Browse code
format
Greg Wiley authored on 02/05/2017 23:41:36
Showing 10 changed files
Showing 10 changed files
- conversation_test.cc
- dual_control.cc
- dual_control_integrate.cc
- dual_control_test.cc
- session.cc
- session.h
- session_test.cc
- sys_pam.h
- validator.h
- validator_test.cc
... | ... |
@@ -101,7 +101,7 @@ public: |
101 | 101 |
throw std::string ("unexpected handle"); |
102 | 102 |
} |
103 | 103 |
|
104 |
- conv_.appdata_ptr = (void*) (&conversation_data_); |
|
104 |
+ conv_.appdata_ptr = (void *) (&conversation_data_); |
|
105 | 105 |
conv_.conv = fake_conv; |
106 | 106 |
*out = &conv_; |
107 | 107 |
return PAM_SUCCESS; |
... | ... |
@@ -49,7 +49,7 @@ impl::impl (const dual_control_configuration &configuration) : |
49 | 49 |
conversation_ (configuration.conversation), |
50 | 50 |
validator_ (configuration.validator), |
51 | 51 |
logger_ (configuration.logger), |
52 |
- sessions_(configuration.sessions) {} |
|
52 |
+ sessions_ (configuration.sessions) {} |
|
53 | 53 |
|
54 | 54 |
int impl::setcred (const pam_request &request) |
55 | 55 |
{ |
... | ... |
@@ -60,9 +60,9 @@ int impl::authenticate (const pam_request &request) |
60 | 60 |
{ |
61 | 61 |
conversation_result input (conversation_.initiate (request)); |
62 | 62 |
|
63 |
- sessions_.user_name(request); |
|
63 |
+ sessions_.user_name (request); |
|
64 | 64 |
|
65 |
- auto requester_user_name = sessions_.user_name(request); |
|
65 |
+ auto requester_user_name = sessions_.user_name (request); |
|
66 | 66 |
int auth_result = validator_.validate ("anyone", input.user_name, |
67 | 67 |
input.token) ? PAM_SUCCESS : PAM_AUTH_ERR; |
68 | 68 |
|
... | ... |
@@ -47,7 +47,7 @@ dual_control initialize() |
47 | 47 |
conversation conversation (conversation::create (pam)); |
48 | 48 |
sys_syslog sys_syslog (sys_syslog::create()); |
49 | 49 |
logger logger (logger::create (sys_syslog)); |
50 |
- sessions sessions (sessions::create(pam)); |
|
50 |
+ sessions sessions (sessions::create (pam)); |
|
51 | 51 |
configuration.validator = validator; |
52 | 52 |
configuration.logger = logger; |
53 | 53 |
configuration.conversation = conversation; |
... | ... |
@@ -92,7 +92,8 @@ private: |
92 | 92 |
public: |
93 | 93 |
fake_validator (const std::string &user, |
94 | 94 |
const std::string &token): user_ (user), token_ (token) {} |
95 |
- bool validate (const std::string &requester, const std::string &user, const std::string &token) |
|
95 |
+ bool validate (const std::string &requester, const std::string &user, |
|
96 |
+ const std::string &token) |
|
96 | 97 |
{ |
97 | 98 |
return user_ == user && token_ == token; |
98 | 99 |
} |
... | ... |
@@ -1,3 +1,14 @@ |
1 |
+/* Copyright (C) CJ Affiliate |
|
2 |
+ * |
|
3 |
+ * You may use, distribute and modify this code under the |
|
4 |
+ * terms of the GNU General Public License version 2 or |
|
5 |
+ * later. |
|
6 |
+ * |
|
7 |
+ * You should have received a copy of the license with this |
|
8 |
+ * file. If not, you will find a copy in the "LICENSE" file |
|
9 |
+ * at https://github.com/cjdev/dual-control. |
|
10 |
+ */ |
|
11 |
+ |
|
1 | 12 |
#include <memory> |
2 | 13 |
#include <string> |
3 | 14 |
|
... | ... |
@@ -7,20 +18,24 @@ |
7 | 18 |
|
8 | 19 |
namespace |
9 | 20 |
{ |
10 |
-class impl : public sessions_ifc { |
|
11 |
- private: |
|
12 |
- pam pam_; |
|
13 |
- public: |
