config: first step towards modular identity providers
Let the conversion to username+password be handled by the IdentityProvider module.
This commit is contained in:
parent
c47183685a
commit
526723acf5
|
@ -26,6 +26,7 @@ using namespace std;
|
|||
|
||||
#include "config.h"
|
||||
#include "EvolutionSyncSource.h"
|
||||
#include <syncevo/IdentityProvider.h>
|
||||
|
||||
#ifdef ENABLE_EBOOK
|
||||
|
||||
|
@ -250,15 +251,16 @@ void EvolutionContactSource::open()
|
|||
throwError("getting authentication methods", gerror);
|
||||
}
|
||||
while (authmethod) {
|
||||
// TODO: map identity + password to plain username/password credentials
|
||||
// map identity + password to plain username/password credentials
|
||||
Credentials cred = IdentityProviderCredentials(identity, passwd);
|
||||
const char *method = (const char *)authmethod->data;
|
||||
SE_LOG_DEBUG(getDisplayName(), "trying authentication method \"%s\", user %s, password %s",
|
||||
method,
|
||||
identity.wasSet() ? "configured" : "not configured",
|
||||
passwd.wasSet() ? "configured" : "not configured");
|
||||
if (e_book_authenticate_user(m_addressbook,
|
||||
identity.m_identity.c_str(),
|
||||
passwd.c_str(),
|
||||
cred.m_username.c_str(),
|
||||
cred.m_password.c_str(),
|
||||
method,
|
||||
gerror)) {
|
||||
SE_LOG_DEBUG(getDisplayName(), "authentication succeeded");
|
||||
|
|
|
@ -12,6 +12,7 @@
|
|||
#include <boost/scoped_ptr.hpp>
|
||||
|
||||
#include <syncevo/LogRedirect.h>
|
||||
#include <syncevo/IdentityProvider.h>
|
||||
|
||||
#include <boost/assign.hpp>
|
||||
|
||||
|
@ -196,9 +197,11 @@ void ContextSettings::lookupCredentials()
|
|||
password = m_context->getSyncPassword();
|
||||
}
|
||||
|
||||
// TODO: lookup actual authentication method instead of assuming username/password
|
||||
m_username = identity.m_identity;
|
||||
m_password = password;
|
||||
// lookup actual authentication method instead of assuming username/password
|
||||
// TODO: oauth2
|
||||
Credentials cred = IdentityProviderCredentials(identity, password);
|
||||
m_username = cred.m_username;
|
||||
m_password = cred.m_password;
|
||||
m_haveCredentials = true;
|
||||
}
|
||||
|
||||
|
|
46
src/syncevo/IdentityProvider.cpp
Normal file
46
src/syncevo/IdentityProvider.cpp
Normal file
|
@ -0,0 +1,46 @@
|
|||
/*
|
||||
* Copyright (C) 2013 Intel Corporation
|
||||
*
|
||||
* This library is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU Lesser General Public
|
||||
* License as published by the Free Software Foundation; either
|
||||
* version 2.1 of the License, or (at your option) version 3.
|
||||
*
|
||||
* This library is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
* Lesser General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Lesser General Public
|
||||
* License along with this library; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
* 02110-1301 USA
|
||||
*/
|
||||
|
||||
#include <syncevo/IdentityProvider.h>
|
||||
#include <syncevo/SyncConfig.h>
|
||||
|
||||
SE_BEGIN_CXX
|
||||
|
||||
const char USER_IDENTITY_PLAIN_TEXT[] = "user";
|
||||
const char USER_IDENTITY_SYNC_CONFIG[] = "id";
|
||||
|
||||
Credentials IdentityProviderCredentials(const UserIdentity &identity,
|
||||
const InitStateString &password)
|
||||
{
|
||||
Credentials cred;
|
||||
|
||||
if (identity.m_provider == USER_IDENTITY_PLAIN_TEXT) {
|
||||
cred.m_username = identity.m_identity;
|
||||
cred.m_password = password;
|
||||
} else {
|
||||
// We could use the gSSO password plugin to request
|
||||
// username/password. But it is uncertain whether that is useful,
|
||||
// therefore that is not implemented at the moment.
