diff options
author | onefang | 2022-06-04 09:44:45 +1000 |
---|---|---|
committer | onefang | 2022-06-04 09:44:45 +1000 |
commit | ea324c17430f925e3c77ed1acb5c846135e236b3 (patch) | |
tree | b7abfec68d10ec666284232ffca0b4e4615263f2 /src | |
parent | Add the json builder and parser libaries. (diff) | |
download | opensim-SC-ea324c17430f925e3c77ed1acb5c846135e236b3.zip opensim-SC-ea324c17430f925e3c77ed1acb5c846135e236b3.tar.gz opensim-SC-ea324c17430f925e3c77ed1acb5c846135e236b3.tar.bz2 opensim-SC-ea324c17430f925e3c77ed1acb5c846135e236b3.tar.xz |
Add my version of the Prosody mod_auth_custom_http module.
Diffstat (limited to 'src')
-rw-r--r-- | src/mod_auth_custom_http_onefang/README.markdown | 32 | ||||
-rw-r--r-- | src/mod_auth_custom_http_onefang/mod_auth_custom_http_onefang.lua | 62 |
2 files changed, 94 insertions, 0 deletions
diff --git a/src/mod_auth_custom_http_onefang/README.markdown b/src/mod_auth_custom_http_onefang/README.markdown new file mode 100644 index 0000000..ab79bf5 --- /dev/null +++ b/src/mod_auth_custom_http_onefang/README.markdown | |||
@@ -0,0 +1,32 @@ | |||
1 | --- | ||
2 | summary: HTTP Authentication using custom JSON protocol | ||
3 | ... | ||
4 | |||
5 | Introduction | ||
6 | ============ | ||
7 | |||
8 | To authenticate users, this module does a `POST` request to a configured | ||
9 | URL with a JSON payload. It is not async so requests block the server | ||
10 | until answered. | ||
11 | |||
12 | Configuration | ||
13 | ============= | ||
14 | |||
15 | ``` lua | ||
16 | VirtualHost "example.com" | ||
17 | authentication = "custom_http" | ||
18 | auth_custom_http = { | ||
19 | post_url = "http://api.example.com/auth"; | ||
20 | } | ||
21 | ``` | ||
22 | |||
23 | Protocol | ||
24 | ======== | ||
25 | |||
26 | The JSON payload consists of an object with `username` and `password` | ||
27 | members: | ||
28 | |||
29 | {"username":"john","password":"secr1t"} | ||
30 | |||
31 | The module expects the response body to be exactly `true` if the | ||
32 | username and password are correct. | ||
diff --git a/src/mod_auth_custom_http_onefang/mod_auth_custom_http_onefang.lua b/src/mod_auth_custom_http_onefang/mod_auth_custom_http_onefang.lua new file mode 100644 index 0000000..3d7c130 --- /dev/null +++ b/src/mod_auth_custom_http_onefang/mod_auth_custom_http_onefang.lua | |||
@@ -0,0 +1,62 @@ | |||
1 | -- Prosody IM | ||
2 | -- Copyright (C) 2008-2010 Waqas Hussain | ||
3 | -- | ||
4 | -- This project is MIT/X11 licensed. Please see the | ||
5 | -- COPYING file in the source package for more information. | ||
6 | -- | ||
7 | |||
8 | local new_sasl = require "util.sasl".new; | ||
9 | local json = require "util.json"; | ||
10 | prosody.unlock_globals(); | ||
11 | local http = require "socket.http"; | ||
12 | local https = require "ssl.https"; | ||
13 | prosody.lock_globals(); | ||
14 | |||
15 | local options = module:get_option("auth_custom_http"); | ||
16 | local post_url = options and options.post_url; | ||
17 | assert(post_url, "No HTTP POST URL provided"); | ||
18 | |||
19 | local provider = { name = "custom_http_onefang" }; | ||
20 | |||
21 | function provider.test_password(username, password) | ||
22 | return nil, "Not supported" | ||
23 | end | ||
24 | |||
25 | function provider.get_password(username) | ||
26 | return nil, "Not supported" | ||
27 | end | ||
28 | |||
29 | function provider.set_password(username, password) | ||
30 | return nil, "Not supported" | ||
31 | end | ||
32 | |||
33 | function provider.user_exists(username) | ||
34 | return true; | ||
35 | end | ||
36 | |||
37 | function provider.create_user(username, password) | ||
38 | return nil, "Not supported" | ||
39 | end | ||
40 | |||
41 | function provider.delete_user(username) | ||
42 | return nil, "Not supported" | ||
43 | end | ||
44 | |||
45 | function provider.get_sasl_handler() | ||
46 | local getpass_authentication_profile = { | ||
47 | plain_test = function(sasl, username, password, realm) | ||
48 | local postdata = json.encode({ username = username, password = password }); | ||
49 | local result = ""; | ||
50 | if string.lower(post_url:sub(1, 5)) == "https" then | ||
51 | result = https.request(post_url, postdata); | ||
52 | else | ||
53 | result = http.request(post_url, postdata); | ||
54 | end | ||
55 | return result == "true", true; | ||
56 | end, | ||
57 | }; | ||
58 | return new_sasl(module.host, getpass_authentication_profile); | ||
59 | end | ||
60 | |||
61 | |||
62 | module:provides("auth", provider); | ||