scottk/wlan-cloud-ucentralsec
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/wlan-cloud-ucentralsec.git synced 2025-11-01 11:17:51 +00:00
Code Issues Packages Projects Releases 10 Wiki Activity

Fixes for subscriber service.

Browse Source
This commit is contained in:
stephb9959
2021-12-14 14:23:24 -08:00
parent be46b46340
commit 524f79e825
7 changed files with 65 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
build
View File

@@ -1 +1 @@
116
117

72
src/AuthService.cpp
View File

@@ -78,14 +78,15 @@ namespace OpenWifi {
if(!CallToken.empty()) {
auto Client = UserCache_.get(CallToken);
if( Client.isNull() ) {
SecurityObjects::UserInfoAndPolicy UInfo2;
SecurityObjects::WebToken WT;
uint64_t RevocationDate=0;
if(StorageService()->GetToken(CallToken,UInfo2,RevocationDate)) {
std::string UserId;
if(StorageService()->GetToken(CallToken, WT, UserId, RevocationDate)) {
if(RevocationDate!=0)
return false;
Expired = (UInfo2.webtoken.created_ + UInfo2.webtoken.expires_in_) < time(nullptr);
if(StorageService()->GetUserById(UInfo2.userinfo.Id,UInfo.userinfo)) {
UInfo.webtoken = UInfo2.webtoken;
Expired = (WT.created_ + WT.expires_in_) < time(nullptr);
if(StorageService()->GetUserById(UserId,UInfo.userinfo)) {
UInfo.webtoken = WT;
UserCache_.update(CallToken, UInfo);
SessionToken = CallToken;
return true;
@@ -121,14 +122,15 @@ namespace OpenWifi {
if(!CallToken.empty()) {
auto Client = SubUserCache_.get(CallToken);
if( Client.isNull() ) {
SecurityObjects::UserInfoAndPolicy UInfo2;
SecurityObjects::WebToken WT;
uint64_t RevocationDate=0;
if(StorageService()->GetSubToken(CallToken,UInfo2,RevocationDate)) {
std::string UserId;
if(StorageService()->GetSubToken(CallToken,WT, UserId, RevocationDate)) {
if(RevocationDate!=0)
return false;
Expired = (UInfo2.webtoken.created_ + UInfo2.webtoken.expires_in_) < time(nullptr);
if(StorageService()->GetSubUserById(UInfo2.userinfo.Id,UInfo.userinfo)) {
UInfo.webtoken = UInfo2.webtoken;
Expired = (WT.created_ + WT.expires_in_) < time(nullptr);
if(StorageService()->GetSubUserById(UserId,UInfo.userinfo)) {
UInfo.webtoken = WT;
SubUserCache_.update(CallToken, UInfo);
SessionToken = CallToken;
return true;
@@ -156,7 +158,7 @@ namespace OpenWifi {
}
void AuthService::RevokeSubToken(std::string & Token) {
UserCache_.remove(Token);
SubUserCache_.remove(Token);
StorageService()->RevokeSubToken(Token);
}
@@ -631,57 +633,53 @@ namespace OpenWifi {
return true;
}
std::string TToken{Token};
if(StorageService()->IsTokenRevoked(TToken)) {
return false;
}
// get the token from disk...
std::string TToken{Token}, UserId;
SecurityObjects::UserInfoAndPolicy UInfo;
SecurityObjects::WebToken WT;
uint64_t RevocationDate=0;
if(StorageService()->GetToken(TToken, UInfo, RevocationDate)) {
if(StorageService()->GetToken(TToken, WT, UserId, RevocationDate)) {
if(RevocationDate!=0)
return false;
Expired = (UInfo.webtoken.created_ + UInfo.webtoken.expires_in_) < std::time(nullptr);
if(StorageService()->GetUserById(UInfo.userinfo.Id,UInfo.userinfo)) {
WebToken = UInfo.webtoken;
Expired = (WT.created_ + WT.expires_in_) < std::time(nullptr);
if(StorageService()->GetUserById(UserId,UInfo.userinfo)) {
WebToken = WT;
UserCache_.update(UInfo.webtoken.access_token_, UInfo);
return true;
}
return false;
}
return IsValidSubToken(Token, WebToken, UserInfo, Expired);
}
bool AuthService::IsValidSubToken(const std::string &Token, SecurityObjects::WebToken &WebToken, SecurityObjects::UserInfo &UserInfo, bool & Expired) {
std::lock_guard G(Mutex_);
auto Now = std::time(nullptr);
Expired = false;
auto Client = SubUserCache_.get(Token);
if(!Client.isNull()) {
Expired = (Client->webtoken.created_ + Client->webtoken.expires_in_) < std::time(nullptr);
Expired = (Client->webtoken.created_ + Client->webtoken.expires_in_) < Now ;
WebToken = Client->webtoken;
UserInfo = Client->userinfo;
return true;
}
std::string TToken{Token};
if(StorageService()->IsSubTokenRevoked(TToken)) {
std::string TToken{Token}, UserId;
SecurityObjects::UserInfoAndPolicy UInfo;
SecurityObjects::WebToken WT;
uint64_t RevocationDate=0;
if(StorageService()->GetSubToken(TToken, WT, UserId, RevocationDate)) {
if(RevocationDate!=0)
return false;
Expired = (WT.created_ + WT.expires_in_) < std::time(nullptr);
if(StorageService()->GetSubUserById(UserId,UInfo.userinfo)) {
WebToken = WT;
UserCache_.update(UInfo.webtoken.access_token_, UInfo);
return true;
}
return false;
}
// get the token from disk...
SecurityObjects::UserInfoAndPolicy UInfo;
uint64_t RevocationDate=0;
if(StorageService()->GetSubToken(TToken, UInfo, RevocationDate)) {
if(RevocationDate!=0)
return false;
Expired = (UInfo.webtoken.created_ + UInfo.webtoken.expires_in_) < std::time(nullptr);
if(StorageService()->GetSubUserById(UInfo.userinfo.Id,UInfo.userinfo)) {
WebToken = UInfo.webtoken;
SubUserCache_.update(UInfo.webtoken.access_token_, UInfo);
return true;
}
}
return false;
}

