Add pre and post validation for users that want to use their own public keys
This commit is contained in:
parent
10c2652a4f
commit
92e6cf7618
|
@ -74,17 +74,27 @@ function provider.delete_user(username)
|
|||
return nil;
|
||||
end
|
||||
|
||||
function provider.get_sasl_handler(session)
|
||||
|
||||
local function get_username_from_token(self, message)
|
||||
local res, error, reason = token_util:process_and_verify_token(session);
|
||||
|
||||
if (res == false) then
|
||||
local function validate_result(session, res, error, reason)
|
||||
if res == false then
|
||||
log("warn",
|
||||
"Error verifying token err:%s, reason:%s", error, reason);
|
||||
session.auth_token = nil;
|
||||
return res, error, reason;
|
||||
end
|
||||
end
|
||||
|
||||
function provider.get_sasl_handler(session)
|
||||
|
||||
local function get_username_from_token(self, message)
|
||||
|
||||
-- retrieve custom public key from server and save it on the session
|
||||
local event_result = prosody.events.fire_event("pre-jitsi-authentication-fetch-key", session);
|
||||
if event_result ~= nil then
|
||||
validate_result(session,event_result.res, event_result.error, event_result.reason)
|
||||
end
|
||||
|
||||
local res, error, reason = token_util:process_and_verify_token(session);
|
||||
validate_result(session, res, error, reason);
|
||||
|
||||
local customUsername
|
||||
= prosody.events.fire_event("pre-jitsi-authentication", session);
|
||||
|
@ -102,6 +112,11 @@ function provider.get_sasl_handler(session)
|
|||
self.username = message;
|
||||
end
|
||||
|
||||
local event_result = prosody.events.fire_event("post-jitsi-authentication", session);
|
||||
if event_result ~= nil then
|
||||
validate_result(session,event_result.res, event_result.error, event_result.reason)
|
||||
end
|
||||
|
||||
return res;
|
||||
end
|
||||
|
||||
|
|
|
@ -301,7 +301,10 @@ function Util:process_and_verify_token(session, acceptedIssuers)
|
|||
end
|
||||
|
||||
local pubKey;
|
||||
if self.asapKeyServer and session.auth_token ~= nil then
|
||||
if session.public_key then
|
||||
module:log("debug","Public key was found on the session");
|
||||
pubKey = session.public_key;
|
||||
elseif self.asapKeyServer and session.auth_token ~= nil then
|
||||
local dotFirst = session.auth_token:find("%.");
|
||||
if not dotFirst then return nil, "Invalid token" end
|
||||
local header, err = json_safe.decode(basexx.from_url64(session.auth_token:sub(1,dotFirst-1)));
|
||||
|
|
Loading…
Reference in New Issue