|
||||
SE_THROW(StringPrintf("%s: need username+password as credentials", identity.toString().c_str()));
|
||||
}
|
||||
|
||||
return cred;
|
||||
}
|
||||
|
||||
SE_END_CXX
|
|
@ -19,11 +19,34 @@
|
|||
#ifndef INCL_SYNC_EVOLUTION_IDENTITY_PROVIDER
|
||||
# define INCL_SYNC_EVOLUTION_IDENTITY_PROVIDER
|
||||
|
||||
#include <syncevo/util.h>
|
||||
|
||||
#include <string>
|
||||
|
||||
#include <syncevo/declarations.h>
|
||||
SE_BEGIN_CXX
|
||||
|
||||
static const char USER_IDENTITY_PLAIN_TEXT[] = "user";
|
||||
static const char USER_IDENTITY_SYNC_CONFIG[] = "id";
|
||||
extern const char USER_IDENTITY_PLAIN_TEXT[];
|
||||
extern const char USER_IDENTITY_SYNC_CONFIG[];
|
||||
|
||||
struct UserIdentity; // from SyncConfig.h
|
||||
|
||||
struct Credentials
|
||||
{
|
||||
std::string m_username;
|
||||
std::string m_password;
|
||||
};
|
||||
|
||||
/**
|
||||
* Returns username/password for an identity. The password is the
|
||||
* string configured for it inside SyncEvolution. It may be empty and/or unset if
|
||||
* the plain text password comes from the identity provider.
|
||||
*
|
||||
* If the credentials cannot be retrieved, an error is thrown, so don't use this
|
||||
* in cases where a different authentication method might also work.
|
||||
*/
|
||||
Credentials IdentityProviderCredentials(const UserIdentity &identity,
|
||||
const InitStateString &password);
|
||||
|
||||
SE_END_CXX
|
||||
#endif
|
||||
|
|
|
@ -28,6 +28,7 @@
|
|||
#include <syncevo/util.h>
|
||||
#include <syncevo/SuspendFlags.h>
|
||||
#include <syncevo/ThreadSupport.h>
|
||||
#include <syncevo/IdentityProvider.h>
|
||||
|
||||
#include <syncevo/SafeConfigNode.h>
|
||||
#include <syncevo/IniConfigNode.h>
|
||||
|
@ -2880,9 +2881,9 @@ void SyncContext::getConfigXML(string &xml, string &configname)
|
|||
substTag(xml, "maxobjsize", std::max(getMaxObjSize().get(), 1024u));
|
||||
if (m_serverMode) {
|
||||
UserIdentity id = getSyncUser();
|
||||
// TODO: resolve id
|
||||
const string user = id.m_identity;
|
||||
const string password = getSyncPassword();
|
||||
Credentials cred = IdentityProviderCredentials(id, getSyncPassword());
|
||||
const string &user = cred.m_username;
|
||||
const string &password = cred.m_password;
|
||||
|
||||
/*
|
||||
* Do not check username/pwd if this local sync or over
|
||||
|
@ -3424,9 +3425,9 @@ bool SyncContext::sendSAN(uint16_t version)
|
|||
/* Should be nonce sent by the server in the preceeding sync session */
|
||||
string nonce = "SyncEvolution";
|
||||
UserIdentity id = getSyncUser();
|
||||
std::string password = getSyncPassword();
|
||||
// TODO: resolve id
|
||||
std::string user = id.m_identity;
|
||||
Credentials cred = IdentityProviderCredentials(id, getSyncPassword());
|
||||
const std::string &user = cred.m_username;
|
||||
const std::string &password = cred.m_password;
|
||||
string uauthb64 = san.B64_H(user, password);
|
||||
/* Client is expected to conduct the sync in the backgroud */
|
||||
sysync::UI_Mode mode = sysync::UI_not_specified;
|
||||
|
