From 16137b3b1437ee37538b4e55326c2518893354ad Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Wed, 1 Mar 2023 12:56:08 +0000 Subject: mod_saslauth: Support for SASL handlers forcing a specific resource The token layer supports tokens that are tied to a given resource. --- plugins/mod_saslauth.lua | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'plugins') diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua index 4c8858cb..7bcdbb2b 100644 --- a/plugins/mod_saslauth.lua +++ b/plugins/mod_saslauth.lua @@ -54,6 +54,7 @@ local function handle_status(session, status, ret, err_msg) elseif status == "success" then local ok, err = sm_make_authenticated(session, session.sasl_handler.username, session.sasl_handler.role); if ok then + session.sasl_resource = session.sasl_handler.resource; module:fire_event("authentication-success", { session = session }); session.sasl_handler = nil; session:reset_stream(); @@ -374,14 +375,15 @@ end); module:hook("stanza/iq/urn:ietf:params:xml:ns:xmpp-bind:bind", function(event) local origin, stanza = event.origin, event.stanza; - local resource; - if stanza.attr.type == "set" then + local resource = origin.sasl_resource; + if stanza.attr.type == "set" and not resource then local bind = stanza.tags[1]; resource = bind:get_child("resource"); resource = resource and #resource.tags == 0 and resource[1] or nil; end local success, err_type, err, err_msg = sm_bind_resource(origin, resource); if success then + origin.sasl_resource = nil; origin.send(st.reply(stanza) :tag("bind", { xmlns = xmlns_bind }) :tag("jid"):text(origin.full_jid)); -- cgit v1.2.3