aboutsummaryrefslogtreecommitdiff
path: root/src/ejabberd_auth_external.erl
diff options
context:
space:
mode:
Diffstat (limited to 'src/ejabberd_auth_external.erl')
-rw-r--r--src/ejabberd_auth_external.erl290
1 files changed, 144 insertions, 146 deletions
diff --git a/src/ejabberd_auth_external.erl b/src/ejabberd_auth_external.erl
index 08f2856ac..8ae6a1df5 100644
--- a/src/ejabberd_auth_external.erl
+++ b/src/ejabberd_auth_external.erl
@@ -25,27 +25,21 @@
%%%----------------------------------------------------------------------
-module(ejabberd_auth_external).
+
-author('alexey@process-one.net').
+-behaviour(ejabberd_auth).
+
%% External exports
--export([start/1,
- set_password/3,
- check_password/3,
- check_password/5,
- try_register/3,
- dirty_get_registered_users/0,
- get_vh_registered_users/1,
+-export([start/1, set_password/3, check_password/3,
+ check_password/5, try_register/3,
+ dirty_get_registered_users/0, get_vh_registered_users/1,
get_vh_registered_users/2,
get_vh_registered_users_number/1,
- get_vh_registered_users_number/2,
- get_password/2,
- get_password_s/2,
- is_user_exists/2,
- remove_user/2,
- remove_user/3,
- store_type/0,
- plain_password_required/0
- ]).
+ get_vh_registered_users_number/2, get_password/2,
+ get_password_s/2, is_user_exists/2, remove_user/2,
+ remove_user/3, store_type/0,
+ plain_password_required/0]).
-include("ejabberd.hrl").
@@ -53,55 +47,59 @@
%%% API
%%%----------------------------------------------------------------------
start(Host) ->
- extauth:start(
- Host, ejabberd_config:get_local_option({extauth_program, Host})),
+ Cmd = ejabberd_config:get_local_option(
+ {extauth_program, Host},
+ fun(V) ->
+ binary_to_list(iolist_to_binary(V))
+ end,
+ "extauth"),
+ extauth:start(Host, Cmd),
case check_cache_last_options(Host) of
- cache ->
- ok = ejabberd_auth_internal:start(Host);
- no_cache ->
- ok
+ cache -> ok = ejabberd_auth_internal:start(Host);
+ no_cache -> ok
end.
check_cache_last_options(Server) ->
- %% if extauth_cache is enabled, then a mod_last module must also be enabled
case get_cache_option(Server) of
- false -> no_cache;
- {true, _CacheTime} ->
- case get_mod_last_configured(Server) of
- no_mod_last ->
- ?ERROR_MSG("In host ~p extauth is used, extauth_cache is enabled but "
- "mod_last is not enabled.", [Server]),
- no_cache;
- _ -> cache
- end
+ false -> no_cache;
+ {true, _CacheTime} ->
+ case get_mod_last_configured(Server) of
+ no_mod_last ->
+ ?ERROR_MSG("In host ~p extauth is used, extauth_cache "
+ "is enabled but mod_last is not enabled.",
+ [Server]),
+ no_cache;
+ _ -> cache
+ end
end.
-plain_password_required() ->
- true.
+plain_password_required() -> true.
-store_type() ->
- external.
+store_type() -> external.
check_password(User, Server, Password) ->
case get_cache_option(Server) of
- false -> check_password_extauth(User, Server, Password);
- {true, CacheTime} -> check_password_cache(User, Server, Password, CacheTime)
+ false -> check_password_extauth(User, Server, Password);
+ {true, CacheTime} ->
+ check_password_cache(User, Server, Password, CacheTime)
end.
-check_password(User, Server, Password, _Digest, _DigestGen) ->
+check_password(User, Server, Password, _Digest,
+ _DigestGen) ->
check_password(User, Server, Password).
set_password(User, Server, Password) ->
case extauth:set_password(User, Server, Password) of
- true -> set_password_internal(User, Server, Password),
- ok;
- _ -> {error, unknown_problem}
+ true ->
+ set_password_internal(User, Server, Password), ok;
+ _ -> {error, unknown_problem}
end.
try_register(User, Server, Password) ->
case get_cache_option(Server) of
- false -> try_register_extauth(User, Server, Password);
- {true, _CacheTime} -> try_register_external_cache(User, Server, Password)
+ false -> try_register_extauth(User, Server, Password);
+ {true, _CacheTime} ->
+ try_register_external_cache(User, Server, Password)
end.
dirty_get_registered_users() ->
@@ -110,56 +108,60 @@ dirty_get_registered_users() ->
get_vh_registered_users(Server) ->
ejabberd_auth_internal:get_vh_registered_users(Server).
-get_vh_registered_users(Server, Data) ->
- ejabberd_auth_internal:get_vh_registered_users(Server, Data).
