Mercurial > crates > nonstick

annotate pam-http/src/lib.rs @ 34:ec70822cbdef

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Overhaul
author Andy Caldwell <andrew.caldwell@metaswitch.com>
date Sun, 24 Apr 2022 03:42:11 +0100
parents 4263c1d83d5b
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
1 extern crate pam;
15
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
2 extern crate reqwest;
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
3
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
4 use pam::constants::{PamFlag, PamResultCode, PAM_PROMPT_ECHO_OFF};
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
5 use pam::conv::Conv;
22
4263c1d83d5b Refactor PamHooks into modules mod
Anthony Nowell <anthony@algorithmia.com>
parents: 20
diff changeset
6 use pam::module::{PamHandle, PamHooks};
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
7 use reqwest::blocking::Client;
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
8 use reqwest::StatusCode;
15
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
9 use std::collections::HashMap;
20
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
10 use std::ffi::CStr;
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
11 use std::time::Duration;
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
12 use pam::pam_try;
15
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
13
20
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
14 struct PamHttp;
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
15 pam::pam_hooks!(PamHttp);
20
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
16
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
17 impl PamHooks for PamHttp {
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
18 // This function performs the task of authenticating the user.
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
19 fn sm_authenticate(pamh: &mut PamHandle, args: Vec<&CStr>, _flags: PamFlag) -> PamResultCode {
20
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
20 println!("Let's auth over HTTP");
15
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
21
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
22 let args: Vec<_> = args
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
23 .iter()
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
24 .map(|s| s.to_string_lossy())
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
25 .collect();
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
26 let args: HashMap<&str, &str> = args
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
27 .iter()
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
28 .map(|s| {
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
29 let mut parts = s.splitn(2, '=');
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
30 (parts.next().unwrap(), parts.next().unwrap_or(""))
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
31 })
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
32 .collect();
15
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
33
20
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
34 let user = pam_try!(pamh.get_user(None));
15
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
35
20
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
36 let url: &str = match args.get("url") {
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
37 Some(url) => url,
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
38 None => return PamResultCode::PAM_AUTH_ERR,
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
39 };
15
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
40
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
41 let conv = match pamh.get_item::<Conv>() {
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
42 Ok(Some(conv)) => conv,
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
43 Ok(None) => {
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
44 unreachable!("No conv available");
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
45 }
20
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
46 Err(err) => {
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
47 println!("Couldn't get pam_conv");
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
48 return err;
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
49 }
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
50 };
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
51 let password = pam_try!(conv.send(PAM_PROMPT_ECHO_OFF, "Word, yo: "));
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
52 let password = match password {
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
53 Some(password) => Some(pam_try!(password.to_str(), PamResultCode::PAM_AUTH_ERR)),
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
54 None => None,
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
55 };
20
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
56 println!("Got a password {:?}", password);
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
57 let status = pam_try!(
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
58 get_url(url, &user, password),
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
59 PamResultCode::PAM_AUTH_ERR
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
60 );
20
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
61
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
62 if !status.is_success() {
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
63 println!("HTTP Error: {}", status);
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
64 return PamResultCode::PAM_AUTH_ERR;
15
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
65 }
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
66
20
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
67 PamResultCode::PAM_SUCCESS
15
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
68 }
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
69
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
70 fn sm_setcred(_pamh: &mut PamHandle, _args: Vec<&CStr>, _flags: PamFlag) -> PamResultCode {
20
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
71 println!("set credentials");
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
72 PamResultCode::PAM_SUCCESS
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
73 }
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
74
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
75 fn acct_mgmt(_pamh: &mut PamHandle, _args: Vec<&CStr>, _flags: PamFlag) -> PamResultCode {
20
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
76 println!("account management");
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
77 PamResultCode::PAM_SUCCESS
734ca62159fb Refactor exported endpoings into pam_hooks macro
Anthony Nowell <anthony@algorithmia.com>
parents: 19
diff changeset
78 }
15
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
79 }
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
80
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
81 fn get_url(url: &str, user: &str, password: Option<&str>) -> reqwest::Result<StatusCode> {
34
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
82 let client = Client::builder().timeout(Duration::from_secs(15)).build()?;
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
83 client
ec70822cbdef Overhaul
Andy Caldwell <andrew.caldwell@metaswitch.com>
parents: 22
diff changeset
84 .get(url)
15
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
85 .basic_auth(user, password)
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
86 .send()
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
87 .map(|r| r.status())
27730595f1ea Adding pam-http module
Anthony Nowell <anthony@algorithmia.com>
parents:
diff changeset
88 }