Going full CBOR.

This commit is contained in:
Karchnu 2020-11-26 03:15:50 +01:00
parent dbcfa4880b
commit 93f9e977b8
26 changed files with 119 additions and 96 deletions

View File

@ -33,6 +33,6 @@ dependencies:
branch: master
dodb:
git: https://git.baguette.netlib.re/Baguette/dodb.cr
branch: master
branch: cbor
license: EUPL

View File

@ -1,4 +1,4 @@
require "json"
require "cbor"
require "jwt"
require "ipc"

View File

@ -1,3 +1,4 @@
require "ipc/cbor"
module AuthD
class Client < IPC::Client
@ -10,9 +11,9 @@ module AuthD
end
def get_token?(login : String, password : String) : String?
send Request::GetToken.new login, password
send_now Request::GetToken.new login, password
response = Response.from_ipc read
response = AuthD.responses.parse_ipc_cbor read
if response.is_a?(Response::Token)
response.token
@ -22,9 +23,9 @@ module AuthD
end
def get_user?(login : String, password : String) : AuthD::User::Public?
send Request::GetUserByCredentials.new login, password
send_now Request::GetUserByCredentials.new login, password
response = Response.from_ipc read
response = AuthD.responses.parse_ipc_cbor read
if response.is_a? Response::User
response.user
@ -34,9 +35,9 @@ module AuthD
end
def get_user?(uid_or_login : Int32 | String) : ::AuthD::User::Public?
send Request::GetUser.new uid_or_login
send_now Request::GetUser.new uid_or_login
response = Response.from_ipc read
response = AuthD.responses.parse_ipc_cbor read
if response.is_a? Response::User
response.user
@ -45,14 +46,14 @@ module AuthD
end
end
def send(type : Request::Type, payload)
def send_now(type : Request::Type, payload)
send_now @server_fd, type.value.to_u8, payload
end
def decode_token(token)
user, meta = JWT.decode token, @key, JWT::Algorithm::HS256
user = ::AuthD::User::Public.from_json user.to_json
user = ::AuthD::User::Public.from_cbor user.to_cbor
{user, meta}
end
@ -61,11 +62,11 @@ module AuthD
def add_user(login : String, password : String,
email : String?,
phone : String?,
profile : Hash(String, JSON::Any)?) : ::AuthD::User::Public | Exception
profile : Hash(String, CBOR::Any)?) : ::AuthD::User::Public | Exception
send Request::AddUser.new @key, login, password, email, phone, profile
send_now Request::AddUser.new @key, login, password, email, phone, profile
response = Response.from_ipc read
response = AuthD.responses.parse_ipc_cbor read
case response
when Response::UserAdded
@ -80,9 +81,9 @@ module AuthD
end
def validate_user(login : String, activation_key : String) : ::AuthD::User::Public | Exception
send Request::ValidateUser.new login, activation_key
send_now Request::ValidateUser.new login, activation_key
response = Response.from_ipc read
response = AuthD.responses.parse_ipc_cbor read
case response
when Response::UserValidated
@ -97,8 +98,8 @@ module AuthD
end
def ask_password_recovery(uid_or_login : String | Int32, email : String)
send Request::AskPasswordRecovery.new uid_or_login, email
response = Response.from_ipc read
send_now Request::AskPasswordRecovery.new uid_or_login, email
response = AuthD.responses.parse_ipc_cbor read
case response
when Response::PasswordRecoverySent
@ -110,8 +111,8 @@ module AuthD
end
def change_password(uid_or_login : String | Int32, new_pass : String, renew_key : String)
send Request::PasswordRecovery.new uid_or_login, renew_key, new_pass
response = Response.from_ipc read
send_now Request::PasswordRecovery.new uid_or_login, renew_key, new_pass
response = AuthD.responses.parse_ipc_cbor read
case response
when Response::PasswordRecovered
@ -126,10 +127,10 @@ module AuthD
password : String,
email : String?,
phone : String?,
profile : Hash(String, JSON::Any)?) : ::AuthD::User::Public?
profile : Hash(String, CBOR::Any)?) : ::AuthD::User::Public?
send Request::Register.new login, password, email, phone, profile
response = Response.from_ipc read
send_now Request::Register.new login, password, email, phone, profile
response = AuthD.responses.parse_ipc_cbor read
case response
when Response::UserAdded
@ -146,9 +147,9 @@ module AuthD
request.phone = phone if phone
request.avatar = avatar if avatar
send request
send_now request
response = Response.from_ipc read
response = AuthD.responses.parse_ipc_cbor read
case response
when Response::UserEdited
@ -163,9 +164,9 @@ module AuthD
def check_permission(user : Int32, service_name : String, resource_name : String) : User::PermissionLevel
request = Request::CheckPermission.new @key, user, service_name, resource_name
send request
send_now request
response = Response.from_ipc read
response = AuthD.responses.parse_ipc_cbor read
case response
when Response::PermissionCheck
@ -180,9 +181,9 @@ module AuthD
def set_permission(uid : Int32, service : String, resource : String, permission : User::PermissionLevel)
request = Request::SetPermission.new @key, uid, service, resource, permission
send request
send_now request
response = Response.from_ipc read
response = AuthD.responses.parse_ipc_cbor read
case response
when Response::PermissionSet
@ -195,8 +196,8 @@ module AuthD
end
def search_user(user_login : String)
send Request::SearchUser.new user_login
response = Response.from_ipc read
send_now Request::SearchUser.new user_login
response = AuthD.responses.parse_ipc_cbor read
case response
when Response::MatchingUsers
@ -209,8 +210,8 @@ module AuthD
end
def edit_profile_content(user : Int32 | String, new_values)
send Request::EditProfileContent.new key, user, new_values
response = Response.from_ipc read
send_now Request::EditProfileContent.new key, user, new_values
response = AuthD.responses.parse_ipc_cbor read
case response
when Response::User
@ -223,15 +224,15 @@ module AuthD
end
def delete(user : Int32 | String, key : String)
send Request::Delete.new user, key
send_now Request::Delete.new user, key
delete_
end
def delete(user : Int32 | String, login : String, pass : String)
send Request::Delete.new user, login, pass
send_now Request::Delete.new user, login, pass
delete_
end
def delete_
response = Response.from_ipc read
response = AuthD.responses.parse_ipc_cbor read
case response
when Response::Error
raise Exception.new response.reason

