-
Notifications
You must be signed in to change notification settings - Fork 37
Expand file tree
/
Copy pathmethods.go
More file actions
101 lines (90 loc) · 4.79 KB
/
methods.go
File metadata and controls
101 lines (90 loc) · 4.79 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
package dbusservice
import (
"context"
"errors"
"github.com/canonical/authd/authd-oidc-brokers/internal/broker"
"github.com/canonical/authd/log"
"github.com/godbus/dbus/v5"
)
// NewSession is the method through which the broker and the daemon will communicate once dbusInterface.NewSession is called.
func (s *Interface) NewSession(username, lang, mode string) (sessionID, encryptionKey string, dbusErr *dbus.Error) {
log.Debugf(context.Background(), "Creating new session (username=%s, lang=%s, mode=%s)", username, lang, mode)
sessionID, encryptionKey, err := s.broker.NewSession(username, lang, mode)
if err != nil {
return "", "", dbus.MakeFailedError(err)
}
log.Debugf(context.Background(), "Created new session %s", sessionID)
return sessionID, encryptionKey, nil
}
// GetAuthenticationModes is the method through which the broker and the daemon will communicate once dbusInterface.GetAuthenticationModes is called.
func (s *Interface) GetAuthenticationModes(sessionID string, supportedUILayouts []map[string]string) (authenticationModes []map[string]string, dbusErr *dbus.Error) {
log.Debugf(context.Background(), "Getting authentication modes for session %s", sessionID)
authenticationModes, err := s.broker.GetAuthenticationModes(sessionID, supportedUILayouts)
if err != nil {
return nil, dbus.MakeFailedError(err)
}
log.Debugf(context.Background(), "Got authentication modes for session %s: %v", sessionID, authenticationModes)
return authenticationModes, nil
}
// SelectAuthenticationMode is the method through which the broker and the daemon will communicate once dbusInterface.SelectAuthenticationMode is called.
func (s *Interface) SelectAuthenticationMode(sessionID, authenticationModeName string) (uiLayoutInfo map[string]string, dbusErr *dbus.Error) {
log.Debugf(context.Background(), "Selecting authentication mode %s for session %s", authenticationModeName, sessionID)
uiLayoutInfo, err := s.broker.SelectAuthenticationMode(sessionID, authenticationModeName)
if err != nil {
return nil, dbus.MakeFailedError(err)
}
log.Debugf(context.Background(), "Selected authentication mode %s for session %s: %v", authenticationModeName, sessionID, uiLayoutInfo)
return uiLayoutInfo, nil
}
// IsAuthenticated is the method through which the broker and the daemon will communicate once dbusInterface.IsAuthenticated is called.
func (s *Interface) IsAuthenticated(sessionID, authenticationData string) (access, data string, dbusErr *dbus.Error) {
// Do *not* log authenticationData here, because it may contain the user's password in cleartext.
log.Debugf(context.Background(), "Handling IsAuthenticated call for session %s", sessionID)
access, data, err := s.broker.IsAuthenticated(sessionID, authenticationData)
if errors.Is(err, context.Canceled) {
return access, data, makeCanceledError()
}
if err != nil {
log.Warningf(context.Background(), "IsAuthenticated error: %v", err)
return broker.AuthDenied, "", dbus.MakeFailedError(err)
}
log.Debugf(context.Background(), "IsAuthenticated result (session %s): %s, %s", sessionID, access, data)
return access, data, nil
}
// EndSession is the method through which the broker and the daemon will communicate once dbusInterface.EndSession is called.
func (s *Interface) EndSession(sessionID string) (dbusErr *dbus.Error) {
log.Debugf(context.Background(), "Ending session %s", sessionID)
err := s.broker.EndSession(sessionID)
if err != nil {
return dbus.MakeFailedError(err)
}
return nil
}
// CancelIsAuthenticated is the method through which the broker and the daemon will communicate once dbusInterface.CancelIsAuthenticated is called.
func (s *Interface) CancelIsAuthenticated(sessionID string) (dbusErr *dbus.Error) {
log.Debugf(context.Background(), "Cancelling IsAuthenticated call for session %s", sessionID)
s.broker.CancelIsAuthenticated(sessionID)
return nil
}
// UserPreCheck is the method through which the broker and the daemon will communicate once dbusInterface.UserPreCheck is called.
func (s *Interface) UserPreCheck(username string) (userinfo string, dbusErr *dbus.Error) {
log.Debugf(context.Background(), "UserPreCheck: %s", username)
userinfo, err := s.broker.UserPreCheck(username)
if err != nil {
return "", dbus.MakeFailedError(err)
}
log.Debugf(context.Background(), "UserPreCheck result: %s", userinfo)
return userinfo, nil
}
// DeleteUser is the method through which the broker and the daemon will communicate once dbusInterface.DeleteUser is called.
func (s *Interface) DeleteUser(username string) (dbusErr *dbus.Error) {
log.Debugf(context.Background(), "DeleteUser: %s", username)
if err := s.broker.DeleteUser(username); err != nil {
return dbus.MakeFailedError(err)
}
return nil
}
// makeCanceledError creates a dbus.Error for a canceled operation.
func makeCanceledError() *dbus.Error {
return &dbus.Error{Name: "com.ubuntu.authd.Canceled"}
}