X-Git-Url: https://git.enpas.org/?a=blobdiff_plain;f=plugins%2Fmod_auth_cyrus.lua;h=7668f8c407f2b8255e645d0d88c8dae179796090;hb=a87ec53e152b80f64351b3f9dc4db8974d2e8f8a;hp=637773d39199a781a6a30ddc6b7c9d1d70fef5c7;hpb=17a55590485ef323e46ae52a192b61584d45a155;p=prosody.git diff --git a/plugins/mod_auth_cyrus.lua b/plugins/mod_auth_cyrus.lua index 637773d3..7668f8c4 100644 --- a/plugins/mod_auth_cyrus.lua +++ b/plugins/mod_auth_cyrus.lua @@ -1,21 +1,20 @@ -- Prosody IM -- Copyright (C) 2008-2010 Matthew Wild -- Copyright (C) 2008-2010 Waqas Hussain --- Copyright (C) 2010 Jeff Mitchell -- -- This project is MIT/X11 licensed. Please see the -- COPYING file in the source package for more information. -- local log = require "util.logger".init("auth_cyrus"); -local type = type; -local ipairs = ipairs; -local jid_bare = require "util.jid".bare; -local config = require "core.configmanager"; + +local usermanager_user_exists = require "core.usermanager".user_exists; local cyrus_service_realm = module:get_option("cyrus_service_realm"); local cyrus_service_name = module:get_option("cyrus_service_name"); local cyrus_application_name = module:get_option("cyrus_application_name"); +local require_provisioning = module:get_option("cyrus_require_provisioning") or false; +local host_fqdn = module:get_option("cyrus_server_fqdn"); prosody.unlock_globals(); --FIXME: Figure out why this is needed and -- why cyrussasl isn't caught by the sandbox @@ -25,41 +24,61 @@ local new_sasl = function(realm) return cyrus_new( cyrus_service_realm or realm, cyrus_service_name or "xmpp", - cyrus_application_name or "prosody" + cyrus_application_name or "prosody", + host_fqdn ); end -function new_default_provider(host) - local provider = { name = "cyrus" }; - log("debug", "initializing default authentication provider for host '%s'", host); - - function provider.test_password(username, password) - return nil, "Legacy auth not supported with Cyrus SASL."; +do -- diagnostic + local list; + for mechanism in pairs(new_sasl(module.host):mechanisms()) do + list = (not(list) and mechanism) or (list..", "..mechanism); end - - function provider.get_password(username) - return nil, "Passwords unavailable for Cyrus SASL."; - end - - function provider.set_password(username, password) - return nil, "Passwords unavailable for Cyrus SASL."; + if not list then + module:log("error", "No Cyrus SASL mechanisms available"); + else + module:log("debug", "Available Cyrus SASL mechanisms: %s", list); end +end - function provider.user_exists(username) - return true; - end +local host = module.host; - function provider.create_user(username, password) - return nil, "Account creation/modification not available with Cyrus SASL."; - end +-- define auth provider +local provider = {}; +log("debug", "initializing default authentication provider for host '%s'", host); + +function provider.test_password(username, password) + return nil, "Legacy auth not supported with Cyrus SASL."; +end - function provider.get_sasl_handler() - local realm = module:get_option("sasl_realm") or module.host; - return new_sasl(realm); +function provider.get_password(username) + return nil, "Passwords unavailable for Cyrus SASL."; +end + +function provider.set_password(username, password) + return nil, "Passwords unavailable for Cyrus SASL."; +end + +function provider.user_exists(username) + if require_provisioning then + return usermanager_user_exists(username, host); end + return true; +end + +function provider.create_user(username, password) + return nil, "Account creation/modification not available with Cyrus SASL."; +end - return provider; +function provider.get_sasl_handler() + local handler = new_sasl(host); + if require_provisioning then + function handler.require_provisioning(username) + return usermanager_user_exists(username, host); + end + end + return handler; end -module:add_item("auth-provider", new_default_provider(module.host)); +module:provides("auth", provider);