config: first step towards modular identity providers

Let the conversion to username+password be handled by the IdentityProvider module.
2013-07-29 16:51:26 +02:00 · 2013-07-29 16:51:26 +02:00 · 526723acf5
parent c47183685a
commit 526723acf5
8 changed files with 103 additions and 24 deletions
--- a/src/backends/evolution/EvolutionContactSource.cpp
+++ b/src/backends/evolution/EvolutionContactSource.cpp
@ -26,6 +26,7 @@ using namespace std;

 #include "config.h"
 #include "EvolutionSyncSource.h"
+#include <syncevo/IdentityProvider.h>

 #ifdef ENABLE_EBOOK

@ -250,15 +251,16 @@ void EvolutionContactSource::open()
            throwError("getting authentication methods", gerror);
        }
        while (authmethod) {
-            // TODO: map identity + password to plain username/password credentials
+            // map identity + password to plain username/password credentials
+            Credentials cred = IdentityProviderCredentials(identity, passwd);
            const char *method = (const char *)authmethod->data;
            SE_LOG_DEBUG(getDisplayName(), "trying authentication method \"%s\", user %s, password %s",
                         method,
                         identity.wasSet() ? "configured" : "not configured",
                         passwd.wasSet() ? "configured" : "not configured");
            if (e_book_authenticate_user(m_addressbook,
-                                         identity.m_identity.c_str(),
-                                         passwd.c_str(),
+                                         cred.m_username.c_str(),
+                                         cred.m_password.c_str(),
                                         method,
                                         gerror)) {
                SE_LOG_DEBUG(getDisplayName(), "authentication succeeded");
--- a/src/backends/webdav/WebDAVSource.cpp
+++ b/src/backends/webdav/WebDAVSource.cpp
@ -12,6 +12,7 @@
 #include <boost/scoped_ptr.hpp>

 #include <syncevo/LogRedirect.h>
+#include <syncevo/IdentityProvider.h>

 #include <boost/assign.hpp>

@ -196,9 +197,11 @@ void ContextSettings::lookupCredentials()
        password = m_context->getSyncPassword();
    }

-    // TODO: lookup actual authentication method instead of assuming username/password
-    m_username = identity.m_identity;
-    m_password = password;
+    // lookup actual authentication method instead of assuming username/password
+    // TODO: oauth2
+    Credentials cred = IdentityProviderCredentials(identity, password);
+    m_username = cred.m_username;
+    m_password = cred.m_password;
    m_haveCredentials = true;
 }

--- a/src/syncevo/IdentityProvider.cpp
+++ b/src/syncevo/IdentityProvider.cpp
@ -0,0 +1,46 @@
+/*
+ * Copyright (C) 2013 Intel Corporation
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) version 3.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301  USA
+ */
+
+#include <syncevo/IdentityProvider.h>
+#include <syncevo/SyncConfig.h>
+
+SE_BEGIN_CXX
+
+const char USER_IDENTITY_PLAIN_TEXT[] = "user";
+const char USER_IDENTITY_SYNC_CONFIG[] = "id";
+
+Credentials IdentityProviderCredentials(const UserIdentity &identity,
+                                        const InitStateString &password)
+{
+    Credentials cred;
+
+    if (identity.m_provider == USER_IDENTITY_PLAIN_TEXT) {
+        cred.m_username = identity.m_identity;
+        cred.m_password = password;
+    } else {
+        // We could use the gSSO password plugin to request
+        // username/password. But it is uncertain whether that is useful,
+        // therefore that is not implemented at the moment.
+        SE_THROW(StringPrintf("%s: need username+password as credentials", identity.toString().c_str()));
+    }
+
+    return cred;
+}
+
+SE_END_CXX
--- a/src/syncevo/IdentityProvider.h
+++ b/src/syncevo/IdentityProvider.h
@ -19,11 +19,34 @@
 #ifndef INCL_SYNC_EVOLUTION_IDENTITY_PROVIDER
 # define INCL_SYNC_EVOLUTION_IDENTITY_PROVIDER

+#include <syncevo/util.h>
+
+#include <string>
+
 #include <syncevo/declarations.h>
 SE_BEGIN_CXX

-static const char USER_IDENTITY_PLAIN_TEXT[] = "user";
-static const char USER_IDENTITY_SYNC_CONFIG[] = "id";
+extern const char USER_IDENTITY_PLAIN_TEXT[];
+extern const char USER_IDENTITY_SYNC_CONFIG[];
+
+struct UserIdentity; // from SyncConfig.h
+
+struct Credentials
+{
+    std::string m_username;
+    std::string m_password;
+};
+
+/**
+ * Returns username/password for an identity. The password is the
+ * string configured for it inside SyncEvolution. It may be empty and/or unset if
+ * the plain text password comes from the identity provider.
+ *
+ * If the credentials cannot be retrieved, an error is thrown, so don't use this
+ * in cases where a different authentication method might also work.
+ */
+Credentials IdentityProviderCredentials(const UserIdentity &identity,
+                                        const InitStateString &password);