View File

@ -78,7 +78,7 @@ class AuthD::Service < IPC::Server
def handle_request(event : IPC::Event::MessageReceived)
request_start = Time.utc
request = AuthD.requests.parse_ipc_json event.message
request = AuthD.requests.parse_ipc_cbor event.message
if request.nil?
raise "unknown request type"

View File

@ -1,28 +1,28 @@
require "ipc"
require "json"
require "ipc/json"
require "cbor"
require "ipc/cbor"
class IPC::JSON
class IPC::CBOR
def handle(service : AuthD::Service, event : IPC::Event::Events)
raise "unimplemented"
end
end
module AuthD
class_getter requests = [] of IPC::JSON.class
class_getter responses = [] of IPC::JSON.class
class_getter requests = [] of IPC::CBOR.class
class_getter responses = [] of IPC::CBOR.class
end
class IPC::Context
def send(fd, response : AuthD::Response)
send fd, response.type.to_u8, response.to_json
send fd, response.type.to_u8, response.to_cbor
end
end
class IPC::Client
def send(request : AuthD::Request)
unless (fd = @server_fd).nil?
send_now fd, request.type.to_u8, request.to_json
send_now fd, request.type.to_u8, request.to_cbor
else
raise "Client not connected to the server"
end

View File

@ -1,5 +1,5 @@
class AuthD::Request
IPC::JSON.message AddUser, 1 do
IPC::CBOR.message AddUser, 1 do
# Only clients that have the right shared key will be allowed
# to create users.
property shared_key : String
@ -8,7 +8,7 @@ class AuthD::Request
property password : String
property email : String? = nil
property phone : String? = nil
property profile : Hash(String, JSON::Any)? = nil
property profile : Hash(String, CBOR::Any)? = nil
def initialize(@shared_key, @login, @password, @email, @phone, @profile)
end
@ -51,7 +51,7 @@ class AuthD::Request
AuthD.requests << AddUser
IPC::JSON.message ModUser, 5 do
IPC::CBOR.message ModUser, 5 do
property shared_key : String
property user : Int32 | String

