mirror of
https://github.com/processone/ejabberd.git
synced 2024-11-24 16:23:40 +01:00
Add ejabberd_oauth:verify_resowner_scope callback back
This fixes issue #2982
This commit is contained in:
parent
9a8245b8e6
commit
6d08ecc41f
@ -45,7 +45,8 @@
|
|||||||
check_token/2,
|
check_token/2,
|
||||||
scope_in_scope_list/2,
|
scope_in_scope_list/2,
|
||||||
process/2,
|
process/2,
|
||||||
config_reloaded/0]).
|
config_reloaded/0,
|
||||||
|
verify_resowner_scope/3]).
|
||||||
|
|
||||||
-export([get_commands_spec/0,
|
-export([get_commands_spec/0,
|
||||||
oauth_issue_token/3, oauth_list_tokens/0, oauth_revoke_token/1]).
|
oauth_issue_token/3, oauth_list_tokens/0, oauth_revoke_token/1]).
|
||||||
@ -211,6 +212,21 @@ authenticate_user({User, Server}, Ctx) ->
|
|||||||
|
|
||||||
authenticate_client(Client, Ctx) -> {ok, {Ctx, {client, Client}}}.
|
authenticate_client(Client, Ctx) -> {ok, {Ctx, {client, Client}}}.
|
||||||
|
|
||||||
|
-spec verify_resowner_scope({user, binary(), binary()}, [binary()], any()) ->
|
||||||
|
{ok, any(), [binary()]} | {error, any()}.
|
||||||
|
verify_resowner_scope({user, _User, _Server}, Scope, Ctx) ->
|
||||||
|
Cmds = [atom_to_binary(Name, utf8) || {Name, _, _} <- ejabberd_commands:list_commands()],
|
||||||
|
AllowedScopes = [<<"ejabberd:user">>, <<"ejabberd:admin">>, <<"sasl_auth">>] ++ Cmds,
|
||||||
|
case oauth2_priv_set:is_subset(oauth2_priv_set:new(Scope),
|
||||||
|
oauth2_priv_set:new(AllowedScopes)) of
|
||||||
|
true ->
|
||||||
|
{ok, {Ctx, Scope}};
|
||||||
|
false ->
|
||||||
|
{error, badscope}
|
||||||
|
end;
|
||||||
|
verify_resowner_scope(_, _, _) ->
|
||||||
|
{error, badscope}.
|
||||||
|
|
||||||
%% This is callback for oauth tokens generated through the command line. Only open and admin commands are
|
%% This is callback for oauth tokens generated through the command line. Only open and admin commands are
|
||||||
%% made available.
|
%% made available.
|
||||||
%verify_client_scope({client, ejabberd_ctl}, Scope, Ctx) ->
|
%verify_client_scope({client, ejabberd_ctl}, Scope, Ctx) ->
|
||||||
|
Loading…
Reference in New Issue
Block a user