 SE_END_CXX
 #endif
--- a/src/syncevo/SyncContext.cpp
+++ b/src/syncevo/SyncContext.cpp
@ -28,6 +28,7 @@
 #include <syncevo/util.h>
 #include <syncevo/SuspendFlags.h>
 #include <syncevo/ThreadSupport.h>
+#include <syncevo/IdentityProvider.h>

 #include <syncevo/SafeConfigNode.h>
 #include <syncevo/IniConfigNode.h>
@ -2880,9 +2881,9 @@ void SyncContext::getConfigXML(string &xml, string &configname)
    substTag(xml, "maxobjsize", std::max(getMaxObjSize().get(), 1024u));
    if (m_serverMode) {
        UserIdentity id = getSyncUser();
-        // TODO: resolve id
-        const string user = id.m_identity;
-        const string password = getSyncPassword();
+        Credentials cred = IdentityProviderCredentials(id, getSyncPassword());
+        const string &user = cred.m_username;
+        const string &password = cred.m_password;

        /*
         * Do not check username/pwd if this local sync or over
@ -3424,9 +3425,9 @@ bool SyncContext::sendSAN(uint16_t version)
    /* Should be nonce sent by the server in the preceeding sync session */
    string nonce = "SyncEvolution";
    UserIdentity id = getSyncUser();
-    std::string password = getSyncPassword();
-    // TODO: resolve id
-    std::string user = id.m_identity;
+    Credentials cred = IdentityProviderCredentials(id, getSyncPassword());
+    const std::string &user = cred.m_username;
+    const std::string &password = cred.m_password;
    string uauthb64 = san.B64_H(user, password);
    /* Client is expected to conduct the sync in the backgroud */
    sysync::UI_Mode mode = sysync::UI_not_specified;
@ -3708,9 +3709,9 @@ SyncMLStatus SyncContext::doSync()
         
        m_engine.SetStrValue(profile, "serverURI", getUsedSyncURL());
        UserIdentity id = getSyncUser();
-        std::string password = getSyncPassword();
-        // TODO: resolve id
-        std::string user = id.m_identity;
+        Credentials cred = IdentityProviderCredentials(id, getSyncPassword());
+        const std::string &user = cred.m_username;
+        const std::string &password = cred.m_password;
        m_engine.SetStrValue(profile, "serverUser", user);
        m_engine.SetStrValue(profile, "serverPassword", password);
        m_engine.SetInt32Value(profile, "encoding",
--- a/src/syncevo/SynthesisDBPlugin.cpp
+++ b/src/syncevo/SynthesisDBPlugin.cpp
@ -33,6 +33,7 @@ using namespace sysync;

 #include <syncevo/SyncContext.h>
 #include <syncevo/SyncSource.h>
+#include <syncevo/IdentityProvider.h>

 #include <sstream>

@ -314,9 +315,9 @@ TSyError SyncEvolution_Session_Login( CContext sContext, cAppCharP sUsername, ap
    }
    TSyError res = DB_Forbidden;
    UserIdentity id = sc->getSyncUser();
-    // TODO: check for plain authentication
-    std::string user = id.m_identity;
-    string password = sc->getSyncPassword();
+    Credentials cred = IdentityProviderCredentials(id, sc->getSyncPassword());
+    const std::string &user = cred.m_username;
+    const std::string &password = cred.m_password;

    if (user.empty() && password.empty()) {
        // nothing to check, accept peer
--- a/src/syncevo/TransportAgent.cpp
+++ b/src/syncevo/TransportAgent.cpp
@ -19,6 +19,7 @@

 #include <syncevo/TransportAgent.h>
 #include <syncevo/SyncConfig.h>
+#include <syncevo/IdentityProvider.h>

 #include <syncevo/declarations.h>
 SE_BEGIN_CXX
@ -33,10 +34,8 @@ void HTTPTransportAgent::setConfig(SyncConfig &config)
    if (config.getUseProxy()) {
        setProxy(config.getProxyHost());
        UserIdentity identity = config.getProxyUser();
-        // TODO: resolve to plain username
-        std::string username = identity.m_identity;
-        std::string password = config.getProxyPassword();
-        setProxyAuth(username, password);
+        Credentials cred = IdentityProviderCredentials(identity, config.getProxyPassword());
+        setProxyAuth(cred.m_username, cred.m_password);
    }
    setUserAgent(config.getUserAgent());
    setSSL(config.findSSLServerCertificate(),
--- a/src/syncevo/syncevo.am
+++ b/src/syncevo/syncevo.am
@ -22,6 +22,9 @@ src_syncevo_sources = \
  src/syncevo/EDSClient.h \
  src/syncevo/EDSClient.cpp \
  \
+  src/syncevo/IdentityProvider.h \
+  src/syncevo/IdentityProvider.cpp \
+  \
  src/syncevo/ConfigTree.h \
  src/syncevo/ConfigFilter.h \
  src/syncevo/ConfigFilter.cpp \
@ -162,6 +165,7 @@ src_syncevo_libsyncevolution_include_HEADERS = \
  src/syncevo/SafeConfigNode.h \
  src/syncevo/SyncConfig.h \
  src/syncevo/SyncSource.h \
+  src/syncevo/IdentityProvider.h \
  src/syncevo/util.h \
  src/syncevo/BoostHelper.h \
  src/syncevo/SuspendFlags.h \