files changed, 25 insertions(+), 9 deletions(-) [+] |
line wrap: on
line diff
--- a/mod_auth_oauth_external/mod_auth_oauth_external.lua Sat Jan 17 05:13:09 2026 +0100 +++ b/mod_auth_oauth_external/mod_auth_oauth_external.lua Sat Jan 17 05:14:25 2026 +0100 @@ -27,9 +27,12 @@ } --]] +local accounts = module:open_store("accounts"); + local host = module.host; local provider = {}; +-- TODO remove, not needed after https://hg.prosody.im/trunk/rev/01f95f3de6fc local function not_implemented() return nil, "method not implemented" end @@ -42,18 +45,29 @@ provider.create_user = not_implemented; provider.delete_user = not_implemented; -function provider.user_exists(_username) - -- Can this even be done in a generic way in OAuth 2? - -- OIDC and WebFinger perhaps? - return true; +function provider.get_account_info(username) + local account = accounts:get(username); + if not account then return nil, "Account not available"; end + return { + created = account.created; + password_updated = account.updated; + enabled = not account.disabled; + }; +end + +function provider.user_exists(username) + local account, err = accounts:get(username); + if err then + return nil, err; + elseif account then + return true; + else + return false + end end function provider.users() - -- TODO this could be done by recording known users locally - return function () - module:log("debug", "User iteration not supported"); - return nil; - end + return accounts:users(); end function provider.get_sasl_handler() @@ -86,6 +100,7 @@ -- We're not going to get more info, only the username self.username = jid.escape(username); self.token_info = token_resp; + accounts:set(self.username, { exists = true }); return true, true; end local ret, err = async.wait_for(self.profile.http_client:request(validation_endpoint, @@ -104,6 +119,7 @@ end self.username = jid.escape(response[username_field]); self.token_info = response; + accounts:set(self.username, { exists = true }); return true, true; end end
