aproxy/scripts/webfinger_allowlist.lua

48 lines
1.2 KiB
Lua

function webfingerCallback(cfg)
local args, err = ngx.req.get_uri_args()
if err == "truncated" then
return false, 'uri args too long'
end
local resource = args['resource']
if resource ~= nil then
-- TODO this is O(n) but we can make it O(1) by doing a funny and making
-- cfg.accounts be transformed into keys in a table
--
-- this would require us to do some setup() callback as well as
-- the request() callback
for _, account in ipairs(cfg.accounts) do
if resource == account then
return true
end
end
end
return false
end
return {
name='WebfingerAllowlist',
author='luna@l4.pm',
title='Webfinger Allowlist',
description=[[
Prevent unecessary DB load by discarding requests to users that we know
won't exist.
Useful for small instances.
]],
apiVersion=1,
callbacks = {
['/.well-known/webfinger'] = webfingerCallback
},
config={
['accounts'] = {
type='table',
value={
type='string',
description='ap id'
},
description = 'list of account ids (in email@domain form) to pass through to AP'
}
},
}