fabaccess-bffh/bffhd/authentication/mod.rs

90 lines
2.3 KiB
Rust
Raw Normal View History

2022-03-15 17:52:47 +01:00
use crate::users::db::UserDB;
use crate::users::Users;
2022-03-13 22:50:37 +01:00
use rsasl::error::{SASLError, SessionError};
2022-03-12 01:27:58 +01:00
use rsasl::mechname::Mechname;
2022-03-15 17:52:47 +01:00
use rsasl::property::{AuthId, Password};
2022-03-13 22:50:37 +01:00
use rsasl::session::{Session, SessionData};
2022-03-15 17:52:47 +01:00
use rsasl::validate::{validations, Validation};
use rsasl::{Property, SASL};
use std::sync::Arc;
2022-03-08 18:52:49 +01:00
2022-03-10 20:52:34 +01:00
pub mod db;
2022-03-13 22:50:37 +01:00
struct Callback {
users: Users,
}
impl Callback {
pub fn new(users: Users) -> Self {
2022-03-15 17:52:47 +01:00
Self { users }
2022-03-13 22:50:37 +01:00
}
}
impl rsasl::callback::Callback for Callback {
2022-03-15 17:52:47 +01:00
fn validate(
&self,
session: &mut SessionData,
validation: Validation,
mechanism: &Mechname,
) -> Result<(), SessionError> {
match validation {
validations::SIMPLE => {
let authnid = session
.get_property::<AuthId>()
.ok_or(SessionError::no_property::<AuthId>())?;
let user = self
.users
.get_user(authnid.as_str())
.ok_or(SessionError::AuthenticationFailure)?;
let passwd = session
.get_property::<Password>()
.ok_or(SessionError::no_property::<Password>())?;
if user
.check_password(passwd.as_bytes())
.map_err(|e| SessionError::AuthenticationFailure)?
{
Ok(())
} else {
Err(SessionError::AuthenticationFailure)
}
}
_ => Err(SessionError::no_validate(validation)),
}
2022-03-13 22:50:37 +01:00
}
}
2022-03-12 01:27:58 +01:00
struct Inner {
rsasl: SASL,
}
impl Inner {
pub fn new(rsasl: SASL) -> Self {
Self { rsasl }
}
}
2022-03-10 20:52:34 +01:00
2022-03-12 01:27:58 +01:00
#[derive(Clone)]
2022-03-12 17:31:53 +01:00
pub struct AuthenticationHandle {
2022-03-12 01:27:58 +01:00
inner: Arc<Inner>,
2022-03-10 20:52:34 +01:00
}
2022-03-12 17:31:53 +01:00
impl AuthenticationHandle {
2022-03-13 22:50:37 +01:00
pub fn new(userdb: Users) -> Self {
let mut rsasl = SASL::new();
rsasl.install_callback(Arc::new(Callback::new(userdb)));
2022-03-15 17:52:47 +01:00
Self {
inner: Arc::new(Inner::new(rsasl)),
}
2022-03-12 01:27:58 +01:00
}
2022-03-10 20:52:34 +01:00
2022-03-12 17:31:53 +01:00
pub fn start(&self, mechanism: &Mechname) -> anyhow::Result<Session> {
Ok(self.inner.rsasl.server_start(mechanism)?)
}
2022-03-15 17:52:47 +01:00
pub fn list_available_mechs(&self) -> impl IntoIterator<Item = &Mechname> {
self.inner
.rsasl
.server_mech_list()
.into_iter()
.map(|m| m.mechanism)
2022-03-12 01:27:58 +01:00
}
2022-03-15 17:52:47 +01:00
}