2018-06-25 23:37:08 +02:00
|
|
|
# This file is part of Gajim.
|
|
|
|
#
|
|
|
|
# Gajim is free software; you can redistribute it and/or modify
|
|
|
|
# it under the terms of the GNU General Public License as published
|
|
|
|
# by the Free Software Foundation; version 3 only.
|
|
|
|
#
|
|
|
|
# Gajim is distributed in the hope that it will be useful,
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
# GNU General Public License for more details.
|
|
|
|
#
|
|
|
|
# You should have received a copy of the GNU General Public License
|
|
|
|
# along with Gajim. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
|
|
|
# XEP-0070: Verifying HTTP Requests via XMPP
|
|
|
|
|
|
|
|
import logging
|
|
|
|
|
|
|
|
import nbxmpp
|
2019-01-02 16:19:35 +01:00
|
|
|
from nbxmpp.structs import StanzaHandler
|
|
|
|
from nbxmpp.protocol import NS_HTTP_AUTH
|
2018-06-25 23:37:08 +02:00
|
|
|
|
|
|
|
from gajim.common import app
|
2018-12-21 12:23:26 +01:00
|
|
|
from gajim.common.nec import NetworkEvent
|
2018-06-25 23:37:08 +02:00
|
|
|
|
|
|
|
log = logging.getLogger('gajim.c.m.http_auth')
|
|
|
|
|
|
|
|
|
|
|
|
class HTTPAuth:
|
|
|
|
def __init__(self, con):
|
|
|
|
self._con = con
|
|
|
|
self._account = con.name
|
|
|
|
|
2019-01-02 16:19:35 +01:00
|
|
|
self.handlers = [
|
|
|
|
StanzaHandler(name='message',
|
|
|
|
callback=self._http_auth,
|
|
|
|
ns=NS_HTTP_AUTH,
|
|
|
|
priority=45),
|
|
|
|
StanzaHandler(name='iq',
|
|
|
|
callback=self._http_auth,
|
|
|
|
typ='get',
|
|
|
|
ns=NS_HTTP_AUTH,
|
|
|
|
priority=45)
|
|
|
|
]
|
|
|
|
|
|
|
|
def _http_auth(self, _con, stanza, properties):
|
|
|
|
if not properties.is_http_auth:
|
|
|
|
return
|
2018-06-25 23:37:08 +02:00
|
|
|
|
|
|
|
log.info('Auth request received')
|
|
|
|
auto_answer = app.config.get_per(
|
|
|
|
'accounts', self._account, 'http_auth')
|
|
|
|
if auto_answer in ('yes', 'no'):
|
|
|
|
self.build_http_auth_answer(stanza, auto_answer)
|
|
|
|
raise nbxmpp.NodeProcessed
|
|
|
|
|
|
|
|
app.nec.push_incoming_event(
|
2018-12-21 12:23:26 +01:00
|
|
|
NetworkEvent('http-auth-received',
|
|
|
|
conn=self._con,
|
2019-01-02 16:19:35 +01:00
|
|
|
iq_id=properties.http_auth.id,
|
|
|
|
method=properties.http_auth.method,
|
|
|
|
url=properties.http_auth.url,
|
|
|
|
msg=properties.http_auth.body,
|
2018-12-21 12:23:26 +01:00
|
|
|
stanza=stanza))
|
2019-01-02 16:19:35 +01:00
|
|
|
raise nbxmpp.NodeProcessed
|
2018-06-25 23:37:08 +02:00
|
|
|
|
|
|
|
def build_http_auth_answer(self, stanza, answer):
|
|
|
|
if answer == 'yes':
|
|
|
|
log.info('Auth request approved')
|
|
|
|
confirm = stanza.getTag('confirm')
|
|
|
|
reply = stanza.buildReply('result')
|
|
|
|
if stanza.getName() == 'message':
|
|
|
|
reply.addChild(node=confirm)
|
|
|
|
self._con.connection.send(reply)
|
|
|
|
elif answer == 'no':
|
|
|
|
log.info('Auth request denied')
|
|
|
|
err = nbxmpp.Error(stanza, nbxmpp.protocol.ERR_NOT_AUTHORIZED)
|
|
|
|
self._con.connection.send(err)
|
|
|
|
|
|
|
|
|
2018-07-07 13:52:44 +02:00
|
|
|
def get_instance(*args, **kwargs):
|
|
|
|
return HTTPAuth(*args, **kwargs), 'HTTPAuth'
|