scottk/wlan-cloud-ucentralsec
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/wlan-cloud-ucentralsec.git synced 2025-11-02 03:37:51 +00:00
Code Issues Packages Projects Releases 10 Wiki Activity

https://telecominfraproject.atlassian.net/browse/WIFI-11303

Browse Source 
Signed-off-by: stephb9959 <stephane.bourque@gmail.com>
This commit is contained in:
stephb9959
2022-11-04 10:13:43 -07:00
parent 447ab2a705
commit 6db6e51ef3
5 changed files with 49 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
build
View File

@@ -1 +1 @@
9
11

52
src/AuthService.cpp
View File

@@ -145,23 +145,11 @@ namespace OpenWifi {
return false;
}
bool AuthService::IsAuthorized(Poco::Net::HTTPServerRequest & Request, std::string & SessionToken, SecurityObjects::UserInfoAndPolicy & UInfo, std::uint64_t TID, bool & Expired )
{
[[nodiscard]] bool AuthService::IsAuthorized(const std::string &SessionToken, SecurityObjects::UserInfoAndPolicy & UInfo, std::uint64_t TID, bool & Expired) {
// std::lock_guard Guard(Mutex_);
std::string CallToken;
std::string CallToken{SessionToken};
Expired = false;
try {
Poco::Net::OAuth20Credentials Auth(Request);
if (Auth.getScheme() == "Bearer") {
CallToken = Auth.getBearerToken();
}
if(CallToken.empty()) {
poco_debug(Logger(), fmt::format("TokenValidation failed for TID={} Token={}", TID, CallToken));
return false;
}
try {
SecurityObjects::WebToken WT;
uint64_t RevocationDate=0;
std::string UserId;
@@ -174,16 +162,40 @@ namespace OpenWifi {
Expired = (WT.created_ + WT.expires_in_) < now;
if(StorageService()->UserDB().GetUserById(UserId,UInfo.userinfo)) {
UInfo.webtoken = WT;
SessionToken = CallToken;
poco_debug(Logger(), fmt::format("TokenValidation success for TID={} Token={}", TID, CallToken));
return true;
}
}
} catch(const Poco::Exception &E) {
Logger().log(E);
}
} catch(const Poco::Exception &E) {
Logger().log(E);
}
poco_debug(Logger(), fmt::format("TokenValidation failed for TID={} Token={}", TID, CallToken));
return false;
return false;
}
bool AuthService::IsAuthorized(Poco::Net::HTTPServerRequest & Request, std::string & SessionToken, SecurityObjects::UserInfoAndPolicy & UInfo, std::uint64_t TID, bool & Expired )
{
// std::lock_guard Guard(Mutex_);
std::string CallToken;
Expired = false;
try {
Poco::Net::OAuth20Credentials Auth(Request);
if (Auth.getScheme() == "Bearer") {
CallToken = Auth.getBearerToken();
}
if (CallToken.empty()) {
poco_debug(Logger(), fmt::format("TokenValidation failed for TID={} Token={}", TID, CallToken));
return false;
}
SessionToken = CallToken;
return IsAuthorized(SessionToken, UInfo, TID, Expired);
} catch(const Poco::Exception &E) {
Logger().log(E);
}
poco_debug(Logger(), fmt::format("TokenValidation failed for TID={} Token={}", TID, CallToken));
return false;
}
bool AuthService::IsSubAuthorized(Poco::Net::HTTPServerRequest & Request, std::string & SessionToken, SecurityObjects::UserInfoAndPolicy & UInfo, std::uint64_t TID, bool & Expired )

3
src/AuthService.h
View File

@@ -51,6 +51,8 @@ namespace OpenWifi{
void Stop() override;
[[nodiscard]] bool IsAuthorized(Poco::Net::HTTPServerRequest & Request,std::string &SessionToken, SecurityObjects::UserInfoAndPolicy & UInfo, std::uint64_t TID, bool & Expired);
[[nodiscard]] bool IsAuthorized(const std::string &SessionToken, SecurityObjects::UserInfoAndPolicy & UInfo, std::uint64_t TID, bool & Expired);
[[nodiscard]] UNAUTHORIZED_REASON Authorize( std::string & UserName, const std::string & Password, const std::string & NewPassword, SecurityObjects::UserInfoAndPolicy & UInfo, bool & Expired );
void CreateToken(const std::string & UserName, SecurityObjects::UserInfoAndPolicy &UInfo);
[[nodiscard]] bool SetPassword(const std::string &Password, SecurityObjects::UserInfo & UInfo);
@@ -59,6 +61,7 @@ namespace OpenWifi{
[[nodiscard]] bool IsSubAuthorized(Poco::Net::HTTPServerRequest & Request,std::string &SessionToken, SecurityObjects::UserInfoAndPolicy & UInfo, std::uint64_t TID, bool & Expired);
[[nodiscard]] UNAUTHORIZED_REASON AuthorizeSub( std::string & UserName, const std::string & Password, const std::string & NewPassword, SecurityObjects::UserInfoAndPolicy & UInfo, bool & Expired );
void CreateSubToken(const std::string & UserName, SecurityObjects::UserInfoAndPolicy &UInfo);
[[nodiscard]] bool SetSubPassword(const std::string &Password, SecurityObjects::UserInfo & UInfo);
[[nodiscard]] const std:: string & SubPasswordValidationExpression() const { return PasswordValidationStr_;};

