]>
Commit | Line | Data |
---|---|---|
3a540a69 FG |
1 | package PVE::TokenConfig; |
2 | ||
3 | use strict; | |
4 | use warnings; | |
5 | ||
6 | use UUID; | |
7 | ||
8 | use PVE::AccessControl; | |
9 | use PVE::Cluster; | |
10 | ||
11 | my $parse_token_cfg = sub { | |
12 | my ($filename, $raw) = @_; | |
13 | ||
14 | my $parsed = {}; | |
15 | my @lines = split(/\n/, $raw); | |
16 | ||
17 | foreach my $line (@lines) { | |
18 | next if $line =~ m/^\s*$/; | |
19 | ||
20 | if ($line =~ m/^(\S+) (\S+)$/) { | |
21 | if (PVE::AccessControl::pve_verify_tokenid($1, 1)) { | |
22 | $parsed->{$1} = $2; | |
23 | next; | |
24 | } | |
25 | } | |
26 | ||
27 | warn "skipping invalid token.cfg entry\n"; | |
28 | } | |
29 | ||
30 | return $parsed; | |
31 | }; | |
32 | ||
33 | my $write_token_cfg = sub { | |
34 | my ($filename, $data) = @_; | |
35 | ||
36 | my $raw = ''; | |
37 | foreach my $tokenid (sort keys %$data) { | |
38 | $raw .= "$tokenid $data->{$tokenid}\n"; | |
39 | } | |
40 | ||
41 | return $raw; | |
42 | }; | |
43 | ||
44 | PVE::Cluster::cfs_register_file('priv/token.cfg', $parse_token_cfg, $write_token_cfg); | |
45 | ||
46 | sub generate_token { | |
47 | my ($tokenid) = @_; | |
48 | ||
49 | PVE::AccessControl::pve_verify_tokenid($tokenid); | |
50 | ||
51 | my $token_value = PVE::Cluster::cfs_lock_file('priv/token.cfg', 10, sub { | |
52 | my $uuid = UUID::uuid(); | |
53 | my $token_cfg = PVE::Cluster::cfs_read_file('priv/token.cfg'); | |
54 | ||
55 | $token_cfg->{$tokenid} = $uuid; | |
56 | ||
57 | PVE::Cluster::cfs_write_file('priv/token.cfg', $token_cfg); | |
58 | ||
59 | return $uuid; | |
60 | }); | |
61 | ||
62 | die "$@\n" if defined($@); | |
63 | ||
64 | return $token_value; | |
65 | } | |
66 | ||
67 | sub delete_token { | |
68 | my ($tokenid) = @_; | |
69 | ||
70 | PVE::Cluster::cfs_lock_file('priv/token.cfg', 10, sub { | |
71 | my $token_cfg = PVE::Cluster::cfs_read_file('priv/token.cfg'); | |
72 | ||
73 | delete $token_cfg->{$tokenid}; | |
74 | ||
75 | PVE::Cluster::cfs_write_file('priv/token.cfg', $token_cfg); | |
76 | }); | |
77 | ||
78 | die "$@\n" if defined($@); | |
79 | } |