7684972a |
/* Copyright (C) CJ Affiliate
*
* You may use, distribute and modify this code under the
* terms of the GNU General Public License version 2 or
* later.
*
* You should have received a copy of the license with this
* file. If not, you will find a copy in the "LICENSE" file
* at https://github.com/cjdev/dual-control.
*/
|
a71244c0 |
#include <string>
#include <vector>
#include <security/pam_modules.h>
#include "request.h"
|
a85aeaf0 |
#include "dual_control.h"
|
caf7db60 |
#include "conversation.h"
#include "validator.h"
|
bb80149c |
#include "session.h"
|
a9690b1d |
#include "logger.h"
|
34ba20e5 |
|
a71244c0 |
int dual_control_ifc::authenticate (const pam_request &request)
{
return PAM_SERVICE_ERR;
}
int dual_control_ifc::setcred ( const pam_request &request)
{
return PAM_SERVICE_ERR;
}
|
a35decfc |
namespace
{
|
cdf7fd74 |
class impl : public dual_control_ifc
{
private:
|
f46fb7b6 |
conversation conversation_;
|
cdf7fd74 |
validator validator_;
logger logger_;
|
328af6e0 |
sessions sessions_;
|
cdf7fd74 |
public:
|
b017a4d2 |
impl (const dual_control_configuration &configuration);
|
a71244c0 |
int authenticate (const pam_request &request);
int setcred (const pam_request &request);
|
4a1812fd |
};
|
7699d7ec |
|
b017a4d2 |
impl::impl (const dual_control_configuration &configuration) :
|
f46fb7b6 |
conversation_ (configuration.conversation),
|
b017a4d2 |
validator_ (configuration.validator),
|
f30736f9 |
logger_ (configuration.logger),
|
af675d2b |
sessions_ (configuration.sessions) {}
|
caf7db60 |
|
a71244c0 |
int impl::setcred (const pam_request &request)
|
cdf7fd74 |
{
|
4a1812fd |
return PAM_SUCCESS;
|
9404cc1a |
}
|
df73f11d |
|
a71244c0 |
int impl::authenticate (const pam_request &request)
|
cdf7fd74 |
{
|
f46fb7b6 |
conversation_result input (conversation_.initiate (request));
|
caf7db60 |
|
af675d2b |
auto requester_user_name = sessions_.user_name (request);
|
d37d6209 |
int auth_result = validator_.validate (requester_user_name, input.user_name,
|
044b2625 |
input.token, input.reason) ? PAM_SUCCESS : PAM_AUTH_ERR;
|
caf7db60 |
|
706636a4 |
logger_.log (auth_result, requester_user_name, input.user_name,
|
3fc168fa |
input.token, input.reason);
|
47f9faed |
return auth_result;
|
df73f11d |
}
|
58902985 |
}
dual_control dual_control::create (const dual_control_configuration
|
a35decfc |
&configuration)
|
cdf7fd74 |
{
|
a71244c0 |
return dual_control (std::shared_ptr<dual_control_ifc> (new impl (
configuration)));
|
4a1812fd |
}
|
0d8b9a17 |
|