12
src/framework/MicroService.cpp
View File

@@ -246,27 +246,19 @@ namespace OpenWifi {
FileChannel->setProperty("purgeCount", "10");
FileChannel->setProperty("path", LoggingLocation);
if(UseAsyncLogs_) {
std::cout << __LINE__ << std::endl;
Poco::AutoPtr<Poco::AsyncChannel> Async_File(
new Poco::AsyncChannel(FileChannel));
std::cout << __LINE__ << std::endl;
Poco::AutoPtr<Poco::PatternFormatter> Formatter(new Poco::PatternFormatter);
std::cout << __LINE__ << std::endl;
Formatter->setProperty("pattern", LoggingFormat);
std::cout << __LINE__ << std::endl;
Poco::AutoPtr<Poco::FormattingChannel> FormattingChannel(
new Poco::FormattingChannel(Formatter, Async_File));
std::cout << __LINE__ << std::endl;
if(DisableWebSocketLogging) {
std::cout << __LINE__ << std::endl;
Poco::Logger::root().setChannel(FormattingChannel);
} else {
std::cout << __LINE__ << std::endl;
Poco::AutoPtr<WebSocketLogger> WSLogger(new WebSocketLogger);
Poco::AutoPtr<Poco::SplitterChannel> Splitter(new Poco::SplitterChannel);
Splitter->addChannel(WSLogger);
Splitter->addChannel(FormattingChannel);
std::cout << __LINE__ << std::endl;
Poco::Logger::root().setChannel(Splitter);
}
@@ -276,18 +268,14 @@ namespace OpenWifi {
Poco::AutoPtr<Poco::FormattingChannel> FormattingChannel(
new Poco::FormattingChannel(Formatter, FileChannel));
if(DisableWebSocketLogging) {
std::cout << __LINE__ << std::endl;
Poco::Logger::root().setChannel(FormattingChannel);
} else {
std::cout << __LINE__ << std::endl;
Poco::AutoPtr<Poco::SplitterChannel> Splitter(new Poco::SplitterChannel);
Poco::AutoPtr<WebSocketLogger> WSLogger(new WebSocketLogger);
Splitter->addChannel(WSLogger);
Splitter->addChannel(FormattingChannel);
std::cout << __LINE__ << std::endl;
Poco::Logger::root().setChannel(Splitter);
}
std::cout << __LINE__ << std::endl;
}
}
auto Level = Poco::Logger::parseLevel(MicroService::instance().ConfigGetString("logging.level", "debug"));

16
src/framework/UI_WebSocketClientServer.cpp
View File

@@ -15,6 +15,10 @@
#include "fmt/format.h"
#if defined(TIP_SECURITY_SERVICE)
#include "AuthService.h"
#endif
#define DBG { std::cout << __LINE__ << std::endl; }
namespace OpenWifi {
@@ -216,9 +220,16 @@ namespace OpenWifi {
if (!Client->second->Authenticated_) {
std::string Frame{IncomingFrame.begin()};
auto Tokens = Utils::Split(Frame, ':');
bool Expired = false, Contacted = false;
bool Expired = false;
#if not defined(TIP_SECURITY_SERVICE)
bool Contacted = false;
#endif
if (Tokens.size() == 2 &&
AuthClient()->IsAuthorized(Tokens[1], Client->second->UserInfo_, 0, Expired, Contacted)) {
#if defined(TIP_SECURITY_SERVICE)
AuthService()->IsAuthorized(Tokens[1], Client->second->UserInfo_, 0, Expired)) {
#else
AuthClient()->IsAuthorized(Tokens[1], Client->second->UserInfo_, 0, Expired, Contacted)) {
#endif
Client->second->Authenticated_ = true;
Client->second->UserName_ = Client->second->UserInfo_.userinfo.email;
poco_debug(Logger(),fmt::format("START({}): {} UI Client is starting WS connection.", Client->second->Id_, Client->second->UserName_));
@@ -234,7 +245,6 @@ namespace OpenWifi {
std::ostringstream OS;
WelcomeMessage.stringify(OS);
Client->second->WS_->sendFrame(OS.str().c_str(), (int) OS.str().size());
Client->second->WS_->sendFrame(OS.str().c_str(), (int) OS.str().size());
return EndConnection(G, Client);
}
} else {