/** Handle authorization requests using Couchbase document data
*
* Attempt to fetch the document assocaited with the requested user by
* using the deterministic key defined in the configuration. When a valid
* document is found it will be parsed and the containing value pairs will be
* injected into the request.
*
* @param instance The module instance.
* @param request The authorization request.
* @return Returns operation status (@p rlm_rcode_t).
*/
static rlm_rcode_t mod_authorize(void *instance, REQUEST *request)
{
rlm_couchbase_t *inst = instance; /* our module instance */
rlm_couchbase_handle_t *handle = NULL; /* connection pool handle */
char dockey[MAX_KEY_SIZE]; /* our document key */
lcb_error_t cb_error = LCB_SUCCESS; /* couchbase error holder */
rlm_rcode_t rcode = RLM_MODULE_OK; /* return code */
/* assert packet as not null */
rad_assert(request->packet != NULL);
/* attempt to build document key */
if (radius_xlat(dockey, sizeof(dockey), request, inst->user_key, NULL, NULL) < 0) {
/* log error */
RERROR("could not find user key attribute (%s) in packet", inst->user_key);
/* return */
return RLM_MODULE_FAIL;
}
/* get handle */
handle = fr_connection_get(inst->pool);
/* check handle */
if (!handle) return RLM_MODULE_FAIL;
/* set couchbase instance */
lcb_t cb_inst = handle->handle;
/* set cookie */
cookie_t *cookie = handle->cookie;
/* fetch document */
cb_error = couchbase_get_key(cb_inst, cookie, dockey);
/* check error */
if (cb_error != LCB_SUCCESS || !cookie->jobj) {
/* log error */
RERROR("failed to fetch document or parse return");
/* set return */
rcode = RLM_MODULE_FAIL;
/* return */
goto free_and_return;
}
/* debugging */
RDEBUG3("parsed user document == %s", json_object_to_json_string(cookie->jobj));
/* inject config value pairs defined in this json oblect */
mod_json_object_to_value_pairs(cookie->jobj, "config", request);
/* inject reply value pairs defined in this json oblect */
mod_json_object_to_value_pairs(cookie->jobj, "reply", request);
free_and_return:
/* free json object */
if (cookie->jobj) {
json_object_put(cookie->jobj);
cookie->jobj = NULL;
}
/* release handle */
if (handle) {
fr_connection_release(inst->pool, handle);
}
/* return */
return rcode;
}
/** Handle authorization requests using Couchbase document data
*
* Attempt to fetch the document assocaited with the requested user by
* using the deterministic key defined in the configuration. When a valid
* document is found it will be parsed and the containing value pairs will be
* injected into the request.
*
* @param instance The module instance.
* @param request The authorization request.
* @return Returns operation status (@p rlm_rcode_t).
*/
static rlm_rcode_t CC_HINT(nonnull) mod_authorize(void *instance, REQUEST *request) {
rlm_couchbase_t *inst = instance; /* our module instance */
void *handle = NULL; /* connection pool handle */
char dockey[MAX_KEY_SIZE]; /* our document key */
lcb_error_t cb_error = LCB_SUCCESS; /* couchbase error holder */
/* assert packet as not null */
rad_assert(request->packet != NULL);
/* attempt to build document key */
if (radius_xlat(dockey, sizeof(dockey), request, inst->user_key, NULL, NULL) < 0) {
/* log error */
RERROR("could not find user key attribute (%s) in packet", inst->user_key);
/* return */
return RLM_MODULE_FAIL;
}
/* get handle */
handle = fr_connection_get(inst->pool);
/* check handle */
if (!handle) return RLM_MODULE_FAIL;
/* set handle pointer */
rlm_couchbase_handle_t *handle_t = handle;
/* set couchbase instance */
lcb_t cb_inst = handle_t->handle;
/* set cookie */
cookie_t *cookie = handle_t->cookie;
/* check cookie */
if (cookie) {
