diff --git a/package-lock.json b/package-lock.json index a43529acc..9d48e2403 100644 --- a/package-lock.json +++ b/package-lock.json @@ -10724,8 +10724,8 @@ } }, "lib-jitsi-meet": { - "version": "github:jitsi/lib-jitsi-meet#4fec06db7fc59a88021ec0b409eda47f21c42902", - "from": "github:jitsi/lib-jitsi-meet#4fec06db7fc59a88021ec0b409eda47f21c42902", + "version": "github:jitsi/lib-jitsi-meet#8f9bd254bb3813808e6e1f7974aacc4d1414fcdb", + "from": "github:jitsi/lib-jitsi-meet#8f9bd254bb3813808e6e1f7974aacc4d1414fcdb", "requires": { "@jitsi/sdp-interop": "1.0.3", "@jitsi/sdp-simulcast": "0.3.0", diff --git a/package.json b/package.json index 269bdaf21..68b48b349 100644 --- a/package.json +++ b/package.json @@ -56,7 +56,7 @@ "js-md5": "0.6.1", "js-utils": "github:jitsi/js-utils#cf11996bd866fdb47326c59a5d3bc24be17282d4", "jwt-decode": "2.2.0", - "lib-jitsi-meet": "github:jitsi/lib-jitsi-meet#4fec06db7fc59a88021ec0b409eda47f21c42902", + "lib-jitsi-meet": "github:jitsi/lib-jitsi-meet#8f9bd254bb3813808e6e1f7974aacc4d1414fcdb", "libflacjs": "github:mmig/libflac.js#93d37e7f811f01cf7d8b6a603e38bd3c3810907d", "lodash": "4.17.13", "moment": "2.19.4", diff --git a/resources/prosody-plugins/mod_auth_token.lua b/resources/prosody-plugins/mod_auth_token.lua index 9c8fdff3d..76db97789 100644 --- a/resources/prosody-plugins/mod_auth_token.lua +++ b/resources/prosody-plugins/mod_auth_token.lua @@ -25,15 +25,25 @@ function init_session(event) if query ~= nil then local params = formdecode(query); + + -- The following fields are filled in the session, by extracting them + -- from the query and no validation is beeing done. + -- After validating auth_token will be cleaned in case of error and few + -- other fields will be extracted from the token and set in the session + session.auth_token = query and params.token or nil; -- previd is used together with https://modules.prosody.im/mod_smacks.html -- the param is used to find resumed session and re-use anonymous(random) user id -- (see get_username_from_token) session.previd = query and params.previd or nil; - -- The room name and optional prefix from the bosh query - session.jitsi_bosh_query_room = params.room; - session.jitsi_bosh_query_prefix = params.prefix or ""; + -- The room name and optional prefix from the web query + session.jitsi_web_query_room = params.room; + session.jitsi_web_query_prefix = params.prefix or ""; + + -- Deprecated, you should use jitsi_web_query_room and jitsi_web_query_prefix + session.jitsi_bosh_query_room = session.jitsi_web_query_room; + session.jitsi_bosh_query_prefix = session.jitsi_web_query_prefix; end end @@ -72,6 +82,7 @@ function provider.get_sasl_handler(session) if (res == false) then log("warn", "Error verifying token err:%s, reason:%s", error, reason); + session.auth_token = nil; return res, error, reason; end diff --git a/resources/prosody-plugins/mod_muc_lobby_rooms.lua b/resources/prosody-plugins/mod_muc_lobby_rooms.lua index 95558c900..964ec9cf5 100644 --- a/resources/prosody-plugins/mod_muc_lobby_rooms.lua +++ b/resources/prosody-plugins/mod_muc_lobby_rooms.lua @@ -28,6 +28,9 @@ local jid_bare = require 'util.jid'.bare; local filters = require 'util.filters'; local st = require 'util.stanza'; local MUC_NS = 'http://jabber.org/protocol/muc'; +local DISCO_INFO_NS = 'http://jabber.org/protocol/disco#info'; +local DISPLAY_NAME_REQUIRED_FEATURE = 'http://jitsi.org/protocol/lobbyrooms#displayname_required'; +local LOBBY_IDENTITY_TYPE = 'lobbyrooms'; local is_healthcheck_room = module:require "util".is_healthcheck_room; @@ -42,7 +45,14 @@ if lobby_muc_component_config == nil then return ; end -local whitelist = module:get_option_set("muc_lobby_whitelist", {}); +local whitelist; +local