open Lwt.Syntax open Lwt.Infix exception ClosedStream type features = { mechanisms : Sasl.auth_mechanism list; starttls : [`Required | `Optional | `None]; unknown : Xml.element list; } (** [parse_features el] is a [features] record with all the features of the [] stanza contained in [el]. *) let parse_features (el : Xml.element) : features = let open Xml in let open Either in let parse_mechanism_stanza = function | Left {local_name = "mechanism"; children = [Right mechanism]; _} -> Some (Sasl.parse_auth_mechanism mechanism) | _ -> None in let parse_feature (acc : features) (feature : Xml.element) : features = let parse_mechanisms ch = List.filter_map parse_mechanism_stanza ch and parse_starttls = function | [Left {local_name="required"; _}] -> `Required | [] -> `Optional | _ -> raise (InvalidStanza (element_to_string el)) in match feature.local_name with | "mechanisms" -> {acc with mechanisms=parse_mechanisms feature.children} | "starttls" -> {acc with starttls=parse_starttls feature.children} | _ -> {acc with unknown = feature :: acc.unknown} in List.fold_left parse_feature {mechanisms=[]; starttls=`None; unknown=[]} (List.filter_map find_left el.children) (** [negotiate domain portal auth] is a promise containing the features supported by the XMPP server [portal], after eventual STARTTLS negotiation and authentication using the auth config [auth]. This function should be called every time a stream needs to be reopened and stream negotiation takes place. When the XMPP server advertises optional STARTTLS support, whether the connection will be upgraded to STARTTLS depends on [prefer_starttls]. Basically, it conforms to {{: https://datatracker.ietf.org/doc/html/rfc6120#section-4.3 }}. *) let negotiate ?(prefer_starttls = true) (domain : string) (portal : Portal.t) (auth : Sasl.auth_config) : features Lwt.t = (* Restart a stream: Send the usual business, ask for features. *) let start_stream () : features Lwt.t = let* _id = Portal.header domain portal in Wire.get portal.stream >|= parse_features in let starttls features = match features.starttls, prefer_starttls with | `Optional, false | `None, _ -> Lwt.return features | `Optional, true | `Required, _-> Starttls.upgrade portal >>= start_stream in let sasl_auth features = let* auth_result = Sasl.authenticate portal auth features.mechanisms in match auth_result with | Error (NotAuthorized, Some (_, text)) -> Lwt.fail_with ("Not authorized: " ^ text) | Error (MalformedRequest, Some (_, text)) -> Lwt.fail_with ("Malformed request: " ^ text) | Error _ -> Lwt.fail_with "Unknown error!" | Ok _ -> print_endline "Success!"; start_stream () in start_stream () >>= starttls >>= sasl_auth (** [initiate domain] initiates a stream with the XMPP server [domain]. Once [None] is pushed into the stream, the receiving stream is drained and the socket is closed. *) let initiate (domain : string) (auth : Sasl.auth_config) : (Portal.t * features) Lwt.t = let open Portal in let* p = connect domain in let push = function | Some n -> p.push (Some n) | None -> p.push (Some close); (* Empty the stream completely, then close the socket. *) Lwt.async (fun () -> let+ () = Markup_lwt.drain p.stream in p.push None) in let portal = {p with push} in let+ features = negotiate domain portal auth in (portal, features)