Fix ejabberd_auth_jwt return types and regenerate ejabberd_option.erl
This commit is contained in:
parent
3e5c0a1df8
commit
3d82a5eee6
|
@ -31,7 +31,6 @@
|
||||||
|
|
||||||
-export([start/1, stop/1, check_password/4,
|
-export([start/1, stop/1, check_password/4,
|
||||||
store_type/1, plain_password_required/1
|
store_type/1, plain_password_required/1
|
||||||
%,opt_type/1, options/0, globals/0
|
|
||||||
]).
|
]).
|
||||||
|
|
||||||
-include("xmpp.hrl").
|
-include("xmpp.hrl").
|
||||||
|
@ -48,16 +47,16 @@ plain_password_required(_Host) -> true.
|
||||||
|
|
||||||
store_type(_Host) -> external.
|
store_type(_Host) -> external.
|
||||||
|
|
||||||
-spec check_password(binary(), binary(), binary(), binary()) -> boolean().
|
-spec check_password(binary(), binary(), binary(), binary()) -> {ets_cache:tag(), boolean()}.
|
||||||
check_password(User, AuthzId, Server, Token) ->
|
check_password(User, AuthzId, Server, Token) ->
|
||||||
%% MREMOND: Should we move the AuthzId check at a higher level in
|
%% MREMOND: Should we move the AuthzId check at a higher level in
|
||||||
%% the call stack?
|
%% the call stack?
|
||||||
if AuthzId /= <<>> andalso AuthzId /= User ->
|
if AuthzId /= <<>> andalso AuthzId /= User ->
|
||||||
false;
|
{nocache, false};
|
||||||
true ->
|
true ->
|
||||||
if Token == <<"">> -> false;
|
if Token == <<"">> -> {nocache, false};
|
||||||
true ->
|
true ->
|
||||||
check_jwt_token(User, Server, Token)
|
{nocache, check_jwt_token(User, Server, Token)}
|
||||||
end
|
end
|
||||||
end.
|
end.
|
||||||
|
|
||||||
|
@ -102,28 +101,7 @@ check_jwt_token(User, Server, Token) ->
|
||||||
end.
|
end.
|
||||||
|
|
||||||
get_jwk(Host) ->
|
get_jwk(Host) ->
|
||||||
jose_jwk:from_binary(ejabberd_config:get_option({jwt_key, Host})).
|
jose_jwk:from_binary(ejabberd_option:jwt_key(Host)).
|
||||||
|
|
||||||
%%%----------------------------------------------------------------------
|
|
||||||
%%% Options for JWT authentication modules
|
|
||||||
%%%----------------------------------------------------------------------
|
|
||||||
%-spec opt_type(atom()) -> fun((any()) -> any()) | [atom()].
|
|
||||||
%
|
|
||||||
%%%% name: jwt_key
|
|
||||||
%%%% type: binary
|
|
||||||
%%%% description: JWT key used to validate JWT tokens.
|
|
||||||
%%%% Default: none
|
|
||||||
%%%% Mandatory: yes
|
|
||||||
%opt_type(jwt_key) -> fun iolist_to_binary/1;
|
|
||||||
%
|
|
||||||
%%%% Available options:
|
|
||||||
%opt_type(_) -> [jwt_key].
|
|
||||||
%
|
|
||||||
%options() ->
|
|
||||||
% [{jwt_key, <<"">>}].
|
|
||||||
%
|
|
||||||
%globals() ->
|
|
||||||
% [jwt_key].
|
|
||||||
|
|
||||||
%% TODO: auth0 username is defined in 'jid' field, but we should
|
%% TODO: auth0 username is defined in 'jid' field, but we should
|
||||||
%% allow customizing the name of the field containing the username
|
%% allow customizing the name of the field containing the username
|
||||||
|
|
|
@ -50,6 +50,7 @@
|
||||||
-export([host_config/0]).
|
-export([host_config/0]).
|
||||||
-export([hosts/0]).
|
-export([hosts/0]).
|
||||||
-export([include_config_file/0, include_config_file/1]).
|
-export([include_config_file/0, include_config_file/1]).
|
||||||
|
-export([jwt_key/0, jwt_key/1]).
|
||||||
-export([language/0, language/1]).
|
-export([language/0, language/1]).
|
||||||
-export([ldap_backups/0, ldap_backups/1]).
|
-export([ldap_backups/0, ldap_backups/1]).
|
||||||
-export([ldap_base/0, ldap_base/1]).
|
-export([ldap_base/0, ldap_base/1]).
|
||||||
|
@ -430,6 +431,13 @@ include_config_file() ->
|
||||||
include_config_file(Host) ->
|
include_config_file(Host) ->
|
||||||
ejabberd_config:get_option({include_config_file, Host}).
|
ejabberd_config:get_option({include_config_file, Host}).
|
||||||
|
|
||||||
|
-spec jwt_key() -> binary().
|
||||||
|
jwt_key() ->
|
||||||
|
jwt_key(global).
|
||||||
|
-spec jwt_key(global | binary()) -> binary().
|
||||||
|
jwt_key(Host) ->
|
||||||
|
ejabberd_config:get_option({jwt_key, Host}).
|
||||||
|
|
||||||
-spec language() -> binary().
|
-spec language() -> binary().
|
||||||
language() ->
|
language() ->
|
||||||
language(global).
|
language(global).
|
||||||
|
|
Loading…
Reference in New Issue