"Fossies" - the Fresh Open Source Software Archive

Member "jitsi-meet-7315/resources/prosody-plugins/mod_muc_password_check.lua" (2 Jun 2023, 6205 Bytes) of package /linux/misc/jitsi-meet-7315.tar.gz:

As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Lua source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. 
    1 local inspect = require "inspect";
    2 local formdecode = require "util.http".formdecode;
    3 local urlencode = require "util.http".urlencode;
    4 local jid = require "util.jid";
    5 local json = require "util.json";
    6 local util = module:require "util";
    7 local async_handler_wrapper = util.async_handler_wrapper;
    8 local starts_with = util.starts_with;
    9 local token_util = module:require "token/util".new(module);
   10 
   11 -- option to enable/disable room API token verifications
   12 local enableTokenVerification
   13 = module:get_option_boolean("enable_password_token_verification", true);
   14 
   15 local muc_domain_base = module:get_option_string("muc_mapper_domain_base");
   16 if not muc_domain_base then
   17     module:log("warn", "No 'muc_domain_base' option set, disabling password check endpoint.");
   18     return ;
   19 end
   20 local muc_domain_prefix = module:get_option_string("muc_mapper_domain_prefix", "conference");
   21 
   22 local json_content_type = "application/json";
   23 
   24 --- Verifies the token
   25 -- @param token the token we received
   26 -- @param room_address the full room address jid
   27 -- @return true if values are ok or false otherwise
   28 function verify_token(token, room_address)
   29     if not enableTokenVerification then
   30         return true;
   31     end
   32 
   33     -- if enableTokenVerification is enabled and we do not have token
   34     -- stop here, cause the main virtual host can have guest access enabled
   35     -- (allowEmptyToken = true) and we will allow access to rooms info without
   36     -- a token
   37     if token == nil then
   38         module:log("warn", "no token provided for %s", room_address);
   39         return false;
   40     end
   41 
   42     local session = {};
   43     session.auth_token = token;
   44     local verified, reason, msg = token_util:process_and_verify_token(session);
   45     if not verified then
   46         module:log("warn", "not a valid token %s %s for %s", tostring(reason), tostring(msg), room_address);
   47         return false;
   48     end
   49 
   50     return true;
   51 end
   52 
   53 -- Validates the request by checking for required url param room and
   54 -- validates the token provided with the request
   55 -- @param request - The request to validate.
   56 -- @return [error_code, room]
   57 local function validate_and_get_room(request)
   58     if not request.url.query then
   59         module:log("warn", "No query");
   60         return 400, nil;
   61     end
   62 
   63     local params = formdecode(request.url.query);
   64     local room_name = urlencode(params.room) or "";
   65     local subdomain = urlencode(params.prefix) or "";
   66 
   67     if not room_name then
   68         module:log("warn", "Missing room param for %s", room_name);
   69         return 400, nil;
   70     end
   71 
   72     local room_address = jid.join(room_name, muc_domain_prefix.."."..muc_domain_base);
   73 
   74     if subdomain and subdomain ~= "" then
   75         room_address = "["..subdomain.."]"..room_address;
   76     end
   77 
   78     -- verify access
   79     local token = request.headers["authorization"]
   80 
   81     if token and starts_with(token,'Bearer ') then
   82         token = token:sub(8,#token)
   83     end
   84 
   85     if not verify_token(token, room_address) then
   86         return 403, nil;
   87     end
   88 
   89     local room = get_room_from_jid(room_address);
   90 
   91     if not room then
   92         module:log("warn", "No room found for %s", room_address);
   93         return 404, nil;
   94     else
   95         return 200, room;
   96     end
   97 end
   98 
   99 function handle_validate_room_password (event)
  100     local request = event.request;
  101 
  102     if request.headers.content_type ~= json_content_type
  103             or (not request.body or #request.body == 0) then
  104         module:log("warn", "Wrong content type: %s", request.headers.content_type);
  105         return { status_code = 400; }
  106     end
  107 
  108     local params = json.decode(request.body);
  109     if not params then
  110         module:log("warn", "Missing params");
  111         return { status_code = 400; }
  112     end
  113 
  114     local passcode = params["passcode"];
  115 
  116     if not passcode then
  117         module:log("warn", "Missing passcode param");
  118         return { status_code = 400; };
  119     end
  120 
  121     local error_code, room = validate_and_get_room(request);
  122 
  123     if not room then
  124         return { status_code = error_code; }
  125     end
  126 
  127     local PUT_response = {
  128         headers = { content_type = "application/json"; };
  129         body = json.encode({ valid = (room:get_password() == passcode) })
  130     };
  131 
  132     module:log("debug","Sending response for room password validate: %s", inspect(PUT_response));
  133 
  134     return PUT_response;
  135 end
  136 
  137 --- Handles request for retrieving the room participants details
  138 -- @param event the http event, holds the request query
  139 -- @return GET response, containing a json with participants details
  140 function handle_get_room_password (event)
  141     local error_code, room = validate_and_get_room(event.request);
  142 
  143     if not room then
  144         return { status_code = error_code; }
  145     end
  146 
  147     room_details = {};
  148     room_details["conference"] = room.jid;
  149     room_details["passcodeProtected"] = room:get_password() ~= nil;
  150     room_details["lobbyEnabled"] = room._data ~= nil and room._data.lobbyroom ~= nil;
  151 
  152     local GET_response = {
  153         headers = {
  154             content_type = "application/json";
  155         };
  156         body = json.encode(room_details);
  157     };
  158     module:log("debug","Sending response for room password: %s", inspect(GET_response));
  159 
  160     return GET_response;
  161 end
  162 
  163 -- process a host module directly if loaded or hooks to wait for its load
  164 function process_host_module(name, callback)
  165     local function process_host(host)
  166         if host == name then
  167             callback(module:context(host), host);
  168         end
  169     end
  170 
  171     if prosody.hosts[name] == nil then
  172         module:log('debug', 'No host/component found, will wait for it: %s', name)
  173 
  174         -- when a host or component is added
  175         prosody.events.add_handler('host-activated', process_host);
  176     else
  177         process_host(name);
  178     end
  179 end
  180 
  181 process_host_module(muc_domain_base, function(host_module, host)
  182     module:log("info","Adding http handler for /room-info on %s", host_module.host);
  183     host_module:depends("http");
  184     host_module:provides("http", {
  185         default_path = "/";
  186         route = {
  187             ["GET room-info"] = function (event) return async_handler_wrapper(event, handle_get_room_password) end;
  188             ["PUT room-info"] = function (event) return async_handler_wrapper(event, handle_validate_room_password) end;
  189         };
  190     });
  191 end);