check_display_name_required; +local function load_config() + whitelist = module:get_option_set("muc_lobby_whitelist", {}); + check_display_name_required + = module:get_option_boolean("muc_lobby_check_display_name_required", true); +end +load_config(); local lobby_muc_service; local main_muc_service; @@ -84,6 +94,9 @@ function filter_stanza(stanza) end return nil; + elseif stanza.name == 'iq' and stanza:get_child('query', DISCO_INFO_NS) then + -- allow disco info from the lobby component + return stanza; end return nil; @@ -125,7 +138,24 @@ function process_lobby_muc_loaded(lobby_muc, host_module) filters.add_filter_hook(filter_session); -- Advertise lobbyrooms support on main domain so client can pick up the address and use it - module:add_identity('component', 'lobbyrooms', lobby_muc_component_config); + module:add_identity('component', LOBBY_IDENTITY_TYPE, lobby_muc_component_config); + + -- Tag the disco#info response with a feature that display name is required + -- when the conference name from the web request has a lobby enabled. + host_module:hook("host-disco-info-node", function (event) + local session, reply, node = event.origin, event.reply, event.node; + if node == LOBBY_IDENTITY_TYPE + and session.jitsi_web_query_room + and main_muc_service + and check_display_name_required then + local room = main_muc_service.get_room_from_jid( + jid_bare(session.jitsi_web_query_room .. '@' .. main_muc_component_config)); + if room and room._data.lobbyroom then + reply:tag("feature", { var = DISPLAY_NAME_REQUIRED_FEATURE }):up(); + end + end + event.exists = true; + end); local room_mt = lobby_muc_service.room_mt; -- we base affiliations (roles) in lobby muc component to be based on the roles in the main muc @@ -256,3 +286,25 @@ process_host_module(main_muc_component_config, function(host_module, host) end end, -4); -- the default hook on members_only module is on -5 end); + +-- Extract 'room' param from URL when session is created +function update_session(event) + local session = event.session; + + if session.jitsi_web_query_room then + -- no need for an update + return; + end + + local query = event.request.url.query; + if query ~= nil then + local params = formdecode(query); + -- The room name and optional prefix from the web query + session.jitsi_web_query_room = params.room; + session.jitsi_web_query_prefix = params.prefix or ""; + end +end + +module:hook_global("bosh-session", update_session); +module:hook_global("websocket-session", update_session); +module:hook_global('config-reloaded', load_config); diff --git a/resources/prosody-plugins/mod_muc_poltergeist.lua b/resources/prosody-plugins/mod_muc_poltergeist.lua index 4d6538bd8..0868b7bd4 100644 --- a/resources/prosody-plugins/mod_muc_poltergeist.lua +++ b/resources/prosody-plugins/mod_muc_poltergeist.lua @@ -106,8 +106,8 @@ prosody.events.add_handler("pre-jitsi-authentication", function(session) if (session.jitsi_meet_context_user) then local room = get_room( - session.jitsi_bosh_query_room, - session.jitsi_bosh_query_prefix); + session.jitsi_web_query_room, + session.jitsi_web_query_prefix); if (not room) then return nil; diff --git a/resources/prosody-plugins/mod_token_verification.lua b/resources/prosody-plugins/mod_token_verification.lua index b9e459ba6..ad39557ac 100644 --- a/resources/prosody-plugins/mod_token_verification.lua +++ b/resources/prosody-plugins/mod_token_verification.lua @@ -93,7 +93,8 @@ for event_name, method in pairs { return; end - if not session.auth_token then + -- jitsi_meet_room is set after the token had been verified + if not session.auth_token or not session.jitsi_meet_room then session.send( st.error_reply( stanza, "cancel", "not-allowed", "Room modification disabled for guests"));