Mercurial > crates > nonstick
diff pam-http/src/lib.rs @ 34:ec70822cbdef
Overhaul
| author | Andy Caldwell <andrew.caldwell@metaswitch.com> |
|---|---|
| date | Sun, 24 Apr 2022 03:42:11 +0100 |
| parents | 4263c1d83d5b |
| children |
line wrap: on
line diff
--- a/pam-http/src/lib.rs Thu Jul 11 19:13:19 2019 -0700 +++ b/pam-http/src/lib.rs Sun Apr 24 03:42:11 2022 +0100 @@ -1,46 +1,35 @@ -#[macro_use] extern crate pam; +extern crate pam; extern crate reqwest; +use pam::constants::{PamFlag, PamResultCode, PAM_PROMPT_ECHO_OFF}; +use pam::conv::Conv; use pam::module::{PamHandle, PamHooks}; -use pam::constants::{PamResultCode, PamFlag, PAM_PROMPT_ECHO_OFF}; -use pam::conv::PamConv; +use reqwest::blocking::Client; +use reqwest::StatusCode; use std::collections::HashMap; -use std::time::Duration; -use reqwest::{Client, StatusCode}; use std::ffi::CStr; - - -macro_rules! pam_try { - ($e:expr) => ( - match $e { - Ok(v) => v, - Err(e) => return e, - } - ); - ($e:expr, $err:expr) => ( - match $e { - Ok(v) => v, - Err(e) => { - println!("Error: {}", e); - return $err; - } - } - ); -} +use std::time::Duration; +use pam::pam_try; struct PamHttp; -pam_hooks!(PamHttp); +pam::pam_hooks!(PamHttp); impl PamHooks for PamHttp { // This function performs the task of authenticating the user. - fn sm_authenticate(pamh: &PamHandle, args: Vec<&CStr>, _flags: PamFlag) -> PamResultCode { + fn sm_authenticate(pamh: &mut PamHandle, args: Vec<&CStr>, _flags: PamFlag) -> PamResultCode { println!("Let's auth over HTTP"); - let args: Vec<_> = args.iter().map(|s| s.to_string_lossy().to_owned() ).collect(); - let args: HashMap<&str, &str> = args.iter().map(|s| { - let mut parts = s.splitn(2, "="); - (parts.next().unwrap(), parts.next().unwrap_or("")) - }).collect(); + let args: Vec<_> = args + .iter() + .map(|s| s.to_string_lossy()) + .collect(); + let args: HashMap<&str, &str> = args + .iter() + .map(|s| { + let mut parts = s.splitn(2, '='); + (parts.next().unwrap(), parts.next().unwrap_or("")) + }) + .collect(); let user = pam_try!(pamh.get_user(None)); @@ -48,18 +37,27 @@ Some(url) => url, None => return PamResultCode::PAM_AUTH_ERR, }; - // let ca_file = args.get("ca_file"); - let conv = match pamh.get_item::<PamConv>() { - Ok(conv) => conv, + let conv = match pamh.get_item::<Conv>() { + Ok(Some(conv)) => conv, + Ok(None) => { + unreachable!("No conv available"); + } Err(err) => { println!("Couldn't get pam_conv"); return err; } }; let password = pam_try!(conv.send(PAM_PROMPT_ECHO_OFF, "Word, yo: ")); + let password = match password { + Some(password) => Some(pam_try!(password.to_str(), PamResultCode::PAM_AUTH_ERR)), + None => None, + }; println!("Got a password {:?}", password); - let status = pam_try!(get_url(url, &user, password.as_ref().map(|p|&**p)), PamResultCode::PAM_AUTH_ERR); + let status = pam_try!( + get_url(url, &user, password), + PamResultCode::PAM_AUTH_ERR + ); if !status.is_success() { println!("HTTP Error: {}", status); @@ -69,24 +67,22 @@ PamResultCode::PAM_SUCCESS } - fn sm_setcred(_pamh: &PamHandle, _args: Vec<&CStr>, _flags: PamFlag) -> PamResultCode { + fn sm_setcred(_pamh: &mut PamHandle, _args: Vec<&CStr>, _flags: PamFlag) -> PamResultCode { println!("set credentials"); PamResultCode::PAM_SUCCESS } - fn acct_mgmt(_pamh: &PamHandle, _args: Vec<&CStr>, _flags: PamFlag) -> PamResultCode { + fn acct_mgmt(_pamh: &mut PamHandle, _args: Vec<&CStr>, _flags: PamFlag) -> PamResultCode { println!("account management"); PamResultCode::PAM_SUCCESS } } - fn get_url(url: &str, user: &str, password: Option<&str>) -> reqwest::Result<StatusCode> { - let client = Client::builder()?.timeout(Duration::from_secs(15)).build()?; - client.get(url)? + let client = Client::builder().timeout(Duration::from_secs(15)).build()?; + client + .get(url) .basic_auth(user, password) .send() .map(|r| r.status()) } - -