fabaccess-bffh/bffhd/capnp/authenticationsystem.rs

103 lines
3.3 KiB
Rust
Raw Normal View History

2022-03-08 16:41:38 +01:00
use capnp::capability::Promise;
use capnp::Error;
use capnp_rpc::pry;
2022-03-12 17:31:53 +01:00
use rsasl::property::AuthId;
2022-03-15 20:00:43 +01:00
use rsasl::session::{Session, Step};
2022-03-12 17:31:53 +01:00
use std::io::Cursor;
2022-03-08 16:41:38 +01:00
2022-03-12 17:31:53 +01:00
use crate::capnp::session::APISession;
use crate::session::SessionManager;
2022-03-12 02:00:55 +01:00
use api::authenticationsystem_capnp::authentication::{
2022-03-12 17:31:53 +01:00
AbortParams, AbortResults, Server as AuthenticationSystem, StepParams, StepResults,
2022-03-08 16:41:38 +01:00
};
2022-03-12 17:31:53 +01:00
use api::authenticationsystem_capnp::{response, response::Error as ErrorCode};
2022-03-08 16:41:38 +01:00
pub struct Authentication {
state: State,
}
2022-03-12 17:31:53 +01:00
impl Authentication {
pub fn new(session: Session, sessionmanager: SessionManager) -> Self {
Self {
state: State::Running(session, sessionmanager),
}
}
pub fn invalid_mechanism() -> Self {
Self {
state: State::InvalidMechanism,
}
}
fn build_error(&self, response: response::Builder) {
if let State::Running(_, _) = self.state {
return;
}
let mut builder = response.init_failed();
match self.state {
State::InvalidMechanism => builder.set_code(ErrorCode::BadMechanism),
State::Finished => builder.set_code(ErrorCode::Aborted),
State::Aborted => builder.set_code(ErrorCode::Aborted),
_ => unreachable!(),
}
}
}
2022-03-08 16:41:38 +01:00
enum State {
InvalidMechanism,
Finished,
Aborted,
2022-03-12 17:31:53 +01:00
Running(Session, SessionManager),
2022-03-08 16:41:38 +01:00
}
impl AuthenticationSystem for Authentication {
2022-03-08 16:41:38 +01:00
fn step(&mut self, params: StepParams, mut results: StepResults) -> Promise<(), Error> {
2022-03-15 19:56:41 +01:00
let span = tracing::trace_span!("step");
let _guard = span.enter();
2022-03-12 17:31:53 +01:00
let mut builder = results.get();
if let State::Running(mut session, manager) =
std::mem::replace(&mut self.state, State::Aborted)
{
let data: &[u8] = pry!(pry!(params.get()).get_data());
let mut out = Cursor::new(Vec::new());
match session.step(Some(data), &mut out) {
Ok(Step::Done(data)) => {
self.state = State::Finished;
let uid = pry!(session.get_property::<AuthId>().ok_or(capnp::Error::failed(
"Authentication didn't provide an authid as required".to_string()
)));
let session = pry!(manager.open(uid.as_ref()).ok_or(capnp::Error::failed(
"Failed to lookup the given user".to_string()
)));
let mut builder = builder.init_successful();
if data.is_some() {
builder.set_additional_data(out.into_inner().as_slice());
}
APISession::build(session, builder)
}
Ok(Step::NeedsMore(_)) => {
self.state = State::Running(session, manager);
builder.set_challenge(out.into_inner().as_slice());
}
Err(_) => {
self.state = State::Aborted;
self.build_error(builder);
}
}
} else {
self.build_error(builder);
}
Promise::ok(())
2022-03-08 16:41:38 +01:00
}
fn abort(&mut self, _: AbortParams, _: AbortResults) -> Promise<(), Error> {
2022-03-12 01:27:58 +01:00
self.state = State::Aborted;
2022-03-08 16:41:38 +01:00
Promise::ok(())
}
2022-03-12 17:31:53 +01:00
}