+get_vh_registered_users(Server, Data) ->
+ ejabberd_auth_internal:get_vh_registered_users(Server,
+ Data).
get_vh_registered_users_number(Server) ->
ejabberd_auth_internal:get_vh_registered_users_number(Server).
get_vh_registered_users_number(Server, Data) ->
- ejabberd_auth_internal:get_vh_registered_users_number(Server, Data).
+ ejabberd_auth_internal:get_vh_registered_users_number(Server,
+ Data).
%% The password can only be returned if cache is enabled, cached info exists and is fresh enough.
get_password(User, Server) ->
case get_cache_option(Server) of
- false -> false;
- {true, CacheTime} -> get_password_cache(User, Server, CacheTime)
+ false -> false;
+ {true, CacheTime} ->
+ get_password_cache(User, Server, CacheTime)
end.
get_password_s(User, Server) ->
case get_password(User, Server) of
- false -> [];
- Other -> Other
+ false -> <<"">>;
+ Other -> Other
end.
%% @spec (User, Server) -> true | false | {error, Error}
is_user_exists(User, Server) ->
try extauth:is_user_exists(User, Server) of
- Res -> Res
+ Res -> Res
catch
- _:Error -> {error, Error}
+ _:Error -> {error, Error}
end.
remove_user(User, Server) ->
case extauth:remove_user(User, Server) of
- false -> false;
- true ->
- case get_cache_option(Server) of
- false -> false;
- {true, _CacheTime} ->
- ejabberd_auth_internal:remove_user(User, Server)
- end
+ false -> false;
+ true ->
+ case get_cache_option(Server) of
+ false -> false;
+ {true, _CacheTime} ->
+ ejabberd_auth_internal:remove_user(User, Server)
+ end
end.
remove_user(User, Server, Password) ->
case extauth:remove_user(User, Server, Password) of
- false -> false;
- true ->
- case get_cache_option(Server) of
- false -> false;
- {true, _CacheTime} ->
- ejabberd_auth_internal:remove_user(User, Server, Password)
- end
+ false -> false;
+ true ->
+ case get_cache_option(Server) of
+ false -> false;
+ {true, _CacheTime} ->
+ ejabberd_auth_internal:remove_user(User, Server,
+ Password)
+ end
end.
%%%
@@ -168,45 +170,50 @@ remove_user(User, Server, Password) ->
%% @spec (Host::string()) -> false | {true, CacheTime::integer()}
get_cache_option(Host) ->
- case ejabberd_config:get_local_option({extauth_cache, Host}) of
- CacheTime when is_integer(CacheTime) -> {true, CacheTime};
- _ -> false
+ case ejabberd_config:get_local_option(
+ {extauth_cache, Host},
+ fun(I) when is_integer(I), I > 0 -> I end) of
+ undefined -> false;
+ CacheTime -> {true, CacheTime}
end.
%% @spec (User, Server, Password) -> true | false
check_password_extauth(User, Server, Password) ->
- extauth:check_password(User, Server, Password) andalso Password /= "".
+ extauth:check_password(User, Server, Password) andalso
+ Password /= <<"">>.
%% @spec (User, Server, Password) -> true | false
try_register_extauth(User, Server, Password) ->
extauth:try_register(User, Server, Password).
-check_password_cache(User, Server, Password, CacheTime) ->
+check_password_cache(User, Server, Password,
+ CacheTime) ->
case get_last_access(User, Server) of
- online ->
- check_password_internal(User, Server, Password);
- never ->
- check_password_external_cache(User, Server, Password);
- mod_last_required ->
- ?ERROR_MSG("extauth is used, extauth_cache is enabled but mod_last is not enabled in that host", []),
- check_password_external_cache(User, Server, Password);
- TimeStamp ->
- %% If last access exists, compare last access with cache refresh time
- case is_fresh_enough(TimeStamp, CacheTime) of
- %% If no need to refresh, check password against Mnesia
- true ->
- case check_password_internal(User, Server, Password) of
- %% If password valid in Mnesia, accept it
- true ->
- true;
- %% Else (password nonvalid in Mnesia), check in extauth and cache result
- false ->
- check_password_external_cache(User, Server, Password)
- end;
- %% Else (need to refresh), check in extauth and cache result
- false ->
- check_password_external_cache(User, Server, Password)
- end
+ online ->
+ check_password_internal(User, Server, Password);
+ never ->
+ check_password_external_cache(User, Server, Password);
+ mod_last_required ->
+ ?ERROR_MSG("extauth is used, extauth_cache is enabled "
+ "but mod_last is not enabled in that "
+ "host",
+ []),
+ check_password_external_cache(User, Server, Password);
+ TimeStamp ->
+ case is_fresh_enough(TimeStamp, CacheTime) of
+ %% If no need to refresh, check password against Mnesia
+ true ->
+ case check_password_internal(User, Server, Password) of
+ %% If password valid in Mnesia, accept it
+ true -> true;
+ %% Else (password nonvalid in Mnesia), check in extauth and cache result
+ false ->
+ check_password_external_cache(User, Server, Password)
+ end;
+ %% Else (need to refresh), check in extauth and cache result
+ false ->
+ check_password_external_cache(User, Server, Password)
+ end
end.
