Permit connecting with an alternative authcid

This permits imitation of other users (for example, if [email protected] is allowed to create a session as [email protected], he will provide the JID [email protected] in <stream:stream to="..." and <bind/>, but use his own credentials in the the <auth/> packet per SASL's separation of authzid and authcid.
candy-chat · Apr 15, 2015 · ce92afd · ce92afd
1 parent d977990
commit ce92afd
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/src/core.js b/src/core.js
@@ -261,8 +261,9 @@ Candy.Core = (function(self, Strophe, $) {
 	 *   (String) password  - Password of the user
 	 *   (String) nick      - Nick of the user. Set one if you want to anonymously connect but preset a nick. If jidOrHost is a domain
 	 *                        and this param is not set, Candy will prompt for a nick.
+	 *   (String) authcid   - Authentication identity (username) if different from the JID.
 	 */
-	self.connect = function(jidOrHost, password, nick) {
+	self.connect = function(jidOrHost, password, nick, authcid) {
 		// Reset before every connection attempt to make sure reconnections work after authfail, alltabsclosed, ...
 		_connection.reset();
 		self.registerEventHandlers();
@@ -291,7 +292,7 @@ Candy.Core = (function(self, Strophe, $) {
 			}
 
 			// authentication
-			_connection.connect(_getEscapedJidFromJid(jidOrHost) + '/' + _options.resource, password, Candy.Core.Event.Strophe.Connect);
+			_connection.connect(_getEscapedJidFromJid(jidOrHost) + '/' + _options.resource, password, Candy.Core.Event.Strophe.Connect, undefined, undefined, undefined, authcid);
 			if (nick) {
 				_user = new self.ChatUser(jidOrHost, nick);
 			} else {