@ -3708,9 +3709,9 @@ SyncMLStatus SyncContext::doSync()
|
|||
|
||||
m_engine.SetStrValue(profile, "serverURI", getUsedSyncURL());
|
||||
UserIdentity id = getSyncUser();
|
||||
std::string password = getSyncPassword();
|
||||
// TODO: resolve id
|
||||
std::string user = id.m_identity;
|
||||
Credentials cred = IdentityProviderCredentials(id, getSyncPassword());
|
||||
const std::string &user = cred.m_username;
|
||||
const std::string &password = cred.m_password;
|
||||
m_engine.SetStrValue(profile, "serverUser", user);
|
||||
m_engine.SetStrValue(profile, "serverPassword", password);
|
||||
m_engine.SetInt32Value(profile, "encoding",
|
||||
|
|
|
@ -33,6 +33,7 @@ using namespace sysync;
|
|||
|
||||
#include <syncevo/SyncContext.h>
|
||||
#include <syncevo/SyncSource.h>
|
||||
#include <syncevo/IdentityProvider.h>
|
||||
|
||||
#include <sstream>
|
||||
|
||||
|
@ -314,9 +315,9 @@ TSyError SyncEvolution_Session_Login( CContext sContext, cAppCharP sUsername, ap
|
|||
}
|
||||
TSyError res = DB_Forbidden;
|
||||
UserIdentity id = sc->getSyncUser();
|
||||
// TODO: check for plain authentication
|
||||
std::string user = id.m_identity;
|
||||
string password = sc->getSyncPassword();
|
||||
Credentials cred = IdentityProviderCredentials(id, sc->getSyncPassword());
|
||||
const std::string &user = cred.m_username;
|
||||
const std::string &password = cred.m_password;
|
||||
|
||||
if (user.empty() && password.empty()) {
|
||||
// nothing to check, accept peer
|
||||
|
|
|
@ -19,6 +19,7 @@
|
|||
|
||||
#include <syncevo/TransportAgent.h>
|
||||
#include <syncevo/SyncConfig.h>
|
||||
#include <syncevo/IdentityProvider.h>
|
||||
|
||||
#include <syncevo/declarations.h>
|
||||
SE_BEGIN_CXX
|
||||
|
@ -33,10 +34,8 @@ void HTTPTransportAgent::setConfig(SyncConfig &config)
|
|||
if (config.getUseProxy()) {
|
||||
setProxy(config.getProxyHost());
|
||||
UserIdentity identity = config.getProxyUser();
|
||||
// TODO: resolve to plain username
|
||||
std::string username = identity.m_identity;
|
||||
std::string password = config.getProxyPassword();
|
||||
setProxyAuth(username, password);
|
||||
Credentials cred = IdentityProviderCredentials(identity, config.getProxyPassword());
|
||||
setProxyAuth(cred.m_username, cred.m_password);
|
||||
}
|
||||
setUserAgent(config.getUserAgent());
|
||||
setSSL(config.findSSLServerCertificate(),
|
||||
|
|
|
@ -22,6 +22,9 @@ src_syncevo_sources = \
|
|||
src/syncevo/EDSClient.h \
|
||||
src/syncevo/EDSClient.cpp \
|
||||
\
|
||||
src/syncevo/IdentityProvider.h \
|
||||
src/syncevo/IdentityProvider.cpp \
|
||||
\
|
||||
src/syncevo/ConfigTree.h \
|
||||
src/syncevo/ConfigFilter.h \
|
||||
src/syncevo/ConfigFilter.cpp \
|
||||
|
@ -162,6 +165,7 @@ src_syncevo_libsyncevolution_include_HEADERS = \
|
|||
src/syncevo/SafeConfigNode.h \
|
||||
src/syncevo/SyncConfig.h \
|
||||
src/syncevo/SyncSource.h \
|
||||
src/syncevo/IdentityProvider.h \
|
||||
src/syncevo/util.h \
|
||||
src/syncevo/BoostHelper.h \
|
||||
src/syncevo/SuspendFlags.h \
|
||||
|
|
Loading…
Reference in a new issue