107 local function handle_status(session, status, ret, err_msg) |
107 local function handle_status(session, status, ret, err_msg) |
108 if status == "failure" then |
108 if status == "failure" then |
109 session.sasl_handler = session.sasl_handler:clean_clone(); |
109 session.sasl_handler = session.sasl_handler:clean_clone(); |
110 elseif status == "success" then |
110 elseif status == "success" then |
111 local username = nodeprep(session.sasl_handler.username); |
111 local username = nodeprep(session.sasl_handler.username); |
112 if not username then -- TODO move this to sessionmanager |
|
113 module:log("warn", "SASL succeeded but we didn't get a username!"); |
|
114 session.sasl_handler = nil; |
|
115 session:reset_stream(); |
|
116 return status, ret, err_msg; |
|
117 end |
|
118 |
112 |
119 if not(require_provisioning) or usermanager_user_exists(username, session.host) then |
113 if not(require_provisioning) or usermanager_user_exists(username, session.host) then |
120 sm_make_authenticated(session, session.sasl_handler.username); |
114 local aret, err = sm_make_authenticated(session, session.sasl_handler.username); |
121 session.sasl_handler = nil; |
115 if aret then |
122 session:reset_stream(); |
116 session.sasl_handler = nil; |
|
117 session:reset_stream(); |
|
118 else |
|
119 module:log("warn", "SASL succeeded but username was invalid"); |
|
120 session.sasl_handler = session.sasl_handler:clean_clone(); |
|
121 return "failure", "not-authorized", "User authenticated successfully, but username was invalid"; |
|
122 end |
123 else |
123 else |
124 module:log("warn", "SASL succeeded but we don't have an account provisioned for %s", username); |
124 module:log("warn", "SASL succeeded but we don't have an account provisioned for %s", username); |
125 session.sasl_handler = session.sasl_handler:clean_clone(); |
125 session.sasl_handler = session.sasl_handler:clean_clone(); |
126 return "failure", "not-authorized", "User authenticated successfully, but not provisioned for XMPP"; |
126 return "failure", "not-authorized", "User authenticated successfully, but not provisioned for XMPP"; |
127 end |
127 end |