]>
Commit | Line | Data |
---|---|---|
dd9cef56 | 1 | //! Authentication via a static ticket file |
dd9cef56 SR |
2 | use std::fs::File; |
3 | use std::io::prelude::*; | |
4 | ||
4c1b7761 WB |
5 | use anyhow::{bail, format_err, Error}; |
6 | ||
fd6d2438 | 7 | use proxmox_rest_server::{ApiAuth, AuthError}; |
dd9cef56 SR |
8 | |
9 | const TICKET_FILE: &str = "/ticket"; | |
10 | ||
11 | pub struct StaticAuth { | |
12 | ticket: String, | |
13 | } | |
14 | ||
15 | impl ApiAuth for StaticAuth { | |
16 | fn check_auth( | |
17 | &self, | |
18 | headers: &http::HeaderMap, | |
19 | _method: &hyper::Method, | |
fd6d2438 | 20 | ) -> Result<String, AuthError> { |
dd9cef56 SR |
21 | match headers.get(hyper::header::AUTHORIZATION) { |
22 | Some(header) if header.to_str().unwrap_or("") == &self.ticket => { | |
fd6d2438 | 23 | Ok(String::from("root@pam")) |
dd9cef56 SR |
24 | } |
25 | _ => { | |
26 | return Err(AuthError::Generic(format_err!( | |
27 | "invalid file restore ticket provided" | |
28 | ))); | |
29 | } | |
30 | } | |
31 | } | |
32 | } | |
33 | ||
34 | pub fn ticket_auth() -> Result<StaticAuth, Error> { | |
35 | let mut ticket_file = File::open(TICKET_FILE)?; | |
36 | let mut ticket = String::new(); | |
37 | let len = ticket_file.read_to_string(&mut ticket)?; | |
38 | if len <= 0 { | |
39 | bail!("invalid ticket: cannot be empty"); | |
40 | } | |
41 | Ok(StaticAuth { ticket }) | |
42 | } |