/* clear cookie */
memset(cookie, 0, sizeof(cookie_t));
} else {
/* log error */
RERROR("cookie not usable - possibly not allocated");
/* free connection */
if (handle) {
fr_connection_release(inst->pool, handle);
}
/* return */
return RLM_MODULE_FAIL;
}
/* reset cookie error status */
cookie->jerr = json_tokener_success;
/* fetch document */
cb_error = couchbase_get_key(cb_inst, cookie, dockey);
/* check error */
if (cb_error != LCB_SUCCESS || cookie->jerr != json_tokener_success || cookie->jobj == NULL) {
/* log error */
RERROR("failed to fetch document or parse return");
/* free json object */
if (cookie->jobj) {
json_object_put(cookie->jobj);
}
/* release handle */
if (handle) {
fr_connection_release(inst->pool, handle);
}
/* return */
return RLM_MODULE_FAIL;
}
/* debugging */
RDEBUG("parsed user document == %s", json_object_to_json_string(cookie->jobj));
/* inject config value pairs defined in this json oblect */
mod_json_object_to_value_pairs(cookie->jobj, "config", request);
/* inject reply value pairs defined in this json oblect */
mod_json_object_to_value_pairs(cookie->jobj, "reply", request);
/* free json object */
if (cookie->jobj) {
json_object_put(cookie->jobj);
}
/* release handle */
if (handle) {
fr_connection_release(inst->pool, handle);
}
/* return okay */
return RLM_MODULE_OK;
}
/** Handle authorization requests using Couchbase document data
*
* Attempt to fetch the document assocaited with the requested user by
* using the deterministic key defined in the configuration. When a valid
* document is found it will be parsed and the containing value pairs will be
* injected into the request.
*
* @param instance The module instance.
* @param request The authorization request.
* @return Operation status (#rlm_rcode_t).
*/
static rlm_rcode_t mod_authorize(void *instance, REQUEST *request)
{
rlm_couchbase_t *inst = instance; /* our module instance */
rlm_couchbase_handle_t *handle = NULL; /* connection pool handle */
char buffer[MAX_KEY_SIZE];
char const *dockey; /* our document key */
lcb_error_t cb_error = LCB_SUCCESS; /* couchbase error holder */
rlm_rcode_t rcode = RLM_MODULE_OK; /* return code */
ssize_t slen;
/* assert packet as not null */
rad_assert(request->packet != NULL);
/* attempt to build document key */
slen = tmpl_expand(&dockey, buffer, sizeof(buffer), request, inst->user_key, NULL, NULL);
if (slen < 0) return RLM_MODULE_FAIL;
if ((dockey == buffer) && is_truncated((size_t)slen, sizeof(buffer))) {
REDEBUG("Key too long, expected < " STRINGIFY(sizeof(buffer)) " bytes, got %zi bytes", slen);
return RLM_MODULE_FAIL;
}
/* get handle */
handle = fr_connection_get(inst->pool);
/* check handle */
if (!handle) return RLM_MODULE_FAIL;
/* set couchbase instance */
lcb_t cb_inst = handle->handle;
/* set cookie */
cookie_t *cookie = handle->cookie;
/* fetch document */
cb_error = couchbase_get_key(cb_inst, cookie, dockey);
/* check error */
if (cb_error != LCB_SUCCESS || !cookie->jobj) {
/* log error */
RERROR("failed to fetch document or parse return");
/* set return */
rcode = RLM_MODULE_FAIL;
/* return */
goto finish;
}
/* debugging */
RDEBUG3("parsed user document == %s", json_object_to_json_string(cookie->jobj));
/* inject config value pairs defined in this json oblect */
mod_json_object_to_value_pairs(cookie->jobj, "config", request);
/* inject reply value pairs defined in this json oblect */
mod_json_object_to_value_pairs(cookie->jobj, "reply", request);
finish:
/* free json object */
if (cookie->jobj) {
json_object_put(cookie->jobj);
cookie->jobj = NULL;
}
/* release handle */
if (handle) {
fr_connection_release(inst->pool, handle);
}
/* return */
return rcode;
}
