-local function password_callback(node, host, mechanism, raw_host)
- local password = (datamanager.load(node, host, "accounts") or {}).password; -- FIXME handle hashed passwords
- local func = function(x) return x; end;
- if password then
- if mechanism == "PLAIN" then
- return func, password;
- elseif mechanism == "DIGEST-MD5" then
- return func, md5(node..":"..raw_host..":"..password);
+local function credentials_callback(mechanism, ...)
+ if mechanism == "PLAIN" then
+ local username, hostname, password = ...;
+ username = nodeprep(username);
+ if not username then
+ return false;
+ end
+ local response = usermanager_validate_credentials(hostname, username, password, mechanism);
+ if response == nil then
+ return false;
+ else
+ return response;
+ end
+ elseif mechanism == "DIGEST-MD5" then
+ local function func(x) return x; end
+ local node, domain, realm, decoder = ...;
+ local prepped_node = nodeprep(node);
+ if not prepped_node then
+ return func, nil;
+ end
+ local password = usermanager_get_password(prepped_node, domain);
+ if password then
+ if decoder then
+ node, realm, password = decoder(node), decoder(realm), decoder(password);
+ end
+ return func, md5(node..":"..realm..":"..password);
+ else
+ return func, nil;