jfinn
/
jitsi_corner8
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

changed to using a setter for the asapKeyServer

j8
Aaron van Meerten 5 years ago
parent
41e0d782ce
commit
7ce44f85ca
1 changed files with 9 additions and 15 deletions
Unified View Show Diff Stats
  1. 9
    15
      resources/prosody-plugins/token/util.lib.lua

+ 9
- 15
resources/prosody-plugins/token/util.lib.lua View File

100 
     return self
 100 
     return self
101 
 end
 101 
 end
102
102
103 
+function Util:set_asap_key_server(asapKeyServer)
104 
+    self.asapKeyServer = asapKeyServer
105 
+end
106 
+
103 
 --- Returns the public key by keyID
 107 
 --- Returns the public key by keyID
104 
 -- @param keyId the key ID to request
 108 
 -- @param keyId the key ID to request
105 
 -- @return the public key (the content of requested resource) or nil
 109 
 -- @return the public key (the content of requested resource) or nil
106 
-function Util:get_public_key(keyId,asapKeyServer)
107 
-    if asapKeyServer == "" then
108 
-        asapKeyServer = self.asapKeyServer)
109 
-    end
110 
+function Util:get_public_key(keyId)
110 
     local content = cache:get(keyId);
 111 
     local content = cache:get(keyId);
111 
     if content == nil then
 112 
     if content == nil then
112 
         -- If the key is not found in the cache.
 113 
         -- If the key is not found in the cache.
120 
             end
 121 
             end
121 
             done();
 122 
             done();
122 
         end
 123 
         end
123 
-        local keyurl = path.join(asapKeyServer, hex.to(sha256(keyId))..'.pem');
124 
+        local keyurl = path.join(self.asapKeyServer, hex.to(sha256(keyId))..'.pem');
124 
         module:log("debug", "Fetching public key from: "..keyurl);
 125 
         module:log("debug", "Fetching public key from: "..keyurl);
125
126
126 
         -- We hash the key ID to work around some legacy behavior and make
 127 
         -- We hash the key ID to work around some legacy behavior and make
242 
 -- @param session the current session
 243 
 -- @param session the current session
243 
 -- @return false and error
 244 
 -- @return false and error
244 
 function Util:process_and_verify_token(session)
 245 
 function Util:process_and_verify_token(session)
245 
-    return self:process_and_verify_token_with_keyserver(session,"")
246 
-end
247 
-function Util:process_and_verify_token_with_keyserver(session,asapKeyServer)
248 
-    if asapKeyServer == "" then
249 
-        asapKeyServer = self.asapKeyServer
250 
-    end
251 
-
252 
     if session.auth_token == nil then
 246 
     if session.auth_token == nil then
253 
         if self.allowEmptyToken then
 247 
         if self.allowEmptyToken then
254 
             return true;
 248 
             return true;
258 
     end
 252 
     end
259
253
260 
     local pubKey;
 254 
     local pubKey;
261 
-    if asapKeyServer and session.auth_token ~= nil then
255 
+    if self.asapKeyServer and session.auth_token ~= nil then
262 
         local dotFirst = session.auth_token:find("%.");
 256 
         local dotFirst = session.auth_token:find("%.");
263 
         if not dotFirst then return nil, "Invalid token" end
 257 
         if not dotFirst then return nil, "Invalid token" end
264 
         local header = json.decode(basexx.from_url64(session.auth_token:sub(1,dotFirst-1)));
 258 
         local header = json.decode(basexx.from_url64(session.auth_token:sub(1,dotFirst-1)));
266 
         if kid == nil then
 260 
         if kid == nil then
267 
             return false, "not-allowed", "'kid' claim is missing";
 261 
             return false, "not-allowed", "'kid' claim is missing";
268 
         end
 262 
         end
269 
-        pubKey = self:get_public_key(kid,asapKeyServer);
263 
+        pubKey = self:get_public_key(kid);
270 
         if pubKey == nil then
 264 
         if pubKey == nil then
271 
             return false, "not-allowed", "could not obtain public key";
 265 
             return false, "not-allowed", "could not obtain public key";
272 
         end
 266 
         end
274
268
275 
     -- now verify the whole token
 269 
     -- now verify the whole token
276 
     local claims, msg;
 270 
     local claims, msg;
277 
-    if asapKeyServer then
271 
+    if self.asapKeyServer then
278 
         claims, msg = self:verify_token(session.auth_token, pubKey);
 272 
         claims, msg = self:verify_token(session.auth_token, pubKey);
279 
     else
 273 
     else
280 
         claims, msg = self:verify_token(session.auth_token, self.appSecret);
 274 
         claims, msg = self:verify_token(session.auth_token, self.appSecret);

Write Preview
Loading…
Cancel
Save