@@ -3,7 +3,7 @@ CFLAGS += -fPIC -fno-stack-protector

 LDFLAGS = -lpam

 INTEGRATION_OBJS = sys_syslog.o sys_fstream.o sys_unistd.o sys_pwd.o pam.o dual_control_integrate.o

-OBJS = dual_control.o request.o validator.o conversation.o user.o token.o logger.o

+OBJS = dual_control.o request.o validator.o conversation.o user.o token.o logger.o session.o

 TESTS = dual_control_test validator_test conversation_test request_test user_test token_test \

 		logger_test session_test

 TESTOBJS = $(patsubst %,%.o,$(TESTS))

@@ -82,7 +82,7 @@ private:

     pam_handle *expected_handle_;

     conversation_data conversation_data_;

     int get_response_;

-    pam_conv conv_;

+    mutable pam_conv conv_;

 public:

     fake_pam (pam_handle *expected_handle,

               const conversation_data &conversation_data)

@@ -91,7 +91,7 @@ public:

           get_response_ (PAM_SUCCESS)

     {}

     fake_pam (int get_response) : get_response_ (get_response) {}

-    int get_conv (pam_handle *handle, const pam_conv **out)

+    int get_conv (pam_handle *handle, const pam_conv **out) const

     {

         if (get_response_ != PAM_SUCCESS) {

             return get_response_;

@@ -101,7 +101,7 @@ public:

             throw std::string ("unexpected handle");

         }

-        conv_.appdata_ptr = reinterpret_cast<void *> (&conversation_data_);

+        conv_.appdata_ptr = (void*) (&conversation_data_);

         conv_.conv = fake_conv;

         *out = &conv_;

         return PAM_SUCCESS;

@@ -17,6 +17,7 @@

 #include "dual_control.h"

 #include "conversation.h"

 #include "validator.h"

+#include "session.h"

 #include "logger.h"

 int dual_control_ifc::authenticate (const pam_request &request)

@@ -37,6 +38,7 @@ private:

     conversation conversation_;

     validator validator_;

     logger logger_;

+    session session_;

 public:

     impl (const dual_control_configuration &configuration);

     int authenticate (const pam_request &request);

@@ -57,7 +59,10 @@ int impl::authenticate (const pam_request &request)

 {

     conversation_result input (conversation_.initiate (request));

-    int auth_result = validator_.validate ("", input.user_name,

+    session_.user_name(request);

+

+    auto requester_user_name = session_.user_name(request);

+    int auth_result = validator_.validate ("anyone", input.user_name,

                                            input.token) ? PAM_SUCCESS : PAM_AUTH_ERR;

     logger_.log (auth_result, input.user_name, input.token);

new file mode 100644

@@ -0,0 +1,26 @@

+#include <memory>

+#include <string>

+

+#include "session.h"

+#include "sys_pam.h"

+#include "request.h"

+

+namespace

+{

+class impl : public session_ifc {

+    private:

+        pam pam_;

+    public:

+    impl(const pam &pam) : pam_(pam) {}

+    std::string user_name (const pam_request &request)  const {

+        const char *user_name;

+        pam_.get_user(request.handle(), &user_name);

+        return user_name;

+    }

+};

+

+}

+

+session session::create(const pam &pam) {

+    return session(std::make_shared<impl>(pam));

+}

new file mode 100644

@@ -0,0 +1,29 @@

+#ifndef _SESSION_H_

+#define _SESSION_H_

+

+#include <string>

+

+#include "request.h"

+#include "sys_pam.h"

+

+class session_ifc {

+    public:

+        virtual ~session_ifc () {}

+        virtual std::string user_name (const pam_request &request)  const {

+            return "";

+        }

+};

+

+class session {

+    private:

+        std::shared_ptr<session_ifc> delegate_;

+    public:

+        session(std::shared_ptr<session_ifc> delegate = std::make_shared<session_ifc>()) : delegate_(delegate) {}

+        std::string user_name (const pam_request &request) const {

+            return delegate_->user_name(request);

+        }

+        static session create(const pam &pam);

+};

+

+#endif

+

new file mode 100644

@@ -0,0 +1,43 @@

+#include <string>

+#include <memory>

+

+#include "session.h"

+#include "test_util.h"

+#include "sys_pam.h"

+#include "request.h"

+

+class fake_sys_pam : public pam_ifc {

+    private:

+        std::string user_name_;

+    public:

+    fake_sys_pam(std::string user_name) : user_name_(user_name) {}

+    int get_user (pam_handle *handle, const char **out) const {

+        *out = user_name_.c_str();

+        return PAM_SUCCESS;

+    }

+};

+

+int gets_user_from_pam() {

+    //given

+    std::string user_name("user");

+    pam fake_sys_pam(std::make_shared<fake_sys_pam>(user_name));

+    session session(session::create(fake_sys_pam));

+    pam_request request(0, 0, 0, 0);

+

+    //when

+    std::string actual = session.user_name(request);

+

+    //

+    //then

+    check(actual == user_name, "returned wrong user name");

+    succeed();

+}

+

+int run_tests() {

+    test(gets_user_from_pam);

+    succeed();

+}

+

+int main(int argc, char *argv[]) {

+    return !run_tests();

+}

@@ -21,11 +21,11 @@ namespace

 class impl : public pam_ifc

 {

 public:

-    int get_conv (pam_handle *handle, const pam_conv **out)

+    int get_conv (pam_handle *handle, const pam_conv **out) const

     {

         return ::pam_get_item (handle, PAM_CONV, (const void **)out);

     }

-    int get_user (pam_handle *handle, const char **out)

+    int get_user (pam_handle *handle, const char **out) const

     {

         return ::pam_get_item (handle, PAM_USER, (const void **)out);

     }

@@ -19,10 +19,10 @@ class pam_ifc

 {

 public:

     virtual ~pam_ifc() {}

-    virtual int get_user (pam_handle *handle, const char **out) {

+    virtual int get_user (pam_handle *handle, const char **out) const {

         return PAM_SERVICE_ERR;

     }

-    virtual int get_conv (pam_handle *handle, const pam_conv **out)

+    virtual int get_conv (pam_handle *handle, const pam_conv **out) const

     {

         return PAM_SERVICE_ERR;

     }

@@ -36,10 +36,10 @@ private:

 public:

     pam (const delegate &delegate) : delegate_ (delegate) {}

     pam() : pam (delegate (new pam_ifc)) {}

-    int get_user(pam_handle *handle, const char **out) {

+    int get_user(pam_handle *handle, const char **out) const {

         return delegate_->get_user(handle, out);

     }

-    int get_conv (pam_handle *handle, const pam_conv **out)

+    int get_conv (pam_handle *handle, const pam_conv **out) const

     {

         return delegate_->get_conv (handle, out);

     }

@@ -32,7 +32,6 @@

 #define test(NAME) \

     { \

-      __reset_vars(); \

       int result = NAME (); \

       if (!result) { \

           fprintf(stderr, "test failed: %s\n", #NAME); \