View File

@ -1,5 +1,5 @@
class AuthD::Request
IPC::JSON.message EditContacts, 16 do
IPC::CBOR.message EditContacts, 16 do
property token : String
property email : String? = nil
@ -26,7 +26,7 @@ class AuthD::Request
end
AuthD.requests << EditContacts
IPC::JSON.message GetContacts, 18 do
IPC::CBOR.message GetContacts, 18 do
property token : String
def initialize(@token)

View File

@ -1,5 +1,5 @@
class AuthD::Request
IPC::JSON.message Delete, 17 do
IPC::CBOR.message Delete, 17 do
# Deletion can be triggered by either an admin or the user.
property shared_key : String? = nil

View File

@ -1,5 +1,5 @@
class AuthD::Request
IPC::JSON.message ListUsers, 8 do
IPC::CBOR.message ListUsers, 8 do
property token : String? = nil
property key : String? = nil

View File

@ -1,5 +1,5 @@
class AuthD::Request
IPC::JSON.message UpdatePassword, 7 do
IPC::CBOR.message UpdatePassword, 7 do
property login : String
property old_password : String
property new_password : String
@ -27,7 +27,7 @@ class AuthD::Request
end
AuthD.requests << UpdatePassword
IPC::JSON.message PasswordRecovery, 11 do
IPC::CBOR.message PasswordRecovery, 11 do
property user : Int32 | String
property password_renew_key : String
property new_password : String
@ -62,7 +62,7 @@ class AuthD::Request
end
AuthD.requests << PasswordRecovery
IPC::JSON.message AskPasswordRecovery, 12 do
IPC::CBOR.message AskPasswordRecovery, 12 do
property user : Int32 | String
property email : String

View File

@ -1,5 +1,5 @@
class AuthD::Request
IPC::JSON.message CheckPermission, 9 do
IPC::CBOR.message CheckPermission, 9 do
property shared_key : String? = nil
property token : String? = nil
@ -41,8 +41,10 @@ class AuthD::Request
user = case u = @user
when .is_a? Int32
puts "searching for the user (Int32): #{u}"
authd.users_per_uid.get? u.to_s
else
puts "searching for the user (string): #{u}"
authd.users_per_login.get? u
end
@ -68,7 +70,7 @@ class AuthD::Request
end
AuthD.requests << CheckPermission
IPC::JSON.message SetPermission, 10 do
IPC::CBOR.message SetPermission, 10 do
property shared_key : String
property user : Int32 | String

View File

@ -1,7 +1,7 @@
class AuthD::Request
IPC::JSON.message EditProfile, 14 do
IPC::CBOR.message EditProfile, 14 do
property token : String
property new_profile : Hash(String, JSON::Any)
property new_profile : Hash(String, CBOR::Any)
def initialize(@token, @new_profile)
end
@ -13,7 +13,7 @@ class AuthD::Request
new_profile = @new_profile
profile = user.profile || Hash(String, JSON::Any).new
profile = user.profile || Hash(String, CBOR::Any).new
authd.configuration.read_only_profile_keys.each do |key|
if new_profile[key]? != profile[key]?
@ -32,13 +32,13 @@ class AuthD::Request
# Same as above, but doesnt reset the whole profile, only resets elements
# for which keys are present in `new_profile`.
IPC::JSON.message EditProfileContent, 15 do
IPC::CBOR.message EditProfileContent, 15 do
property token : String? = nil
property shared_key : String? = nil
property user : Int32 | String | Nil
property new_profile : Hash(String, JSON::Any)
property new_profile : Hash(String, CBOR::Any)
def initialize(@shared_key, @user, @new_profile)
end
@ -68,7 +68,7 @@ class AuthD::Request
raise AuthenticationInfoLacking.new
end
new_profile = user.profile || Hash(String, JSON::Any).new
new_profile = user.profile || Hash(String, CBOR::Any).new
unless @shared_key
authd.configuration.read_only_profile_keys.each do |key|

