]>
Commit | Line | Data |
---|---|---|
3a540a69 FG |
1 | package PVE::TokenConfig; |
2 | ||
3 | use strict; | |
4 | use warnings; | |
5 | ||
6 | use UUID; | |
7 | ||
8 | use PVE::AccessControl; | |
9 | use PVE::Cluster; | |
10 | ||
11 | my $parse_token_cfg = sub { | |
12 | my ($filename, $raw) = @_; | |
13 | ||
14 | my $parsed = {}; | |
856c101e | 15 | return $parsed if !defined($raw); |
3a540a69 | 16 | |
856c101e | 17 | my @lines = split(/\n/, $raw); |
3a540a69 FG |
18 | foreach my $line (@lines) { |
19 | next if $line =~ m/^\s*$/; | |
20 | ||
21 | if ($line =~ m/^(\S+) (\S+)$/) { | |
22 | if (PVE::AccessControl::pve_verify_tokenid($1, 1)) { | |
23 | $parsed->{$1} = $2; | |
24 | next; | |
25 | } | |
26 | } | |
27 | ||
28 | warn "skipping invalid token.cfg entry\n"; | |
29 | } | |
30 | ||
31 | return $parsed; | |
32 | }; | |
33 | ||
34 | my $write_token_cfg = sub { | |
35 | my ($filename, $data) = @_; | |
36 | ||
37 | my $raw = ''; | |
38 | foreach my $tokenid (sort keys %$data) { | |
39 | $raw .= "$tokenid $data->{$tokenid}\n"; | |
40 | } | |
41 | ||
42 | return $raw; | |
43 | }; | |
44 | ||
45 | PVE::Cluster::cfs_register_file('priv/token.cfg', $parse_token_cfg, $write_token_cfg); | |
46 | ||
47 | sub generate_token { | |
48 | my ($tokenid) = @_; | |
49 | ||
50 | PVE::AccessControl::pve_verify_tokenid($tokenid); | |
51 | ||
52 | my $token_value = PVE::Cluster::cfs_lock_file('priv/token.cfg', 10, sub { | |
53 | my $uuid = UUID::uuid(); | |
54 | my $token_cfg = PVE::Cluster::cfs_read_file('priv/token.cfg'); | |
55 | ||
56 | $token_cfg->{$tokenid} = $uuid; | |
57 | ||
58 | PVE::Cluster::cfs_write_file('priv/token.cfg', $token_cfg); | |
59 | ||
60 | return $uuid; | |
61 | }); | |
62 | ||
63 | die "$@\n" if defined($@); | |
64 | ||
65 | return $token_value; | |
66 | } | |
67 | ||
68 | sub delete_token { | |
69 | my ($tokenid) = @_; | |
70 | ||
71 | PVE::Cluster::cfs_lock_file('priv/token.cfg', 10, sub { | |
72 | my $token_cfg = PVE::Cluster::cfs_read_file('priv/token.cfg'); | |
73 | ||
74 | delete $token_cfg->{$tokenid}; | |
75 | ||
76 | PVE::Cluster::cfs_write_file('priv/token.cfg', $token_cfg); | |
77 | }); | |
78 | ||
79 | die "$@\n" if defined($@); | |
80 | } |