granicus.if.org Git - icinga2/blob - lib/remote/apiuser.cpp

   1 /******************************************************************************
   2  * Icinga 2                                                                   *
   3  * Copyright (C) 2012-2017 Icinga Development Team (https://www.icinga.com/)  *
   4  *                                                                            *
   5  * This program is free software; you can redistribute it and/or              *
   6  * modify it under the terms of the GNU General Public License                *
   7  * as published by the Free Software Foundation; either version 2             *
   8  * of the License, or (at your option) any later version.                     *
   9  *                                                                            *
  10  * This program is distributed in the hope that it will be useful,            *
  11  * but WITHOUT ANY WARRANTY; without even the implied warranty of             *
  12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the              *
  13  * GNU General Public License for more details.                               *
  14  *                                                                            *
  15  * You should have received a copy of the GNU General Public License          *
  16  * along with this program; if not, write to the Free Software Foundation     *
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.             *
  18  ******************************************************************************/
  19
  20 #include "remote/apiuser.hpp"
  21 #include "remote/apiuser.tcpp"
  22 #include "base/configtype.hpp"
  23 #include "base/base64.hpp"
  24
  25 using namespace icinga;
  26
  27 REGISTER_TYPE(ApiUser);
  28
  29 ApiUser::Ptr ApiUser::GetByClientCN(const String& cn)
  30 {
  31         for (const ApiUser::Ptr& user : ConfigType::GetObjectsByType<ApiUser>()) {
  32                 if (user->GetClientCN() == cn)
  33                         return user;
  34         }
  35
  36         return ApiUser::Ptr();
  37 }
  38
  39 ApiUser::Ptr ApiUser::GetByAuthHeader(const String& auth_header)
  40 {
  41         String::SizeType pos = auth_header.FindFirstOf(" ");
  42         String username, password;
  43
  44         if (pos != String::NPos && auth_header.SubStr(0, pos) == "Basic") {
  45                 String credentials_base64 = auth_header.SubStr(pos + 1);
  46                 String credentials = Base64::Decode(credentials_base64);
  47
  48                 String::SizeType cpos = credentials.FindFirstOf(":");
  49
  50                 if (cpos != String::NPos) {
  51                         username = credentials.SubStr(0, cpos);
  52                         password = credentials.SubStr(cpos + 1);
  53                 }
  54         }
  55
  56         const ApiUser::Ptr& user = ApiUser::GetByName(username);
  57
  58         /* Deny authentication if 1) given password is empty 2) configured password does not match. */
  59         if (password.IsEmpty())
  60                 return nullptr;
  61         else if (user && user->GetPassword() != password)
  62                 return nullptr;
  63
  64         return user;
  65 }