get_password_internal(User, Server) ->
@@ -215,60 +222,54 @@ get_password_internal(User, Server) ->
%% @spec (User, Server, CacheTime) -> false | Password::string()
get_password_cache(User, Server, CacheTime) ->
case get_last_access(User, Server) of
- online ->
- get_password_internal(User, Server);
- never ->
- false;
- mod_last_required ->
- ?ERROR_MSG("extauth is used, extauth_cache is enabled but mod_last is not enabled in that host", []),
- false;
- TimeStamp ->
- case is_fresh_enough(TimeStamp, CacheTime) of
- true ->
- get_password_internal(User, Server);
- false ->
- false
- end
+ online -> get_password_internal(User, Server);
+ never -> false;
+ mod_last_required ->
+ ?ERROR_MSG("extauth is used, extauth_cache is enabled "
+ "but mod_last is not enabled in that "
+ "host",
+ []),
+ false;
+ TimeStamp ->
+ case is_fresh_enough(TimeStamp, CacheTime) of
+ true -> get_password_internal(User, Server);
+ false -> false
+ end
end.
-
%% Check the password using extauth; if success then cache it
check_password_external_cache(User, Server, Password) ->
case check_password_extauth(User, Server, Password) of
- true ->
- set_password_internal(User, Server, Password), true;
- false ->
- false
+ true ->
+ set_password_internal(User, Server, Password), true;
+ false -> false
end.
%% Try to register using extauth; if success then cache it
try_register_external_cache(User, Server, Password) ->
case try_register_extauth(User, Server, Password) of
- {atomic, ok} = R ->
- set_password_internal(User, Server, Password),
- R;
- _ -> {error, not_allowed}
+ {atomic, ok} = R ->
+ set_password_internal(User, Server, Password), R;
+ _ -> {error, not_allowed}
end.
%% @spec (User, Server, Password) -> true | false
check_password_internal(User, Server, Password) ->
- ejabberd_auth_internal:check_password(User, Server, Password).
+ ejabberd_auth_internal:check_password(User, Server,
+ Password).
%% @spec (User, Server, Password) -> ok | {error, invalid_jid}
set_password_internal(User, Server, Password) ->
- ejabberd_auth_internal:set_password(User, Server, Password).
-
%% @spec (TimeLast, CacheTime) -> true | false
%% TimeLast = online | never | integer()
%% CacheTime = integer() | false
-is_fresh_enough(online, _CacheTime) ->
- true;
-is_fresh_enough(never, _CacheTime) ->
- false;
+ ejabberd_auth_internal:set_password(User, Server,
+ Password).
+
is_fresh_enough(TimeStampLast, CacheTime) ->
{MegaSecs, Secs, _MicroSecs} = now(),
Now = MegaSecs * 1000000 + Secs,
- (TimeStampLast + CacheTime > Now).
+ TimeStampLast + CacheTime > Now.
%% @spec (User, Server) -> online | never | mod_last_required | TimeStamp::integer()
%% Code copied from mod_configure.erl
@@ -276,38 +277,35 @@ is_fresh_enough(TimeStampLast, CacheTime) ->
%% TODO: Update time format to XEP-0202: Entity Time
get_last_access(User, Server) ->
case ejabberd_sm:get_user_resources(User, Server) of
- [] ->
- _US = {User, Server},
- case get_last_info(User, Server) of
- mod_last_required ->
- mod_last_required;
- not_found ->
- never;
- {ok, Timestamp, _Status} ->
- Timestamp
- end;
- _ ->
- online
+ [] ->
+ _US = {User, Server},
+ case get_last_info(User, Server) of
+ mod_last_required -> mod_last_required;
+ not_found -> never;
+ {ok, Timestamp, _Status} -> Timestamp
+ end;
+ _ -> online
end.
%% @spec (User, Server) -> {ok, Timestamp, Status} | not_found | mod_last_required
+
get_last_info(User, Server) ->
case get_mod_last_enabled(Server) of
- mod_last -> mod_last:get_last_info(User, Server);
- no_mod_last -> mod_last_required
+ mod_last -> mod_last:get_last_info(User, Server);
+ no_mod_last -> mod_last_required
end.
%% @spec (Server) -> mod_last | no_mod_last
get_mod_last_enabled(Server) ->
case gen_mod:is_loaded(Server, mod_last) of
- true -> mod_last;
- false -> no_mod_last
+ true -> mod_last;
+ false -> no_mod_last
end.
get_mod_last_configured(Server) ->
case is_configured(Server, mod_last) of
- true -> mod_last;
- false -> no_mod_last
+ true -> mod_last;
+ false -> no_mod_last
end.
is_configured(Host, Module) ->
- lists:keymember(Module, 1, ejabberd_config:get_local_option({modules, Host})).
+ gen_mod:is_loaded(Host, Module).
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-29 09:23:00 +0000