From 5603ceb2a1a4898f32aed053ae2c7a34a91c159f Mon Sep 17 00:00:00 2001 From: Ben Langfeld Date: Thu, 9 Apr 2015 00:09:12 -0300 Subject: [PATCH] MojoAuth module Permits use of MojoAuth (http://mojoauth.mojolingo.com/) in ejabberd. MojoAuth is a set of standard approaches to cross-app authentication based on HMAC which is specified in RFC2104. --- rebar.config.script | 1 + src/ejabberd_auth.erl | 2 +- src/ejabberd_auth_mojoauth.erl | 99 ++++++++++++++++++++++++++++++++++ 3 files changed, 101 insertions(+), 1 deletion(-) create mode 100644 src/ejabberd_auth_mojoauth.erl diff --git a/rebar.config.script b/rebar.config.script index 37ee5acbb7f..d555f17d485 100644 --- a/rebar.config.script +++ b/rebar.config.script @@ -62,6 +62,7 @@ Deps = [{p1_cache_tab, ".*", {git, "git://github.com/processone/cache_tab"}}, {p1_stun, ".*", {git, "git://github.com/processone/stun"}}, {p1_yaml, ".*", {git, "git://github.com/processone/p1_yaml"}}, {ehyperloglog, ".*", {git, "https://github.com/vaxelfel/eHyperLogLog.git"}}, + {mojoauth, ".*", {git, "https://github.com/mojolingo/mojoauth.erl.git"}}, {p1_utils, ".*", {git, "git://github.com/processone/p1_utils"}}], ConfigureCmd = fun(Pkg, Flags) -> diff --git a/src/ejabberd_auth.erl b/src/ejabberd_auth.erl index 7bd557d67af..512dbd67119 100644 --- a/src/ejabberd_auth.erl +++ b/src/ejabberd_auth.erl @@ -134,7 +134,7 @@ check_password(User, AuthzId, Server, Password, Digest, %% {true, AuthModule} | false %% where %% AuthModule = ejabberd_auth_anonymous | ejabberd_auth_external -%% | ejabberd_auth_internal | ejabberd_auth_ldap +%% | ejabberd_auth_internal | ejabberd_auth_ldap | ejabberd_auth_mojoauth %% | ejabberd_auth_odbc | ejabberd_auth_pam | ejabberd_auth_riak -spec check_password_with_authmodule(binary(), binary(), binary(), binary()) -> false | {true, atom()}. diff --git a/src/ejabberd_auth_mojoauth.erl b/src/ejabberd_auth_mojoauth.erl new file mode 100644 index 00000000000..126adce97d4 --- /dev/null +++ b/src/ejabberd_auth_mojoauth.erl @@ -0,0 +1,99 @@ +%%%---------------------------------------------------------------------- +%%% File : ejabberd_auth_mojoauth.erl +%%% Author : Ben Langfeld +%%% Purpose : Authentication via MojoAuth (http://mojoauth.mojolingo.com/) +%%% Created : 18 February 2015 by Ben Langfeld +%%% +%%% +%%% ejabberd, Copyright (C) 2002-2015 ProcessOne +%%% +%%% This program is free software; you can redistribute it and/or +%%% modify it under the terms of the GNU General Public License as +%%% published by the Free Software Foundation; either version 2 of the +%%% License, or (at your option) any later version. +%%% +%%% This program is distributed in the hope that it will be useful, +%%% but WITHOUT ANY WARRANTY; without even the implied warranty of +%%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +%%% General Public License for more details. +%%% +%%% You should have received a copy of the GNU General Public License along +%%% with this program; if not, write to the Free Software Foundation, Inc., +%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +%%% +%%%---------------------------------------------------------------------- + +-module(ejabberd_auth_mojoauth). + +-author('ben@langfeld.me'). + +-behaviour(ejabberd_auth). + +%% External exports +-export([start/1, set_password/3, check_password/4, + check_password/6, try_register/3, + dirty_get_registered_users/0, get_vh_registered_users/1, + get_vh_registered_users/2, + get_vh_registered_users_number/1, + get_vh_registered_users_number/2, get_password/2, + get_password_s/2, is_user_exists/2, remove_user/2, + remove_user/3, store_type/0, + plain_password_required/0]). + +-include("ejabberd.hrl"). +-include("logger.hrl"). + +%%%---------------------------------------------------------------------- +%%% API +%%%---------------------------------------------------------------------- +start(Host) -> + ejabberd_auth_internal:start(Host). + +plain_password_required() -> true. + +store_type() -> external. + +secret(Server) -> + LServer = jlib:nameprep(Server), + ejabberd_config:get_option( + {mojoauth_secret, LServer}, + fun(V) -> iolist_to_binary(V) end, + "mojoauth"). + +check_password(User, AuthzId, Server, Password) -> + case mojoauth:test_credentials([{username, User}, {password, Password}], secret(Server)) of + {ok, AuthzId} -> true; + _ -> false + end. + +check_password(User, AuthzId, Server, Password, _Digest, _DigestGen) -> + check_password(User, AuthzId, Server, Password). + +set_password(_User, _Server, _Password) -> {error, not_allowed}. + +try_register(_User, _Server, _Password) -> {error, not_allowed}. + +dirty_get_registered_users() -> + ejabberd_auth_internal:dirty_get_registered_users(). + +get_vh_registered_users(Server) -> + ejabberd_auth_internal:get_vh_registered_users(Server). + +get_vh_registered_users(Server, Data) -> + ejabberd_auth_internal:get_vh_registered_users(Server, Data). + +get_vh_registered_users_number(Server) -> + ejabberd_auth_internal:get_vh_registered_users_number(Server). + +get_vh_registered_users_number(Server, Data) -> + ejabberd_auth_internal:get_vh_registered_users_number(Server, Data). + +get_password(_User, _Server) -> false. + +get_password_s(_User, _Server) -> <<"">>. + +is_user_exists(_User, _Server) -> true. + +remove_user(_User, _Server) -> false. + +remove_user(_User, _Server, _Password) -> false.