View File

@ -1,10 +1,10 @@
class AuthD::Request
IPC::JSON.message Register, 6 do
IPC::CBOR.message Register, 6 do
property login : String
property password : String
property email : String? = nil
property phone : String? = nil
property profile : Hash(String, JSON::Any)? = nil
property profile : Hash(String, CBOR::Any)? = nil
def initialize(@login, @password, @email, @phone, @profile)
end

View File

@ -1,5 +1,5 @@
class AuthD::Request
IPC::JSON.message SearchUser, 13 do
IPC::CBOR.message SearchUser, 13 do
property user : String
def initialize(@user)

View File

@ -1,5 +1,5 @@
class AuthD::Request
IPC::JSON.message GetToken, 0 do
IPC::CBOR.message GetToken, 0 do
property login : String
property password : String

View File

@ -1,5 +1,5 @@
class AuthD::Request
IPC::JSON.message ValidateUser, 2 do
IPC::CBOR.message ValidateUser, 2 do
property login : String
property activation_key : String
@ -31,7 +31,7 @@ class AuthD::Request
end
AuthD.requests << ValidateUser
IPC::JSON.message GetUser, 3 do
IPC::CBOR.message GetUser, 3 do
property user : Int32 | String
def initialize(@user)
@ -54,7 +54,7 @@ class AuthD::Request
end
AuthD.requests << GetUser
IPC::JSON.message GetUserByCredentials, 4 do
IPC::CBOR.message GetUserByCredentials, 4 do
property login : String
property password : String

View File

@ -1,9 +1,10 @@
class AuthD::Response
IPC::JSON.message Contacts, 12 do
IPC::CBOR.message Contacts, 12 do
property user : Int32
property email : String? = nil
property phone : String? = nil
def initialize(@user, @email, @phone)
end
end
AuthD.responses << Contacts
end

View File

@ -1,7 +1,8 @@
class AuthD::Response
IPC::JSON.message Error, 0 do
IPC::CBOR.message Error, 0 do
property reason : String? = nil
def initialize(@reason)
end
end
AuthD.responses << Error
end

View File

@ -1,13 +1,15 @@
class AuthD::Response
IPC::JSON.message PasswordRecoverySent, 9 do
IPC::CBOR.message PasswordRecoverySent, 9 do
property user : ::AuthD::User::Public
def initialize(@user)
end
end
AuthD.responses << PasswordRecoverySent
IPC::JSON.message PasswordRecovered, 10 do
IPC::CBOR.message PasswordRecovered, 10 do
property user : ::AuthD::User::Public
def initialize(@user)
end
end
AuthD.responses << PasswordRecovered
end

View File

@ -1,5 +1,5 @@
class AuthD::Response
IPC::JSON.message PermissionCheck, 7 do
IPC::CBOR.message PermissionCheck, 7 do
property user : Int32
property service : String
property resource : String
@ -7,8 +7,9 @@ class AuthD::Response
def initialize(@service, @resource, @user, @permission)
end
end
AuthD.responses << PermissionCheck
IPC::JSON.message PermissionSet, 8 do
IPC::CBOR.message PermissionSet, 8 do
property user : Int32
property service : String
property resource : String
@ -16,4 +17,5 @@ class AuthD::Response
def initialize(@user, @service, @resource, @permission)
end
end
AuthD.responses << PermissionSet
end

View File

@ -1,8 +1,9 @@
class AuthD::Response
IPC::JSON.message Token, 1 do
IPC::CBOR.message Token, 1 do
property uid : Int32
property token : String
def initialize(@token, @uid)
end
end
AuthD.responses << Token
end

