Add my version of the Prosody mod_auth_custom_http module.

author: onefang 2022-06-04 09:44:45 +1000
committer: onefang 2022-06-04 09:44:45 +1000
commit: ea324c17430f925e3c77ed1acb5c846135e236b3 (patch)
tree: b7abfec68d10ec666284232ffca0b4e4615263f2
parent: Add the json builder and parser libaries. (diff)
download: opensim-SC-ea324c17430f925e3c77ed1acb5c846135e236b3.zip
opensim-SC-ea324c17430f925e3c77ed1acb5c846135e236b3.tar.gz
opensim-SC-ea324c17430f925e3c77ed1acb5c846135e236b3.tar.bz2
opensim-SC-ea324c17430f925e3c77ed1acb5c846135e236b3.tar.xz
2 files changed, 94 insertions, 0 deletions
diff --git a/src/mod_auth_custom_http_onefang/README.markdown b/src/mod_auth_custom_http_onefang/README.markdown
new file mode 100644
index 0000000..ab79bf5
--- /dev/null
+++ b/src/mod_auth_custom_http_onefang/README.markdown
@@ -0,0 +1,32 @@
+---
+summary: HTTP Authentication using custom JSON protocol
+...
+Introduction
+============
+To authenticate users, this module does a `POST` request to a configured
+URL with a JSON payload. It is not async so requests block the server
+until answered.
+Configuration
+=============
+``` lua
+VirtualHost "example.com"
+authentication = "custom_http"
+auth_custom_http = {
+  post_url = "http://api.example.com/auth";
+}
+```
+Protocol
+========
+The JSON payload consists of an object with `username` and `password`
+members:
+    {"username":"john","password":"secr1t"}
+The module expects the response body to be exactly `true` if the
+username and password are correct.
diff --git a/src/mod_auth_custom_http_onefang/mod_auth_custom_http_onefang.lua b/src/mod_auth_custom_http_onefang/mod_auth_custom_http_onefang.lua
new file mode 100644
index 0000000..3d7c130
--- /dev/null
+++ b/src/mod_auth_custom_http_onefang/mod_auth_custom_http_onefang.lua
@@ -0,0 +1,62 @@
+-- Prosody IM
+-- Copyright (C) 2008-2010 Waqas Hussain
+--
+-- This project is MIT/X11 licensed. Please see the
+-- COPYING file in the source package for more information.
+--
+local new_sasl = require "util.sasl".new;
+local json = require "util.json";
+prosody.unlock_globals();
+local http = require "socket.http";
+local https = require "ssl.https";
+prosody.lock_globals();
+local options = module:get_option("auth_custom_http");
+local post_url = options and options.post_url;
+assert(post_url, "No HTTP POST URL provided");
+local provider = { name = "custom_http_onefang" };
+function provider.test_password(username, password)
+        return nil, "Not supported"
+end
+function provider.get_password(username)
+        return nil, "Not supported"
+end
+function provider.set_password(username, password)
+        return nil, "Not supported"
+end
+function provider.user_exists(username)
+        return true;
+end
+function provider.create_user(username, password)
+        return nil, "Not supported"
+end
+function provider.delete_user(username)
+        return nil, "Not supported"
+end
+function provider.get_sasl_handler()
+        local getpass_authentication_profile = {
+                plain_test = function(sasl, username, password, realm)
+                        local postdata = json.encode({ username = username, password = password });
+                        local result = "";
+                        if string.lower(post_url:sub(1, 5)) == "https" then
+                                result = https.request(post_url, postdata);
+                        else
+                                result = http.request(post_url, postdata);
+                        end
+                        return result == "true", true;
+                end,
+        };
+        return new_sasl(module.host, getpass_authentication_profile);
+end
+module:provides("auth", provider);
author	onefang	2022-06-04 09:44:45 +1000
committer	onefang	2022-06-04 09:44:45 +1000
commit	ea324c17430f925e3c77ed1acb5c846135e236b3 (patch)
tree	b7abfec68d10ec666284232ffca0b4e4615263f2
parent	Add the json builder and parser libaries. (diff)
download	opensim-SC-ea324c17430f925e3c77ed1acb5c846135e236b3.zip opensim-SC-ea324c17430f925e3c77ed1acb5c846135e236b3.tar.gz opensim-SC-ea324c17430f925e3c77ed1acb5c846135e236b3.tar.bz2 opensim-SC-ea324c17430f925e3c77ed1acb5c846135e236b3.tar.xz

