[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[libeufin] branch master updated: define authenticator helper
From: |
gnunet |
Subject: |
[libeufin] branch master updated: define authenticator helper |
Date: |
Tue, 07 Apr 2020 21:30:46 +0200 |
This is an automated email from the git hooks/post-receive script.
marcello pushed a commit to branch master
in repository libeufin.
The following commit(s) were added to refs/heads/master by this push:
new 9187644 define authenticator helper
9187644 is described below
commit 9187644df5b541b4991a48fa6268aa9ad6c9597b
Author: Marcello Stanisci <address@hidden>
AuthorDate: Tue Apr 7 21:30:23 2020 +0200
define authenticator helper
---
.../src/main/kotlin/tech/libeufin/nexus/Helpers.kt | 2 --
nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt | 10 -------
nexus/src/main/kotlin/tech/libeufin/nexus/taler.kt | 31 ++++++++++++++++++----
3 files changed, 26 insertions(+), 17 deletions(-)
diff --git a/nexus/src/main/kotlin/tech/libeufin/nexus/Helpers.kt
b/nexus/src/main/kotlin/tech/libeufin/nexus/Helpers.kt
index e39f521..372d414 100644
--- a/nexus/src/main/kotlin/tech/libeufin/nexus/Helpers.kt
+++ b/nexus/src/main/kotlin/tech/libeufin/nexus/Helpers.kt
@@ -1,8 +1,6 @@
package tech.libeufin.nexus
import io.ktor.http.HttpStatusCode
-import org.apache.commons.compress.archivers.zip.ZipFile
-import org.apache.commons.compress.utils.SeekableInMemoryByteChannel
/**
* Inserts spaces every 2 characters, and a newline after 8 pairs.
diff --git a/nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt
b/nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt
index 963d5ce..7daca4d 100644
--- a/nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt
+++ b/nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt
@@ -325,16 +325,6 @@ fun main() {
this.level = Level.DEBUG
this.logger = tech.libeufin.nexus.logger
}
- /*
- install(Authentication) {
- basic("taler") {
- validate {credentials ->
-
-
- }
- }
- }*/
-
install(ContentNegotiation) {
gson {
setDateFormat(DateFormat.LONG)
diff --git a/nexus/src/main/kotlin/tech/libeufin/nexus/taler.kt
b/nexus/src/main/kotlin/tech/libeufin/nexus/taler.kt
index 3437b73..9c8ef51 100644
--- a/nexus/src/main/kotlin/tech/libeufin/nexus/taler.kt
+++ b/nexus/src/main/kotlin/tech/libeufin/nexus/taler.kt
@@ -5,12 +5,14 @@ import io.ktor.http.ContentType
import io.ktor.http.HttpStatusCode
import io.ktor.response.respondText
import io.ktor.routing.Route
+import io.ktor.routing.get
import io.ktor.routing.post
import org.jetbrains.exposed.sql.and
import org.jetbrains.exposed.sql.transactions.transaction
import tech.libeufin.util.CryptoUtil
import tech.libeufin.util.base64ToBytes
import java.lang.Exception
+import javax.sql.rowset.serial.SerialBlob
/**
* This helper function parses a Authorization:-header line, decode the
credentials
@@ -42,11 +44,8 @@ class Taler(app: Route) {
* (!= public key) subject. */
refund(app)
- /**
- * NOTE: Taler exchanges do authenticate via the HTTP Basic auth
mechanism,
- * which is currently _missing_ in the nexus. Therefore, a mapping
from auth
- * header lines to ebics_subscriber needs to be implemented!
- */
+ /** Tester for HTTP basic auth. */
+ testAuth(app)
}
/**
@@ -117,6 +116,28 @@ class Taler(app: Route) {
val row_id: Long
)
+ // throws error if password is wrong
+ private fun authenticateRequest(authorization: String?) {
+ val headerLine = authorization ?: throw NexusError(
+ HttpStatusCode.BadRequest, "Authentication:-header line not found"
+ )
+ logger.debug("Checking for authorization: $headerLine")
+ transaction {
+ val (user, pass) = extractUserAndHashedPassword(headerLine)
+ EbicsSubscriberEntity.find {
+ EbicsSubscribersTable.id eq user and
(EbicsSubscribersTable.password eq SerialBlob(pass))
+ }.firstOrNull()
+ } ?: throw NexusError(HttpStatusCode.Forbidden, "Wrong password")
+ }
+
+ fun testAuth(app: Route) {
+ app.get("/taler/test-auth") {
+ authenticateRequest(call.request.headers["Authorization"])
+ call.respondText("Authenticated!", ContentType.Text.Plain,
HttpStatusCode.OK)
+ return@get
+ }
+ }
+
fun digest(app: Route) {
app.post("/ebics/taler/{id}/digest-incoming-transactions") {
val id = expectId(call.parameters["id"])
--
To stop receiving notification emails like this one, please contact
address@hidden.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [libeufin] branch master updated: define authenticator helper,
gnunet <=