Ensure that auth is done based on the original, requested JID and not on the bound JID.
This commit is contained in:
Lance Stout
parent
f0e1fc5aad
commit
8a03bd72ae
2 changed files with 10 additions and 5 deletions
|
|
@ -68,7 +68,12 @@ class BaseXMPP(XMLStream):
|
|||
#: An identifier for the stream as given by the server.
|
||||
self.stream_id = None
|
||||
|
||||
#: The JabberID (JID) used by this connection.
|
||||
#: The JabberID (JID) requested for this connection.
|
||||
self.requested_jid = JID(jid)
|
||||
|
||||
#: The JabberID (JID) used by this connection,
|
||||
#: as set after session binding. This may even be a
|
||||
#: different bare JID than what was requested.
|
||||
self.boundjid = JID(jid)
|
||||
|
||||
self._expected_server_name = self.boundjid.host
|
||||
|
|
|
|||
|
|
@ -92,13 +92,13 @@ class FeatureMechanisms(BasePlugin):
|
|||
values = required_values.union(optional_values)
|
||||
for value in values:
|
||||
if value == 'username':
|
||||
result[value] = self.xmpp.boundjid.user
|
||||
result[value] = self.xmpp.requested_jid.user
|
||||
elif value == 'password':
|
||||
result[value] = creds['password']
|
||||
elif value == 'authzid':
|
||||
result[value] = creds.get('authzid', '')
|
||||
elif value == 'email':
|
||||
jid = self.xmpp.boundjid.bare
|
||||
jid = self.xmpp.requested_jid.bare
|
||||
result[value] = creds.get('email', jid)
|
||||
elif value == 'channel_binding':
|
||||
if sys.version_info >= (3, 3):
|
||||
|
|
@ -106,9 +106,9 @@ class FeatureMechanisms(BasePlugin):
|
|||
else:
|
||||
result[value] = None
|
||||
elif value == 'host':
|
||||
result[value] = self.xmpp.boundjid.domain
|
||||
result[value] = self.xmpp.requested_jid.domain
|
||||
elif value == 'realm':
|
||||
result[value] = self.xmpp.boundjid.domain
|
||||
result[value] = self.xmpp.requested_jid.domain
|
||||
elif value == 'service-name':
|
||||
result[value] = self.xmpp._service_name
|
||||
elif value == 'service':
|
||||
|
|
|
|||
Loading…
Reference in a new issue