diff options
| author | Evgeniy Khramtsov <ekhramtsov@process-one.net> | 2016-12-31 13:47:35 +0300 |
|---|---|---|
| committer | Evgeniy Khramtsov <ekhramtsov@process-one.net> | 2017-01-02 14:55:06 +0300 |
| commit | 666608544b558dccf59ac5c29c314ff11560041b (patch) | |
| tree | a69efd638a588832d7a58847dc84a37c55e2ef88 /src/cyrsasl_digest.erl | |
| parent | Fix case clauses when using compression (#1431)(thanks to Evgeniy Khramtsov) (diff) | |
Improve return values in cyrsasl API
Diffstat (limited to 'src/cyrsasl_digest.erl')
| -rw-r--r-- | src/cyrsasl_digest.erl | 30 |
1 files changed, 21 insertions, 9 deletions
diff --git a/src/cyrsasl_digest.erl b/src/cyrsasl_digest.erl index 150aa854..9b4faca2 100644 --- a/src/cyrsasl_digest.erl +++ b/src/cyrsasl_digest.erl @@ -30,7 +30,7 @@ -author('alexey@sevcom.net'). -export([start/1, stop/0, mech_new/4, mech_step/2, - parse/1, opt_type/1]). + parse/1, format_error/1, opt_type/1]). -include("ejabberd.hrl"). -include("logger.hrl"). @@ -39,11 +39,13 @@ -type get_password_fun() :: fun((binary()) -> {false, any()} | {binary(), atom()}). - -type check_password_fun() :: fun((binary(), binary(), binary(), fun((binary()) -> binary())) -> {boolean(), any()} | false). +-type error_reason() :: parser_failed | invalid_digest_uri | + not_authorized | unexpected_response. +-export_type([error_reason/0]). -record(state, {step = 1 :: 1 | 3 | 5, nonce = <<"">> :: binary(), @@ -64,6 +66,16 @@ start(_Opts) -> stop() -> ok. +-spec format_error(error_reason()) -> {atom(), binary()}. +format_error(parser_failed) -> + {'bad-protocol', <<"Response decoding failed">>}; +format_error(invalid_digest_uri) -> + {'bad-protocol', <<"Invalid digest URI">>}; +format_error(not_authorized) -> + {'not-authorized', <<"Invalid username or password">>}; +format_error(unexpected_response) -> + {'bad-protocol', <<"Unexpected response">>}. + mech_new(Host, GetPassword, _CheckPassword, CheckPasswordDigest) -> {ok, @@ -80,8 +92,8 @@ mech_step(#state{step = 1, nonce = Nonce} = State, _) -> mech_step(#state{step = 3, nonce = Nonce} = State, ClientIn) -> case parse(ClientIn) of - bad -> {error, 'bad-protocol'}; - KeyVals -> + bad -> {error, parser_failed}; + KeyVals -> DigestURI = proplists:get_value(<<"digest-uri">>, KeyVals, <<>>), UserName = proplists:get_value(<<"username">>, KeyVals, <<>>), case is_digesturi_valid(DigestURI, State#state.host, @@ -92,11 +104,11 @@ mech_step(#state{step = 3, nonce = Nonce} = State, "seems invalid: ~p (checking for Host " "~p, FQDN ~p)", [DigestURI, State#state.host, State#state.hostfqdn]), - {error, 'not-authorized', UserName}; + {error, invalid_digest_uri, UserName}; true -> AuthzId = proplists:get_value(<<"authzid">>, KeyVals, <<>>), case (State#state.get_password)(UserName) of - {false, _} -> {error, 'not-authorized', UserName}; + {false, _} -> {error, not_authorized, UserName}; {Passwd, AuthModule} -> case (State#state.check_password)(UserName, UserName, <<"">>, proplists:get_value(<<"response">>, KeyVals, <<>>), @@ -116,8 +128,8 @@ mech_step(#state{step = 3, nonce = Nonce} = State, State#state{step = 5, auth_module = AuthModule, username = UserName, authzid = AuthzId}}; - false -> {error, 'not-authorized', UserName}; - {false, _} -> {error, 'not-authorized', UserName} + false -> {error, not_authorized, UserName}; + {false, _} -> {error, not_authorized, UserName} end end end @@ -134,7 +146,7 @@ mech_step(#state{step = 5, auth_module = AuthModule, {auth_module, AuthModule}]}; mech_step(A, B) -> ?DEBUG("SASL DIGEST: A ~p B ~p", [A, B]), - {error, 'bad-protocol'}. + {error, unexpected_response}. parse(S) -> parse1(binary_to_list(S), "", []). |