static void
handle_login (CockpitHandlerData *data,
CockpitWebService *service,
const gchar *path,
GHashTable *headers,
CockpitWebResponse *response)
{
GHashTable *out_headers;
GIOStream *io_stream;
CockpitCreds *creds;
JsonObject *creds_json = NULL;
if (service)
{
out_headers = cockpit_web_server_new_table ();
creds = cockpit_web_service_get_creds (service);
creds_json = cockpit_creds_to_json (creds);
send_login_response (response, creds_json, out_headers);
g_hash_table_unref (out_headers);
json_object_unref (creds_json);
return;
}
io_stream = cockpit_web_response_get_stream (response);
cockpit_auth_login_async (data->auth, path,io_stream, headers,
on_login_complete, g_object_ref (response));
}
JsonObject *
cockpit_auth_login_finish (CockpitAuth *self,
GAsyncResult *result,
CockpitAuthFlags flags,
GHashTable *out_headers,
GError **error)
{
CockpitAuthClass *klass = COCKPIT_AUTH_GET_CLASS (self);
CockpitAuthenticated *authenticated;
CockpitTransport *transport = NULL;
JsonObject *prompt_data = NULL;
CockpitCreds *creds;
gchar *cookie_b64 = NULL;
gchar *cookie_name = NULL;
gchar *header;
gchar *id;
g_return_val_if_fail (klass->login_finish != NULL, FALSE);
creds = klass->login_finish (self, result, out_headers,
&prompt_data, &transport, error);
self->startups--;
if (creds == NULL)
return prompt_data;
id = cockpit_auth_nonce (self);
authenticated = g_new0 (CockpitAuthenticated, 1);
authenticated->cookie = g_strdup_printf ("v=2;k=%s", id);
authenticated->creds = creds;
authenticated->service = cockpit_web_service_new (creds, transport);
authenticated->auth = self;
authenticated->idling_sig = g_signal_connect (authenticated->service, "idling",
G_CALLBACK (on_web_service_idling), authenticated);
authenticated->destroy_sig = g_signal_connect (authenticated->service, "destroy",
G_CALLBACK (on_web_service_destroy), authenticated);
if (transport)
g_object_unref (transport);
g_object_weak_ref (G_OBJECT (authenticated->service),
on_web_service_gone, authenticated);
/* Start off in the idling state, and begin a timeout during which caller must do something else */
on_web_service_idling (authenticated->service, authenticated);
g_hash_table_insert (self->authenticated, authenticated->cookie, authenticated);
g_debug ("sending %s credential id '%s' for user '%s'", id,
cockpit_creds_get_application (creds),
cockpit_creds_get_user (creds));
g_free (id);
if (out_headers)
{
gboolean force_secure = !(flags & COCKPIT_AUTH_COOKIE_INSECURE);
cookie_name = application_cookie_name (cockpit_creds_get_application (creds));
cookie_b64 = g_base64_encode ((guint8 *)authenticated->cookie, strlen (authenticated->cookie));
header = g_strdup_printf ("%s=%s; Path=/; %s HttpOnly",
cookie_name, cookie_b64,
force_secure ? " Secure;" : "");
g_free (cookie_b64);
g_free (cookie_name);
g_hash_table_insert (out_headers, g_strdup ("Set-Cookie"), header);
}
g_info ("logged in user: %s", cockpit_creds_get_user (authenticated->creds));
return cockpit_creds_to_json (creds);
}