3
src/RESTObjects/RESTAPI_SecurityObjects.cpp
View File

@@ -54,6 +54,8 @@ namespace OpenWifi::SecurityObjects {
return ADMIN;
else if (!Poco::icompare(U,"subscriber"))
return SUBSCRIBER;
else if (!Poco::icompare(U,"partner"))
return PARTNER;
else if (!Poco::icompare(U,"csr"))
return CSR;
else if (!Poco::icompare(U, "system"))
@@ -72,6 +74,7 @@ namespace OpenWifi::SecurityObjects {
case ROOT: return "root";
case ADMIN: return "admin";
case SUBSCRIBER: return "subscriber";
case PARTNER: return "partner";
case CSR: return "csr";
case SYSTEM: return "system";
case INSTALLER: return "installer";

2
src/RESTObjects/RESTAPI_SecurityObjects.h
View File

@@ -43,7 +43,7 @@ namespace OpenWifi {
};
enum USER_ROLE {
UNKNOWN, ROOT, ADMIN, SUBSCRIBER, CSR, SYSTEM, INSTALLER, NOC, ACCOUNTING
UNKNOWN, ROOT, ADMIN, SUBSCRIBER, CSR, SYSTEM, INSTALLER, NOC, ACCOUNTING, PARTNER
};
USER_ROLE UserTypeFromString(const std::string &U);

4
src/StorageService.h
View File

@@ -131,14 +131,14 @@ namespace OpenWifi {
bool IsTokenRevoked( std::string & Token );
bool CleanExpiredTokens();
bool RevokeAllTokens( std::string & UserName );
bool GetToken(std::string &Token, SecurityObjects::UserInfoAndPolicy &UInfo, uint64_t &RevocationDate);
bool GetToken(std::string &Token, SecurityObjects::WebToken &WT, std::string & UserId, uint64_t &RevocationDate);
bool AddSubToken(std::string &UserId, std::string &Token, std::string &RefreshToken, std::string & TokenType, uint64_t Expires, uint64_t TimeOut);
bool RevokeSubToken( std::string & Token );
bool IsSubTokenRevoked( std::string & Token );
bool CleanExpiredSubTokens();
bool RevokeAllSubTokens( std::string & UserName );
bool GetSubToken(std::string &Token, SecurityObjects::UserInfoAndPolicy &UInfo, uint64_t &RevocationDate);
bool GetSubToken(std::string &Token, SecurityObjects::WebToken &WT, std::string & UserId, uint64_t &RevocationDate);
/*
* All ActionLinks functions