|
14 |
- impl(const pam &pam) : pam_(pam) {} |
|
15 |
- std::string user_name (const pam_request &request) const { |
|
21 |
+class impl : public sessions_ifc |
|
22 |
+{ |
|
23 |
+private: |
|
24 |
+ pam pam_; |
|
25 |
+public: |
|
26 |
+ impl (const pam &pam) : pam_ (pam) {} |
|
27 |
+ std::string user_name (const pam_request &request) const |
|
28 |
+ { |
|
16 | 29 |
const char *user_name; |
17 |
- pam_.get_user(request.handle(), &user_name); |
|
30 |
+ pam_.get_user (request.handle(), &user_name); |
|
18 | 31 |
return user_name; |
19 | 32 |
} |
20 | 33 |
}; |
21 | 34 |
|
22 | 35 |
} |
23 | 36 |
|
24 |
-sessions sessions::create(const pam &pam) { |
|
25 |
- return sessions(std::make_shared<impl>(pam)); |
|
37 |
+sessions sessions::create (const pam &pam) |
|
38 |
+{ |
|
39 |
+ return sessions (std::make_shared<impl> (pam)); |
|
26 | 40 |
} |
41 |
+ |
... | ... |
@@ -1,3 +1,14 @@ |
1 |
+/* Copyright (C) CJ Affiliate |
|
2 |
+ * |
|
3 |
+ * You may use, distribute and modify this code under the |
|
4 |
+ * terms of the GNU General Public License version 2 or |
|
5 |
+ * later. |
|
6 |
+ * |
|
7 |
+ * You should have received a copy of the license with this |
|
8 |
+ * file. If not, you will find a copy in the "LICENSE" file |
|
9 |
+ * at https://github.com/cjdev/dual-control. |
|
10 |
+ */ |
|
11 |
+ |
|
1 | 12 |
#ifndef _SESSION_H_ |
2 | 13 |
#define _SESSION_H_ |
3 | 14 |
|
... | ... |
@@ -6,23 +17,28 @@ |
6 | 17 |
#include "request.h" |
7 | 18 |
#include "sys_pam.h" |
8 | 19 |
|
9 |
-class sessions_ifc { |
|
10 |
- public: |
|
11 |
- virtual ~sessions_ifc () {} |
|
12 |
- virtual std::string user_name (const pam_request &request) const { |
|
13 |
- return ""; |
|
14 |
- } |
|
20 |
+class sessions_ifc |
|
21 |
+{ |
|
22 |
+public: |
|
23 |
+ virtual ~sessions_ifc () {} |
|
24 |
+ virtual std::string user_name (const pam_request &request) const |
|
25 |
+ { |
|
26 |
+ return ""; |
|
27 |
+ } |
|
15 | 28 |
}; |
16 | 29 |
|
17 |
-class sessions { |
|
18 |
- private: |
|
19 |
- std::shared_ptr<sessions_ifc> delegate_; |
|
20 |
- public: |
|
21 |
- sessions(std::shared_ptr<sessions_ifc> delegate = std::make_shared<sessions_ifc>()) : delegate_(delegate) {} |
|
22 |
- std::string user_name (const pam_request &request) const { |
|
23 |
- return delegate_->user_name(request); |
|
24 |
- } |
|
25 |
- static sessions create(const pam &pam); |
|
30 |
+class sessions |
|
31 |
+{ |
|
32 |
+private: |
|
33 |
+ std::shared_ptr<sessions_ifc> delegate_; |
|
34 |
+public: |
|
35 |
+ sessions (std::shared_ptr<sessions_ifc> delegate = |
|
36 |
+ std::make_shared<sessions_ifc>()) : delegate_ (delegate) {} |
|
37 |
+ std::string user_name (const pam_request &request) const |
|
38 |
+ { |
|
39 |
+ return delegate_->user_name (request); |
|
40 |
+ } |
|
41 |
+ static sessions create (const pam &pam); |
|
26 | 42 |
}; |
27 | 43 |
|
28 | 44 |
#endif |
... | ... |
@@ -1,3 +1,14 @@ |
1 |
+/* Copyright (C) CJ Affiliate |
|
2 |
+ * |
|
3 |
+ * You may use, distribute and modify this code under the |
|
4 |
+ * terms of the GNU General Public License version 2 or |
|
5 |
+ * later. |
|
6 |
+ * |
|
7 |
+ * You should have received a copy of the license with this |
|
8 |
+ * file. If not, you will find a copy in the "LICENSE" file |
|
9 |
+ * at https://github.com/cjdev/dual-control. |
|
10 |
+ */ |
|
11 |
