jiti-meet/resources/prosody-plugins/mod_auth_jitsi-anonymous.lua

79 lines
2.0 KiB
Lua

-- Anonymous authentication with extras:
-- * session resumption
-- Copyright (C) 2021-present 8x8, Inc.
local generate_random_id = require "util.id".medium;
local new_sasl = require "util.sasl".new;
local sasl = require "util.sasl";
local sessions = prosody.full_sessions;
-- define auth provider
local provider = {};
function provider.test_password(username, password)
return nil, "Password based auth not supported";
end
function provider.get_password(username)
return nil;
end
function provider.set_password(username, password)
return nil, "Set password not supported";
end
function provider.user_exists(username)
return nil;
end
function provider.create_user(username, password)
return nil;
end
function provider.delete_user(username)
return nil;
end
function provider.get_sasl_handler(session)
-- Custom session matching so we can resume session even with randomly
-- generated user IDs.
local function get_username(self, message)
if (session.previd ~= nil) then
for _, session1 in pairs(sessions) do
if (session1.resumption_token == session.previd) then
self.username = session1.username;
break;
end
end
else
self.username = message;
end
return true;
end
return new_sasl(module.host, { anonymous = get_username });
end
module:provides("auth", provider);
local function anonymous(self, message)
-- Same as the vanilla anonymous auth plugin
local username = generate_random_id():lower();
-- This calls the handler created in 'provider.get_sasl_handler(session)'
local result, err, msg = self.profile.anonymous(self, username, self.realm);
if result == true then
if (self.username == nil) then
-- Session was not resumed
self.username = username;
end
return "success";
else
return "failure", err, msg;
end
end
sasl.registerMechanism("ANONYMOUS", {"anonymous"}, anonymous);