erkiesken/ModAuthJWT.ex

## ejabberd_auth_jwt.erl
-module(ejabberd_auth_jwt).

-behaviour(ejabberd_auth).
-behaviour(ejabberd_config).

-author('erki@esken.net').

-export([
         start/1,
         stop/1,
         plain_password_required/1,
         store_type/1,
         use_cache/1,
         check_password/4,
         opt_type/1]).

start(_Host) -> ok.

stop(_Host) -> ok.

plain_password_required(_) ->
    true.

store_type(_) ->
    external.

use_cache(_) ->
    false.

check_password(User, AuthzId, Server, ProvidedPassword) ->
    'Elixir.ModAuthJWT':check_password(User, AuthzId, Server, ProvidedPassword).

-spec opt_type(atom()) -> [atom()].
opt_type(_) -> [].

## ModAuthJWT.ex
defmodule ModAuthJWT do
  use Ejabberd.Module
  import Joken

  def start(_host, _opts) do
    info('Starting ejabberd module Auth JWT')
    :ok
  end

  def stop(_host) do
    info('Stopping ejabberd module Auth JWT')
    :ok
  end

  def check_password(user, _authzid, server, password) do
    info('Received JWT password for #{user}@#{server}')
    strategy = get_jwt_strategy(server)
    secret = get_jwt_secret(server)

    verified_token = password
      |> token
      |> with_validation("jid", &(&1 == "#{user}@#{server}"))
      |> with_signer(apply(Joken, String.to_atom(strategy), [secret]))
      |> verify

    if verified_token.error do
      false
    else
      true
    end
  end

  def get_jwt_strategy(server) do
    :gen_mod.get_module_opt(server, ModAuthJWT, :jwt_strategy, "HS256")
  end

  def get_jwt_secret(server) do
    :gen_mod.get_module_opt(server, ModAuthJWT, :jwt_secret, "")
  end
end
	-module(ejabberd_auth_jwt).

	-behaviour(ejabberd_auth).
	-behaviour(ejabberd_config).

	-author('erki@esken.net').

	-export([
	start/1,
	stop/1,
	plain_password_required/1,
	store_type/1,
	use_cache/1,
	check_password/4,
	opt_type/1]).

	start(_Host) -> ok.

	stop(_Host) -> ok.

	plain_password_required(_) ->
	true.

	store_type(_) ->
	external.

	use_cache(_) ->
	false.

	check_password(User, AuthzId, Server, ProvidedPassword) ->
	'Elixir.ModAuthJWT':check_password(User, AuthzId, Server, ProvidedPassword).

	-spec opt_type(atom()) -> [atom()].
	opt_type(_) -> [].
	defmodule ModAuthJWT do
	use Ejabberd.Module
	import Joken

	def start(_host, _opts) do
	info('Starting ejabberd module Auth JWT')
	:ok
	end

	def stop(_host) do
	info('Stopping ejabberd module Auth JWT')
	:ok
	end

	def check_password(user, _authzid, server, password) do
	info('Received JWT password for #{user}@#{server}')
	strategy = get_jwt_strategy(server)
	secret = get_jwt_secret(server)

	verified_token = password
	\|> token
	\|> with_validation("jid", &(&1 == "#{user}@#{server}"))
	\|> with_signer(apply(Joken, String.to_atom(strategy), [secret]))
	\|> verify

	if verified_token.error do
	false
	else
	true
	end
	end

	def get_jwt_strategy(server) do
	:gen_mod.get_module_opt(server, ModAuthJWT, :jwt_strategy, "HS256")
	end

	def get_jwt_secret(server) do
	:gen_mod.get_module_opt(server, ModAuthJWT, :jwt_secret, "")
	end
	end