diff --git a/src/mod_auth_custom_http_onefang/README.markdown b/src/mod_auth_custom_http_onefang/README.markdown new file mode 100644 index 0000000..ab79bf5 --- /dev/null +++ b/src/mod_auth_custom_http_onefang/README.markdown
@@ -0,0 +1,32 @@
	1	---
	2	summary: HTTP Authentication using custom JSON protocol
	3	...
	4
	5	Introduction
	6	============
	7
	8	To authenticate users, this module does a `POST` request to a configured
	9	URL with a JSON payload. It is not async so requests block the server
	10	until answered.
	11
	12	Configuration
	13	=============
	14
	15	``` lua
	16	VirtualHost "example.com"
	17	authentication = "custom_http"
	18	auth_custom_http = {
	19	post_url = "http://api.example.com/auth";
	20	}
	21	```
	22
	23	Protocol
	24	========
	25
	26	The JSON payload consists of an object with `username` and `password`
	27	members:
	28
	29	{"username":"john","password":"secr1t"}
	30
	31	The module expects the response body to be exactly `true` if the
	32	username and password are correct.


diff --git a/src/mod_auth_custom_http_onefang/mod_auth_custom_http_onefang.lua b/src/mod_auth_custom_http_onefang/mod_auth_custom_http_onefang.lua new file mode 100644 index 0000000..3d7c130 --- /dev/null +++ b/src/mod_auth_custom_http_onefang/mod_auth_custom_http_onefang.lua
@@ -0,0 +1,62 @@
	1	-- Prosody IM
	2	-- Copyright (C) 2008-2010 Waqas Hussain
	3	--
	4	-- This project is MIT/X11 licensed. Please see the
	5	-- COPYING file in the source package for more information.
	6	--
	7
	8	local new_sasl = require "util.sasl".new;
	9	local json = require "util.json";
	10	prosody.unlock_globals();
	11	local http = require "socket.http";
	12	local https = require "ssl.https";
	13	prosody.lock_globals();
	14
	15	local options = module:get_option("auth_custom_http");
	16	local post_url = options and options.post_url;
	17	assert(post_url, "No HTTP POST URL provided");
	18
	19	local provider = { name = "custom_http_onefang" };
	20
	21	function provider.test_password(username, password)
	22	return nil, "Not supported"
	23	end
	24
	25	function provider.get_password(username)
	26	return nil, "Not supported"
	27	end
	28
	29	function provider.set_password(username, password)
	30	return nil, "Not supported"
	31	end
	32
	33	function provider.user_exists(username)
	34	return true;
	35	end
	36
	37	function provider.create_user(username, password)
	38	return nil, "Not supported"
	39	end
	40
	41	function provider.delete_user(username)
	42	return nil, "Not supported"
	43	end
	44
	45	function provider.get_sasl_handler()
	46	local getpass_authentication_profile = {
	47	plain_test = function(sasl, username, password, realm)
	48	local postdata = json.encode({ username = username, password = password });
	49	local result = "";
	50	if string.lower(post_url:sub(1, 5)) == "https" then
	51	result = https.request(post_url, postdata);
	52	else
	53	result = http.request(post_url, postdata);
	54	end
	55	return result == "true", true;
	56	end,
	57	};
	58	return new_sasl(module.host, getpass_authentication_profile);
	59	end
	60
	61
	62	module:provides("auth", provider);