+ |
|
1 | 12 |
#include <string> |
2 | 13 |
#include <memory> |
3 | 14 |
|
... | ... |
@@ -6,38 +17,44 @@ |
6 | 17 |
#include "sys_pam.h" |
7 | 18 |
#include "request.h" |
8 | 19 |
|
9 |
-class fake_sys_pam : public pam_ifc { |
|
10 |
- private: |
|
11 |
- std::string user_name_; |
|
12 |
- public: |
|
13 |
- fake_sys_pam(std::string user_name) : user_name_(user_name) {} |
|
14 |
- int get_user (pam_handle *handle, const char **out) const { |
|
20 |
+class fake_sys_pam : public pam_ifc |
|
21 |
+{ |
|
22 |
+private: |
|
23 |
+ std::string user_name_; |
|
24 |
+public: |
|
25 |
+ fake_sys_pam (std::string user_name) : user_name_ (user_name) {} |
|
26 |
+ int get_user (pam_handle *handle, const char **out) const |
|
27 |
+ { |
|
15 | 28 |
*out = user_name_.c_str(); |
16 | 29 |
return PAM_SUCCESS; |
17 | 30 |
} |
18 | 31 |
}; |
19 | 32 |
|
20 |
-int gets_user_from_pam() { |
|
33 |
+int gets_user_from_pam() |
|
34 |
+{ |
|
21 | 35 |
//given |
22 |
- std::string user_name("user"); |
|
23 |
- pam fake_sys_pam(std::make_shared<fake_sys_pam>(user_name)); |
|
24 |
- sessions sessions(sessions::create(fake_sys_pam)); |
|
25 |
- pam_request request(0, 0, 0, 0); |
|
36 |
+ std::string user_name ("user"); |
|
37 |
+ pam fake_sys_pam (std::make_shared<fake_sys_pam> (user_name)); |
|
38 |
+ sessions sessions (sessions::create (fake_sys_pam)); |
|
39 |
+ pam_request request (0, 0, 0, 0); |
|
26 | 40 |
|
27 | 41 |
//when |
28 |
- std::string actual = sessions.user_name(request); |
|
42 |
+ std::string actual = sessions.user_name (request); |
|
29 | 43 |
|
30 | 44 |
// |
31 | 45 |
//then |
32 |
- check(actual == user_name, "returned wrong user name"); |
|
46 |
+ check (actual == user_name, "returned wrong user name"); |
|
33 | 47 |
succeed(); |
34 | 48 |
} |
35 | 49 |
|
36 |
-int run_tests() { |
|
37 |
- test(gets_user_from_pam); |
|
50 |
+int run_tests() |
|
51 |
+{ |
|
52 |
+ test (gets_user_from_pam); |
|
38 | 53 |
succeed(); |
39 | 54 |
} |
40 | 55 |
|
41 |
-int main(int argc, char *argv[]) { |
|
56 |
+int main (int argc, char *argv[]) |
|
57 |
+{ |
|
42 | 58 |
return !run_tests(); |
43 | 59 |
} |
60 |
+ |
... | ... |
@@ -19,7 +19,8 @@ class pam_ifc |
19 | 19 |
{ |
20 | 20 |
public: |
21 | 21 |
virtual ~pam_ifc() {} |
22 |
- virtual int get_user (pam_handle *handle, const char **out) const { |
|
22 |
+ virtual int get_user (pam_handle *handle, const char **out) const |
|
23 |
+ { |
|
23 | 24 |
return PAM_SERVICE_ERR; |
24 | 25 |
} |
25 | 26 |
virtual int get_conv (pam_handle *handle, const pam_conv **out) const |
... | ... |
@@ -36,8 +37,9 @@ private: |
36 | 37 |
public: |
37 | 38 |
pam (const delegate &delegate) : delegate_ (delegate) {} |
38 | 39 |
pam() : pam (delegate (new pam_ifc)) {} |
39 |
- int get_user(pam_handle *handle, const char **out) const { |
|
40 |
- return delegate_->get_user(handle, out); |
|
40 |
+ int get_user (pam_handle *handle, const char **out) const |
|
41 |
+ { |
|
42 |
+ return delegate_->get_user (handle, out); |
|
41 | 43 |
} |
42 | 44 |
int get_conv (pam_handle *handle, const pam_conv **out) const |
43 | 45 |
{ |
... | ... |
@@ -39,9 +39,12 @@ public: |
39 | 39 |
(delegate) {} |
40 | 40 |
validator() : validator (std::shared_ptr<validator_ifc> |
41 | 41 |
(new validator_ifc)) {} |
42 |
- bool validate (const std::string &requester_user_name, const std::string &authorizer_user_name, const std::string &authorizer_token) |
