Put http.Request in validation path

This commit is contained in:
Daniel Ponte 2022-11-12 17:31:03 -05:00
parent 2c997e3866
commit 1aa1296732
5 changed files with 15 additions and 7 deletions

View file

@ -93,7 +93,7 @@ func (a *Authenticator) ProvidersHandler(c echo.Context) error {
return c.JSON(http.StatusOK, providers) return c.JSON(http.StatusOK, providers)
} }
func (a *Authenticator) Check(f *Flow, rm map[string]interface{}) (provider.ProviderUser, error) { func (a *Authenticator) Check(f *Flow, req *http.Request, rm map[string]interface{}) (provider.ProviderUser, error) {
cID, hasCID := rm["client_id"] cID, hasCID := rm["client_id"]
cIDStr, cidIsStr := cID.(string) cIDStr, cidIsStr := cID.(string)
if !hasCID || !cidIsStr || cIDStr == "" || cIDStr != string(f.request.ClientID) { if !hasCID || !cidIsStr || cIDStr == "" || cIDStr != string(f.request.ClientID) {
@ -110,7 +110,7 @@ func (a *Authenticator) Check(f *Flow, rm map[string]interface{}) (provider.Prov
return nil, ErrInvalidAuth return nil, ErrInvalidAuth
} }
user, success := p.ValidateCreds(rm) user, success := p.ValidateCreds(req, rm)
if success { if success {
log.Info().Interface("user", user.ProviderUserData()).Msg("Login success") log.Info().Interface("user", user.ProviderUserData()).Msg("Login success")

View file

@ -142,7 +142,7 @@ func (f *Flow) progress(a *Authenticator, c echo.Context) error {
} }
} }
} }
user, err := a.Check(f, rm) user, err := a.Check(f, c.Request(), rm)
switch err { switch err {
case nil: case nil:
var finishedFlow struct { var finishedFlow struct {

View file

@ -1,6 +1,8 @@
package hass package hass
import ( import (
"net/http"
"encoding/base64" "encoding/base64"
"github.com/rs/zerolog/log" "github.com/rs/zerolog/log"
@ -64,7 +66,7 @@ func (hap *HomeAssistantProvider) hashPass(p string) ([]byte, error) {
return bcrypt.GenerateFromPassword([]byte(p), bcrypt.DefaultCost) return bcrypt.GenerateFromPassword([]byte(p), bcrypt.DefaultCost)
} }
func (hap *HomeAssistantProvider) ValidateCreds(rm map[string]interface{}) (provider.ProviderUser, bool) { func (hap *HomeAssistantProvider) ValidateCreds(r *http.Request, rm map[string]interface{}) (provider.ProviderUser, bool) {
usernameE, hasU := rm["username"] usernameE, hasU := rm["username"]
passwordE, hasP := rm["password"] passwordE, hasP := rm["password"]
username, unStr := usernameE.(string) username, unStr := usernameE.(string)

View file

@ -1,6 +1,8 @@
package provider package provider
import ( import (
"net/http"
"dynatron.me/x/blasphem/pkg/storage" "dynatron.me/x/blasphem/pkg/storage"
) )
@ -13,7 +15,7 @@ type AuthProvider interface { // TODO: this should include stepping
ProviderBase() AuthProviderBase ProviderBase() AuthProviderBase
FlowSchema() []FlowSchemaItem FlowSchema() []FlowSchemaItem
NewCredData() interface{} NewCredData() interface{}
ValidateCreds(reqMap map[string]interface{}) (user ProviderUser, success bool) ValidateCreds(r *http.Request, reqMap map[string]interface{}) (user ProviderUser, success bool)
} }
func Register(providerName string, f func(storage.Store) (AuthProvider, error)) { func Register(providerName string, f func(storage.Store) (AuthProvider, error)) {

View file

@ -3,6 +3,8 @@ package trustednets
// TODO: This doesn't work at all // TODO: This doesn't work at all
import ( import (
"net/http"
"dynatron.me/x/blasphem/pkg/auth/provider" "dynatron.me/x/blasphem/pkg/auth/provider"
"dynatron.me/x/blasphem/pkg/storage" "dynatron.me/x/blasphem/pkg/storage"
) )
@ -42,8 +44,10 @@ func New(s storage.Store) (provider.AuthProvider, error) {
return hap, nil return hap, nil
} }
// TODO: To implement this, ValidateCreds needs to be changed to accept an http.Request, or the echo context. func (hap *TrustedNetworksProvider) ValidateCreds(r *http.Request, rm map[string]interface{}) (provider.ProviderUser, bool) {
func (hap *TrustedNetworksProvider) ValidateCreds(rm map[string]interface{}) (provider.ProviderUser, bool) { /*
if req.RemoteAddr in allowed then do the thing
*/
return nil, false return nil, false
} }