New authd API + InvalidToken error.

master
Philippe Pittoli 9 months ago
parent 776ee3ffe4
commit 7975be6bd4

@ -1,13 +1,16 @@
def authd_get_token(key_file : String? = nil, login : String? = nil, pass : String? = nil)
def authd_get_token(login : String? = nil, pass : String? = nil)
authd = AuthD::Client.new
key_file.try do |file| # FIXME: fail if missing?
authd.key = File.read(file).chomp
end
token = authd.get_token? login, pass
raise "cannot get a token" if token.nil?
response = authd.login? login, pass
case response
when Response::Login
authd.close
uid = response.uid
token = response.token
Baguette::Log.info "Authenticated as #{login} #{uid}, token: #{token}"
return token
end
authd.close
token
raise "Cannot authenticate to authd with login #{login}: #{response}."
end

@ -85,8 +85,8 @@ class DNSManager::Client < IPC
# Admin stuff.
#
def admin_maintenance(key : String, subject : Request::Maintenance::Subject, value : Int32? = nil)
request = Request::Maintenance.new(key,subject)
def admin_maintenance(subject : Request::Maintenance::Subject, value : Int32? = nil)
request = Request::Maintenance.new(subject)
if value
request.value = value
end

@ -25,12 +25,11 @@ end
class Actions
property the_call = {} of String => Proc(Nil)
property dnsmanagerd : DNSManager::Client
#property authd : AuthD::Client
property authd : AuthD::Client
#property authd_config : Baguette::Configuration::Auth
property authd_key : String? = nil
property config : Baguette::Configuration::DNSManager
def initialize(@dnsmanagerd, @config, @authd_key = nil)
def initialize(@dnsmanagerd, @config)
#
# Admin section.
#
@ -49,6 +48,8 @@ class Actions
@the_call["user-rr-del"] = ->user_rr_del
@the_call["user-domain-list"] = ->user_domain_list
@authd = AuthD::Client.new
end
def admin_maintenance
@ -66,11 +67,11 @@ class Actions
if past_is_verbosity
sub = DNSManager::Request::Maintenance::Subject::Verbosity
value = subject.to_i
@dnsmanagerd.admin_maintenance authd_key.not_nil!, sub, value
@dnsmanagerd.admin_maintenance sub, value
else
sub = DNSManager::Request::Maintenance::Subject.parse(subject)
pp! sub
pp! @dnsmanagerd.admin_maintenance authd_key.not_nil!, sub
pp! @dnsmanagerd.admin_maintenance sub
end
rescue e
puts "error for admin_maintenance #{subject}: #{e.message}"
@ -175,9 +176,6 @@ def main
# Configuration file is for dnsmanagerd.
Baguette::Configuration::Auth.get || Baguette::Configuration::Auth.new
end
if key_file = authd_config.shared_key_file
authd_config.shared_key = File.read(key_file).chomp
end
# Authd configuration.
config = if no_configuration
@ -216,8 +214,7 @@ def main
Baguette::Log.info "logged."
end
#authd = AuthD::Client.new
actions = Actions.new dnsmanagerd, config, authd_config.shared_key
actions = Actions.new dnsmanagerd, config
# Now we did read the intent, we should proceed doing what was asked.
begin
@ -228,7 +225,6 @@ def main
# dnsmanagerd disconnection
dnsmanagerd.close
#authd.close
rescue e
Baguette::Log.info "Exception: #{e}"
end

@ -14,13 +14,6 @@ end
def parsing_cli(authd_config : Baguette::Configuration::Auth)
opt_authd_admin = -> (parser : OptionParser, authd_config : Baguette::Configuration::Auth) {
parser.on "-k file", "--key-file file", "Read the authd shared key from a file." do |file|
authd_config.shared_key = File.read(file).chomp
Baguette::Log.info "Key for admin operations: #{authd_config.shared_key}."
end
}
# frequently used functions
opt_authd_login = -> (parser : OptionParser, authd_config : Baguette::Configuration::Auth) {
parser.on "-l LOGIN", "--login LOGIN", "Authd user login." do |login|
@ -96,8 +89,6 @@ def parsing_cli(authd_config : Baguette::Configuration::Auth)
# Admin section.
parser.on "admin", "Admin operations." do
parser.banner = "Admin operations (requires secret via -k)."
# All admin operations require the shared key.
opt_authd_admin.call parser, authd_config
# Maintenance.
parser.on("maintenance", "Maintenance operation of the website.") do

@ -6,16 +6,15 @@ class DNSManager::Request
Verbosity # Change the verbosity of dnsmanagerd.
end
property key : String
property subject : Subject
property value : Int32?
def initialize(@key, @subject)
def initialize(@subject)
end
def handle(dnsmanagerd : DNSManager::Service, event : IPC::Event) : IPC::JSON
# This request means serious business.
raise AdminAuthorizationException.new if key != dnsmanagerd.authd.key
# TODO: check for admin.
case @subject
when Subject::Verbosity

@ -6,15 +6,18 @@ class DNSManager::Request
end
def handle(dnsmanagerd : DNSManager::Service, event : IPC::Event)
user, _ = dnsmanagerd.decode_token token
dnsmanagerd.logged_users[event.fd] = user
return dnsmanagerd.storage.ensure_user_data user.uid
# In case we want to log their last connection.
#dnsmanagerd.auth.edit_profile_content user.uid, {
# "dnsmanager-last-connection" => JSON::Any.new Time.utc.to_s
#}
response = dnsmanagerd.decode_token token
case response
when AuthD::Response::User
dnsmanagerd.logged_users[event.fd] = response.user
# In case we want to log their last connection.
#dnsmanagerd.auth.edit_profile_content user.uid, {
# "dnsmanager-last-connection" => JSON::Any.new Time.utc.to_s
#}
dnsmanagerd.storage.ensure_user_data response.user.uid
else
Response::ErrorInvalidToken.new
end
rescue e
# FIXME: Should those be logged?
Response::Error.new "unauthorized"

@ -6,4 +6,10 @@ class DNSManager::Response
end
end
DNSManager.responses << Error
IPC::JSON.message ErrorInvalidToken, 2 do
def initialize()
end
end
DNSManager.responses << ErrorInvalidToken
end

Loading…
Cancel
Save