|
42 |
+ bool validate (const std::string &requester_user_name, |
|
43 |
+ const std::string &authorizer_user_name, |
|
44 |
+ const std::string &authorizer_token) |
|
43 | 45 |
{ |
44 |
- return delegate_->validate (requester_user_name, authorizer_user_name, authorizer_token); |
|
46 |
+ return delegate_->validate (requester_user_name, authorizer_user_name, |
|
47 |
+ authorizer_token); |
|
45 | 48 |
} |
46 | 49 |
static validator create (const directory &directory, |
47 | 50 |
const user_token_supplier &token_supplier); |
... | ... |
@@ -113,40 +113,44 @@ bool validator_fails_incorrect_token() |
113 | 113 |
succeed(); |
114 | 114 |
} |
115 | 115 |
|
116 |
-bool validator_fails_with_own_token() { |
|
116 |
+bool validator_fails_with_own_token() |
|
117 |
+{ |
|
117 | 118 |
// given |
118 |
- std::string requester_user_name("requester"); |
|
119 |
- std::string authorizer_user_name(requester_user_name); |
|
120 |
- std::string authorizer_token("token"); |
|
119 |
+ std::string requester_user_name ("requester"); |
|
120 |
+ std::string authorizer_user_name (requester_user_name); |
|
121 |
+ std::string authorizer_token ("token"); |
|
121 | 122 |
directory directory (share (new fake_directory (authorizer_user_name))); |
122 | 123 |
user_token_supplier user_token_supplier (share (new |
123 |
- fake_user_token_supplier(authorizer_token))); |
|
124 |
+ fake_user_token_supplier (authorizer_token))); |
|
124 | 125 |
validator validator = validator::create (directory, user_token_supplier); |
125 | 126 |
|
126 | 127 |
// when |
127 |
- bool actual = validator.validate (requester_user_name, authorizer_user_name, authorizer_token); |
|
128 |
+ bool actual = validator.validate (requester_user_name, authorizer_user_name, |
|
129 |
+ authorizer_token); |
|
128 | 130 |
|
129 | 131 |
// then |
130 |
- check(!actual, "should not be valid"); |
|
132 |
+ check (!actual, "should not be valid"); |
|
131 | 133 |
succeed(); |
132 | 134 |
|
133 | 135 |
} |
134 | 136 |
|
135 |
-bool validator_fails_with_unknown_requester() { |
|
137 |
+bool validator_fails_with_unknown_requester() |
|
138 |
+{ |
|
136 | 139 |
// given |
137 |
- std::string requester_user_name(""); |
|
138 |
- std::string authorizer_user_name("authorizer"); |
|
139 |
- std::string authorizer_token("token"); |
|
140 |
+ std::string requester_user_name (""); |
|
141 |
+ std::string authorizer_user_name ("authorizer"); |
|
142 |
+ std::string authorizer_token ("token"); |
|
140 | 143 |
directory directory (share (new fake_directory (authorizer_user_name))); |
141 | 144 |
user_token_supplier user_token_supplier (share (new |
142 |
- fake_user_token_supplier(authorizer_token))); |
|
145 |
+ fake_user_token_supplier (authorizer_token))); |
|
143 | 146 |
validator validator = validator::create (directory, user_token_supplier); |
144 | 147 |
|
145 | 148 |
// when |
146 |
- bool actual = validator.validate (requester_user_name, authorizer_user_name, authorizer_token); |
|
149 |
+ bool actual = validator.validate (requester_user_name, authorizer_user_name, |
|
150 |
+ authorizer_token); |
|
147 | 151 |
|
148 | 152 |
// then |
149 |
- check(!actual, "should not be valid"); |
|
153 |
+ check (!actual, "should not be valid"); |
|
150 | 154 |
succeed(); |
151 | 155 |
|
152 | 156 |
} |