bartoszek/rublon-ssh
1
0
Fork 0
Code Issues 7 Pull Requests Packages Projects Releases Wiki Activity
25b29e6f32
rublon-ssh/PAM/ssh/include/rublon/method/passcode_based_auth.hpp
rublon-bwi 25b29e6f32
Bwi/logic fixes (#5) 
* Code rafactoring, formating, add proper readout of operating system

* refactor
2023-10-26 10:13:01 +02:00

87 lines
3.4 KiB
C++
Raw Blame History

#pragma once
#include <tl/expected.hpp>
#include <rublon/authentication_step_interface.hpp>
#include <rublon/pam.hpp>
#include <rublon/pam_action.hpp>
namespace rublon::method {
class PasscodeBasedAuth : public AuthenticationStep< PasscodeBasedAuth > {
using base_t = AuthenticationStep< PasscodeBasedAuth >;
const char * uri = "/api/transaction/confirmCode";
const char * userMessage{nullptr};
constexpr static bool isdigit(char ch) {
return std::isdigit(static_cast< unsigned char >(ch));
}
static bool digitsOnly(std::string_view userinput) {
return std::all_of(userinput.cbegin(), userinput.cend(), isdigit);
}
static bool hasProperLength(std::string_view userInput) {
return userInput.size() == 6;
}
template < typename PamInfo_t = LinuxPam >
tl::expected< std::reference_wrapper< Document >, Error > readPasscode(Document & body, const PamInfo_t & pam) const {
auto & alloc = body.GetAllocator();
auto vericode = pam.scan([](const char * userInput) { return std::string{userInput}; }, userMessage);
if(hasProperLength(vericode) and digitsOnly(vericode)) {
body.AddMember("vericode", Value{vericode.c_str(), alloc}, alloc);
return body;
}
return tl::unexpected{Error{WerificationError{WerificationError::WrongCode}}};
}
template < typename PamInfo_t = LinuxPam >
tl::expected< std::reference_wrapper< Document >, Error > askForPasscodeAgain(Document & body, const PamInfo_t & pam) const {
pam.print("passcode has wrong number of digits or illegal characters, please correct");
return readPasscode(body, pam);
}
template < typename PamInfo_t = LinuxPam >
tl::expected< AuthenticationStatus, Error > checkAuthenticationStatus(const Document & coreResponse, const PamInfo_t & pam) const {
RapidJSONPMRStackAlloc< 1024 > alloc;
auto error = JSONPointer{"/result/error", &alloc}.Get(coreResponse);
if(error) {
pam.print("Wrong code");
return tl::unexpected{Error{WerificationError{WerificationError::WrongCode}}};
}
pam.print("Verification code validated");
return AuthenticationStatus{AuthenticationStatus::Action::Confirmed};
}
public:
const char * name;
PasscodeBasedAuth(std::string systemToken, std::string tid, const char * name, const char * userMessage)
: base_t(std::move(systemToken), std::move(tid)), userMessage{userMessage}, name{name} {}
template < typename Hander_t, typename PamInfo_t = LinuxPam >
tl::expected< AuthenticationStatus, Error > handle(const CoreHandlerInterface< Hander_t > & coreHandler, const PamInfo_t & pam) const {
RapidJSONPMRStackAlloc< 2048 > alloc{};
Document body{rapidjson::kObjectType, &alloc};
const auto checkCodeValidity = [&](const auto & coreResponse) { return this->checkAuthenticationStatus(coreResponse, pam); };
const auto requestAuthorization = [&](const auto & body) { return coreHandler.request(alloc, uri, body); };
const auto askForPasscodeAgain = [&](const auto & /*error*/) { return this->askForPasscodeAgain(body, pam); };
this->addSystemToken(body);
this->addTid(body);
return readPasscode(body, pam) //
.or_else(askForPasscodeAgain)
.and_then(requestAuthorization)
.and_then(checkCodeValidity);
}
};
} // namespace rublon::method
Reference in New Issue View Git Blame Copy Permalink