18
src/storage/storage_subtokens.cpp
View File

@@ -45,7 +45,7 @@ namespace OpenWifi {
return false;
}
bool Storage::GetSubToken(std::string &Token, SecurityObjects::UserInfoAndPolicy &UInfo, uint64_t &RevocationDate) {
bool Storage::GetSubToken(std::string &Token, SecurityObjects::WebToken &WT, std::string & UserId, uint64_t &RevocationDate) {
try {
Poco::Data::Session Sess = Pool_->get();
@@ -53,13 +53,13 @@ namespace OpenWifi {
RevocationDate = 0 ;
std::string St2{"SELECT " + AllSubTokensFieldsForSelect + " From SubTokens WHERE Token=?"};
Select << ConvertParams(St2),
Poco::Data::Keywords::into(UInfo.webtoken.access_token_),
Poco::Data::Keywords::into(UInfo.webtoken.refresh_token_),
Poco::Data::Keywords::into(UInfo.webtoken.token_type_),
Poco::Data::Keywords::into(UInfo.userinfo.Id),
Poco::Data::Keywords::into(UInfo.webtoken.created_),
Poco::Data::Keywords::into(UInfo.webtoken.expires_in_),
Poco::Data::Keywords::into(UInfo.webtoken.idle_timeout_),
Poco::Data::Keywords::into(WT.access_token_),
Poco::Data::Keywords::into(WT.refresh_token_),
Poco::Data::Keywords::into(WT.token_type_),
Poco::Data::Keywords::into(UserId),
Poco::Data::Keywords::into(WT.created_),
Poco::Data::Keywords::into(WT.expires_in_),
Poco::Data::Keywords::into(WT.idle_timeout_),
Poco::Data::Keywords::into(RevocationDate),
Poco::Data::Keywords::use(Token);
Select.execute();
@@ -139,7 +139,7 @@ namespace OpenWifi {
Poco::Data::Session Sess = Pool_->get();
Poco::Data::Statement Delete(Sess);
std::string St2{"DELETE SubFrom Tokens WHERE Username=?"};
std::string St2{"DELETE From SubTokens WHERE Username=?"};
Delete << ConvertParams(St2),
Poco::Data::Keywords::use(UserId);
Delete.execute();

20
src/storage/storage_tokens.cpp
View File

@@ -42,7 +42,7 @@ namespace OpenWifi {
return false;
}
bool Storage::GetToken(std::string &Token, SecurityObjects::UserInfoAndPolicy &UInfo, uint64_t &RevocationDate) {
bool Storage::GetToken(std::string &Token, SecurityObjects::WebToken &WT, std::string & UserId, uint64_t &RevocationDate) {
try {
Poco::Data::Session Sess = Pool_->get();
@@ -50,17 +50,21 @@ namespace OpenWifi {
RevocationDate = 0 ;
std::string St2{"SELECT " + AllTokensFieldsForSelect + " From Tokens WHERE Token=?"};
Select << ConvertParams(St2),
Poco::Data::Keywords::into(UInfo.webtoken.access_token_),
Poco::Data::Keywords::into(UInfo.webtoken.refresh_token_),
Poco::Data::Keywords::into(UInfo.webtoken.token_type_),
Poco::Data::Keywords::into(UInfo.userinfo.Id),
Poco::Data::Keywords::into(UInfo.webtoken.created_),
Poco::Data::Keywords::into(UInfo.webtoken.expires_in_),
Poco::Data::Keywords::into(UInfo.webtoken.idle_timeout_),
Poco::Data::Keywords::into(WT.access_token_),
Poco::Data::Keywords::into(WT.refresh_token_),
Poco::Data::Keywords::into(WT.token_type_),
Poco::Data::Keywords::into(UserId),
Poco::Data::Keywords::into(WT.created_),
Poco::Data::Keywords::into(WT.expires_in_),
Poco::Data::Keywords::into(WT.idle_timeout_),
Poco::Data::Keywords::into(RevocationDate),
Poco::Data::Keywords::use(Token);
Select.execute();
if(Select.rowsExtracted()!=1)
return false;
return true;
} catch (const Poco::Exception &E) {
Logger().log(E);
}