Better error reporting for auth

Fixes: #49
This commit is contained in:
Nadja Reitzenstein 2022-04-30 20:17:17 +02:00
parent c35d3bc6b1
commit cfaf4d509e

View File

@ -14,10 +14,12 @@ mod fabfire;
struct Callback {
users: Users,
span: tracing::Span,
}
impl Callback {
pub fn new(users: Users) -> Self {
Self { users }
let span = tracing::info_span!("SASL callback");
Self { users, span }
}
}
impl rsasl::callback::Callback for Callback {
@ -49,15 +51,18 @@ impl rsasl::callback::Callback for Callback {
validation: Validation,
_mechanism: &Mechname,
) -> Result<(), SessionError> {
let span = tracing::info_span!(parent: &self.span, "validate");
let _guard = span.enter();
match validation {
validations::SIMPLE => {
let authnid = session
.get_property::<AuthId>()
.ok_or(SessionError::no_property::<AuthId>())?;
let user = self
tracing::debug!(authid=%authnid, "SIMPLE validation requested");
if let Some(user) = self
.users
.get_user(authnid.as_str())
.ok_or(SessionError::AuthenticationFailure)?;
.get_user(authnid.as_str()) {
let passwd = session
.get_property::<Password>()
.ok_or(SessionError::no_property::<Password>())?;
@ -66,12 +71,20 @@ impl rsasl::callback::Callback for Callback {
.check_password(passwd.as_bytes())
.map_err(|_e| SessionError::AuthenticationFailure)?
{
Ok(())
return Ok(());
} else {
tracing::warn!(authid=%authnid, "AUTH FAILED: bad password");
}
} else {
tracing::warn!(authid=%authnid, "AUTH FAILED: no such user '{}'", authnid);
}
Err(SessionError::AuthenticationFailure)
}
}
_ => Err(SessionError::no_validate(validation)),
_ => {
tracing::error!(?validation, "Unimplemented validation requested");
Err(SessionError::no_validate(validation))
},
}
}
}