View File

@ -1,37 +1,43 @@
class AuthD::Response
IPC::JSON.message User, 2 do
IPC::CBOR.message User, 2 do
property user : ::AuthD::User::Public
def initialize(@user)
end
end
AuthD.responses << User
IPC::JSON.message UserAdded, 3 do
IPC::CBOR.message UserAdded, 3 do
property user : ::AuthD::User::Public
def initialize(@user)
end
end
AuthD.responses << UserAdded
IPC::JSON.message UserEdited, 4 do
IPC::CBOR.message UserEdited, 4 do
property uid : Int32
def initialize(@uid)
end
end
AuthD.responses << UserEdited
IPC::JSON.message UserValidated, 5 do
IPC::CBOR.message UserValidated, 5 do
property user : ::AuthD::User::Public
def initialize(@user)
end
end
AuthD.responses << UserValidated
IPC::JSON.message UsersList, 6 do
IPC::CBOR.message UsersList, 6 do
property users : Array(::AuthD::User::Public)
def initialize(@users)
end
end
AuthD.responses << UsersList
IPC::JSON.message MatchingUsers, 11 do
IPC::CBOR.message MatchingUsers, 11 do
property users : Array(::AuthD::User::Public)
def initialize(@users)
end
end
AuthD.responses << MatchingUsers
end

View File

@ -1,7 +1,7 @@
require "json"
require "cbor"
class AuthD::Token
include JSON::Serializable
include CBOR::Serializable
property login : String
property uid : Int32

View File

@ -1,11 +1,11 @@
require "json"
require "cbor"
require "uuid"
require "./token.cr"
class AuthD::User
include JSON::Serializable
include CBOR::Serializable
enum PermissionLevel
None
@ -13,13 +13,13 @@ class AuthD::User
Edit
Admin
def to_json(o)
to_s.downcase.to_json o
def to_cbor(o)
to_s.downcase.to_cbor o
end
end
class Contact
include JSON::Serializable
include CBOR::Serializable
# the activation key is removed once the user is validated
property activation_key : String?
@ -34,7 +34,7 @@ class AuthD::User
# Public.
property login : String
property uid : Int32
property profile : Hash(String, JSON::Any)?
property profile : Hash(String, CBOR::Any)?
# Private.
property contact : Contact
@ -42,7 +42,7 @@ class AuthD::User
property password_renew_key : String?
# service => resource => permission level
property permissions : Hash(String, Hash(String, PermissionLevel))
property configuration : Hash(String, Hash(String, JSON::Any))
property configuration : Hash(String, Hash(String, CBOR::Any))
property date_last_connection : Time? = nil
property date_registration : Time? = nil
@ -53,15 +53,15 @@ class AuthD::User
def initialize(@uid, @login, @password_hash)
@contact = Contact.new
@permissions = Hash(String, Hash(String, PermissionLevel)).new
@configuration = Hash(String, Hash(String, JSON::Any)).new
@configuration = Hash(String, Hash(String, CBOR::Any)).new
end
class Public
include JSON::Serializable
include CBOR::Serializable
property login : String
property uid : Int32
property profile : Hash(String, JSON::Any)?
property profile : Hash(String, CBOR::Any)?
property date_registration : Time?

View File

@ -1,6 +1,7 @@
require "option_parser"
require "ipc"
require "cbor"
require "yaml"
require "baguette-crystal-base"
@ -27,7 +28,7 @@ class Context
class_property command = "not-implemented"
class_property user_profile : Hash(String,JSON::Any)?
class_property user_profile : Hash(String,CBOR::Any)?
class_property phone : String?
class_property email : String?
@ -215,7 +216,7 @@ def main
begin
actions.the_call[Context.command].call
rescue e
Baguette::Log.info "The command is not recognized (or implemented)."
Baguette::Log.info "#{e}"
end
# authd disconnection

View File

@ -28,7 +28,13 @@ opt_help = -> (parser : OptionParser) {
opt_profile = -> (parser : OptionParser) {
parser.on "-P file", "--profile file", "Read the user profile from a file." do |file|
Context.user_profile = JSON.parse(File.read file).as_h
profile = JSON.parse(File.read file).as_h
user_profile = {} of String => CBOR::Any
profile.each do |k,v|
user_profile[k] = CBOR::Any.new v
end
Context.user_profile = user_profile
Baguette::Log.info "Reading the user profile: #{Context.user_profile}."
end
}