int
rsAuthRequest (rsComm_t *rsComm, authRequestOut_t **authRequestOut)
{
authRequestOut_t *result;
char *bufp;
*authRequestOut = (authRequestOut_t*)malloc(sizeof(authRequestOut_t));
memset((char *)*authRequestOut, 0, sizeof(authRequestOut_t));
memset(buf, 0, sizeof(buf));
get64RandomBytes(buf);
if (obfGetDefaultHashType()==HASH_TYPE_SHA1) {
/* indicate that this server prefers sha1 */
buf[0]='s';
buf[1]='h';
buf[2]='a';
buf[3]='1';
}
else {
/* make sure there's no accidential match with 'sha1';
the odds are almost 0 but this makes it completely 0. */
if (buf[0]=='s') buf[0]++;
}
bufp = (char*)malloc(CHALLENGE_LEN+2);
if (bufp == NULL) return(SYS_MALLOC_ERR);
strncpy(bufp, buf, CHALLENGE_LEN+2);
result = *authRequestOut;
result->challenge = bufp;
return(0);
}
int
rsAuthRequest (rsComm_t *rsComm, authRequestOut_t **authRequestOut)
{
authRequestOut_t *result;
char *bufp;
*authRequestOut = (authRequestOut_t*)malloc(sizeof(authRequestOut_t));
memset((char *)*authRequestOut, 0, sizeof(authRequestOut_t));
memset(buf, 0, sizeof(buf));
get64RandomBytes(buf);
bufp = (char*)malloc(CHALLENGE_LEN+2);
if (bufp == NULL) return(SYS_MALLOC_ERR);
strncpy(bufp, buf, CHALLENGE_LEN+2);
result = *authRequestOut;
result->challenge = bufp;
return(0);
}
void
makeTicket( char *newTicket ) {
int characterSet_len;
int characterSet[26 + 26 + 10];
char buf1[100], buf2[20];
get64RandomBytes( buf1 );
int i, ix, j;
/*
Set up an array of characters that are allowed in the result.
*/
characterSet_len = 26 + 26 + 10;
j = 0;
for ( i = 0; i < 26; i++ ) {
characterSet[j++] = ( int )'A' + i;
}
for ( i = 0; i < 26; i++ ) {
characterSet[j++] = ( int )'a' + i;
}
for ( i = 0; i < 10; i++ ) {
characterSet[j++] = ( int )'0' + i;
}
for ( i = 0, j = 0; j < 15; i++ ) {
ix = ( int )buf1[i];
ix = ix & 0x3f;
if ( ix < characterSet_len - 1 ) {
buf2[j++] = ( char )characterSet[ix];
}
else {
}
}
buf2[j++] = '\0';
strncpy( newTicket, buf2, 20 );
printf( "ticket:%s\n", buf2 );
}
// =-=-=-=-=-=-=-
// handle an agent-side auth request call
irods::error osauth_auth_agent_request(
irods::auth_plugin_context& _ctx ) {
// =-=-=-=-=-=-=-
// validate incoming parameters
if ( !_ctx.valid< irods::osauth_auth_object >().ok() ) {
return ERROR( SYS_INVALID_INPUT_PARAM, "invalid plugin context" );
}
// =-=-=-=-=-=-=-
// generate a random buffer and copy it to the challenge
char buf[ CHALLENGE_LEN + 2 ];
get64RandomBytes( buf );
// =-=-=-=-=-=-=-
// get the auth object
irods::osauth_auth_object_ptr ptr = boost::dynamic_pointer_cast <
irods::osauth_auth_object > ( _ctx.fco() );
// =-=-=-=-=-=-=-
// cache the challenge
ptr->request_result( buf );
// =-=-=-=-=-=-=-
// cache the challenge in the server for later usage
_rsSetAuthRequestGetChallenge( buf );
if ( _ctx.comm()->auth_scheme != NULL ) {
free( _ctx.comm()->auth_scheme );
}
_ctx.comm()->auth_scheme = strdup( irods::AUTH_OSAUTH_SCHEME.c_str() );
// =-=-=-=-=-=-=-
// win!
return SUCCESS();
} // osauth_auth_agent_request
