forked from mirrors/kore
Add request as an authentication_type.
request can be used for when you want to validate something for authentication bmanually. Youur validator will receive the http_reques passed down. A practical use of this is doing IP based ACL's.
This commit is contained in:
Joris Vink
parent
cb17c0d610
commit
becfc8d586
|
|
@ -174,6 +174,7 @@ struct kore_handler_params {
|
|||
|
||||
#define KORE_AUTH_TYPE_COOKIE 1
|
||||
#define KORE_AUTH_TYPE_HEADER 2
|
||||
#define KORE_AUTH_TYPE_REQUEST 3
|
||||
|
||||
struct kore_auth {
|
||||
u_int8_t type;
|
||||
|
|
@ -409,7 +410,7 @@ void kore_validator_reload(void);
|
|||
int kore_validator_add(char *, u_int8_t, char *);
|
||||
int kore_validator_run(struct http_request *, char *, char *);
|
||||
int kore_validator_check(struct http_request *,
|
||||
struct kore_validator *, char *);
|
||||
struct kore_validator *, void *);
|
||||
struct kore_validator *kore_validator_lookup(char *);
|
||||
|
||||
void fatal(const char *, ...);
|
||||
|
|
|
|||
|
|
@ -94,9 +94,16 @@ authentication auth_example {
|
|||
# Allow values:
|
||||
# - cookie (checks for the cookie presence + pass to validator)
|
||||
# - header (checks for header presence + pass to validator)
|
||||
# - requuest (passes the http_request to the validator)
|
||||
#
|
||||
# Use cases for request could for example be IP based ACLs or
|
||||
# any other criteria that can be extracted from a http_request.
|
||||
#
|
||||
# The request type does not need an authentication_validator.
|
||||
#
|
||||
authentication_type cookie
|
||||
|
||||
# The name of the cookie to look for.
|
||||
# The name of whatever we are looking for.
|
||||
authentication_value session_id
|
||||
|
||||
# The validator that will be called to verify the cookie.
|
||||
|
|
|
|||
10
src/auth.c
10
src/auth.c
|
|
@ -25,6 +25,7 @@ TAILQ_HEAD(, kore_auth) auth_list;
|
|||
|
||||
static int kore_auth_cookie(struct http_request *, struct kore_auth *);
|
||||
static int kore_auth_header(struct http_request *, struct kore_auth *);
|
||||
static int kore_auth_request(struct http_request *, struct kore_auth *);
|
||||
|
||||
void
|
||||
kore_auth_init(void)
|
||||
|
|
@ -66,6 +67,9 @@ kore_auth(struct http_request *req, struct kore_auth *auth)
|
|||
case KORE_AUTH_TYPE_HEADER:
|
||||
r = kore_auth_header(req, auth);
|
||||
break;
|
||||
case KORE_AUTH_TYPE_REQUEST:
|
||||
r = kore_auth_request(req, auth);
|
||||
break;
|
||||
default:
|
||||
kore_log(LOG_NOTICE, "unknown auth type %d", auth->type);
|
||||
return (KORE_RESULT_ERROR);
|
||||
|
|
@ -142,6 +146,12 @@ kore_auth_header(struct http_request *req, struct kore_auth *auth)
|
|||
return (r);
|
||||
}
|
||||
|
||||
static int
|
||||
kore_auth_request(struct http_request *req, struct kore_auth *auth)
|
||||
{
|
||||
return (kore_validator_check(req, auth->validator, req));
|
||||
}
|
||||
|
||||
struct kore_auth *
|
||||
kore_auth_lookup(char *name)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -79,7 +79,7 @@ kore_validator_run(struct http_request *req, char *name, char *data)
|
|||
|
||||
int
|
||||
kore_validator_check(struct http_request *req, struct kore_validator *val,
|
||||
char *data)
|
||||
void *data)
|
||||
{
|
||||
int r;
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue