Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/processone/ejabberd.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/src/ejabberd_oauth.erl
diff options
context:
space:
mode:
authorAlexey Shchepin <alexey@process-one.net>2015-09-25 19:47:27 +0300
committerAlexey Shchepin <alexey@process-one.net>2015-09-25 19:48:53 +0300
commit88a206400a2e5b84b7c2aa1429b8463f55ddcd5d (patch)
tree911bcfd54261e8f633cb36ba069001ea786ea454 /src/ejabberd_oauth.erl
parent1781a589296124a17422db594c1f19701fbb00df (diff)
Add oauth_access option
Diffstat (limited to 'src/ejabberd_oauth.erl')
-rw-r--r--src/ejabberd_oauth.erl27
1 files changed, 22 insertions, 5 deletions
diff --git a/src/ejabberd_oauth.erl b/src/ejabberd_oauth.erl
index 0295b9d87..c7138981f 100644
--- a/src/ejabberd_oauth.erl
+++ b/src/ejabberd_oauth.erl
@@ -125,10 +125,25 @@ get_client_identity(Client, Ctx) -> {ok, {Ctx, {client, Client}}}.
verify_redirection_uri(_, _, Ctx) -> {ok, Ctx}.
authenticate_user({User, Server}, {password, Password} = Ctx) ->
- case ejabberd_auth:check_password(User, Server, Password) of
- true ->
- {ok, {Ctx, {user, User, Server}}};
- false ->
+ case jlib:make_jid(User, Server, <<"">>) of
+ #jid{} = JID ->
+ Access =
+ ejabberd_config:get_option(
+ {oauth_access, JID#jid.lserver},
+ fun(A) when is_atom(A) -> A end,
+ none),
+ case acl:match_rule(JID#jid.lserver, Access, JID) of
+ allow ->
+ case ejabberd_auth:check_password(User, Server, Password) of
+ true ->
+ {ok, {Ctx, {user, User, Server}}};
+ false ->
+ {error, badpass}
+ end;
+ deny ->
+ {error, badpass}
+ end;
+ error ->
{error, badpass}
end.
@@ -470,4 +485,6 @@ logo() ->
opt_type(oauth_expire) ->
fun(I) when is_integer(I), I >= 0 -> I end;
-opt_type(_) -> [oauth_expire].
+opt_type(oauth_access) ->
+ fun(A) when is_atom(A) -> A end;
+opt_type(_) -> [oauth_expire, oauth_access].
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-10 20:50:17 +0300