Created
September 14, 2012 06:07
-
-
Save DorianGray/3720110 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
local log = require "util.logger".init("auth_exoplay"); | |
local nodeprep = require "util.encodings".stringprep.nodeprep; | |
local resolve_relative_path = require "core.configmanager".resolve_relative_path; | |
local http = require "socket.http" | |
local json = require "cjson" | |
local new_sasl = require "util.sasl".new | |
local tokens = module:shared("oauth/usertokens") | |
local host = module:get_option("oauth_host", nil); | |
local client_id = module:get_option("oauth_client_id", nil); | |
local client_secret = module:get_option("oauth_client_secret", nil); | |
local provider = { | |
name = "oauth" | |
}; | |
function provider.test_password(username, password) | |
log("debug", "User '%s' logging in via oauth.", username) | |
local b, c, h = http.request { | |
method = "POST", | |
url = "http://"..host.."/oauth/token", | |
source = | |
"username: "..username.."\n".. | |
"password: "..password.."\n".. | |
"grant_type: password".."\n".. | |
"client_id: "..client_id.."\n".. | |
"client_secret: "..client_secret.."\n".. | |
"scope: login/user", | |
headers = {Accept="application/json"} | |
} | |
if c == 200 then | |
tokens[username]=json.decode(b).access_token | |
return true | |
end | |
log("debug", "User '%s' failed to login via oauth.", username) | |
return false | |
end | |
function provider.user_exists(username) | |
log("debug", "Checking to see if user '%s' exists in oauth .", username) | |
--[[ | |
local b, c, h = http.request { | |
method = "POST", | |
url = "http://"..host.."/oauth/token", | |
source = "username: "..username.."\n".."password: ".."\n".."grant_type: password".."\n".."client_id: "..client_id.."\n".."client_secret: "..client_secret.."\n".."scope: lo | |
gin/user" | |
} | |
if c == 404 then | |
log("debug", "User '%s' does not exist in oauth.", username) | |
return false | |
end | |
return true]]-- | |
return true | |
end | |
function provider.get_sasl_handler() | |
local profile = { | |
plain_test = function(sasl, username, password, realm) | |
log("debug", "sasl username: %s", username); | |
local prepped_username = nodeprep(username); | |
if not prepped_username then | |
log("debug", "NODEprep failed on username: %s", username); | |
return "", nil; | |
end | |
return provider.test_password(prepped_username, password), true; | |
end, | |
mechanisms = { PLAIN = true } | |
}; | |
return new_sasl(module.host, profile); | |
end | |
function provider.get_password(username) return nil, "Getting password is not supported. Pleasae see http://exoplay.net for details." end | |
function provider.set_password(username, password) return nil, "Setting password is not supported. Pleasae see http://exoplay.net for details." end | |
function provider.create_user(username, password) return nil, "Registering users is not supported. Please see http://exoplay.net for details." end | |
module:add_item("auth-provider", provider); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment