void/ZeroTierOne
2
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-04-16 12:06:55 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

progress

Browse source
This commit is contained in:
Grant Limberg 2021-11-30 14:22:25 -08:00
parent 9ef75c0e13
commit 6393a4beec
No known key found for this signature in database
GPG key ID: 2BA62CCABBB4095A
3 changed files with 87 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

66
service/OneService.cpp
View file

@ -247,19 +247,28 @@ public:
}
void setConfig(const ZT_VirtualNetworkConfig *nwc) {
char nwbuf[17] = {};
const char* nwid = Utils::hex(nwc->nwid, nwbuf);
fprintf(stderr, "NetworkState::setConfig(%s)\n", nwid);
memcpy(&_config, nwc, sizeof(ZT_VirtualNetworkConfig));
if (_config.ssoEnabled && _config.ssoVersion == 1) {
if (_idc == nullptr) {
assert(_config.issuerURL[0] != nullptr);
fprintf(stderr, "ssoEnabled for %s\n", nwid);
if (_idc == nullptr)
{
assert(_config.issuerURL != nullptr);
assert(_config.ssoClientID != nullptr);
assert(_config.centralAuthURL != nullptr);
char buf[17] = {};
_idc = zeroidc::zeroidc_new(
Utils::hex(_config.nwid, buf),
_config.issuerURL,
_config.ssoClientID,
_config.centralAuthURL,
_webPort
);
fprintf(stderr, "idc created (%s, %s, %s)\n", _config.issuerURL, _config.ssoClientID, _config.centralAuthURL);
}
if (_ainfo != nullptr) {
@ -291,6 +300,14 @@ public:
return _managedRoutes;
}
const char* getAuthURL() {
if (_ainfo != nullptr) {
return zeroidc::zeroidc_get_auth_url(_ainfo);
}
fprintf(stderr, "_ainfo is null\n");
return "";
}
private:
unsigned int _webPort;
std::shared_ptr<EthernetTap> _tap;
@ -410,10 +427,11 @@ static void _networkToJson(nlohmann::json &nj,NetworkState &ns)
}
}
nj["dns"] = m;
nj["authenticationURL"] = ns.config().authenticationURL;
nj["authenticationExpiryTime"] = ns.config().authenticationExpiryTime;
nj["ssoEnabled"] = ns.config().ssoEnabled;
if (ns.config().ssoEnabled) {
nj["authenticationURL"] = ns.getAuthURL();
nj["authenticationExpiryTime"] = ns.config().authenticationExpiryTime;
nj["ssoEnabled"] = ns.config().ssoEnabled;
}
}
static void _peerToJson(nlohmann::json &pj,const ZT_Peer *peer)
@ -1519,10 +1537,12 @@ public:
// Return [array] of all networks
res = nlohmann::json::array();
for (auto it = _nets.begin(); it != _nets.end(); ++it) {
NetworkState &ns = it->second;
nlohmann::json nj;
_networkToJson(res, ns);
_networkToJson(nj, ns);
res.push_back(nj);
}
scode = 200;
@ -1536,8 +1556,14 @@ public:
_networkToJson(res, ns);
scode = 200;
}
} else scode = 404;
} else scode = 500;
} else {
fprintf(stderr, "not found\n");
scode = 404;
}
} else {
fprintf(stderr, "_nets is empty??\n");
scode = 500;
}
} else if (ps[0] == "peer") {
ZT_PeerList *pl = _node->peers();
if (pl) {
@ -1602,7 +1628,15 @@ public:
} else scode = 404;
}
} else scode = 401; // isAuth == false
} else if (ps[0] == "sso") {
// SSO redirect handling
fprintf(stderr, "sso get\n");
fprintf(stderr, "path: %s\n", path.c_str());
fprintf(stderr, "body: %s\n", body.c_str());
scode = 200; scode = 200;
} else {
scode = 401; // isAuth == false && !sso
}
} else if ((httpMethod == HTTP_POST)||(httpMethod == HTTP_PUT)) {
if (isAuth) {
if (ps[0] == "bond") {
@ -1743,7 +1777,16 @@ public:
else scode = 404;
}
} else scode = 401; // isAuth == false
} else if (ps[0] == "sso") {
// sso post handling
fprintf(stderr, "sso post\n");
fprintf(stderr, "path: %s\n", path.c_str());
fprintf(stderr, "body: %s\n", body.c_str());
scode = 200;
}
else {
scode = 401; // isAuth == false
}
} else if (httpMethod == HTTP_DELETE) {
if (isAuth) {
@ -1774,7 +1817,6 @@ public:
scode = _controller->handleControlPlaneHttpDELETE(std::vector<std::string>(ps.begin()+1,ps.end()),urlArgs,headers,body,responseBody,responseContentType);
else scode = 404;
}
} else scode = 401; // isAuth = false
} else {
scode = 400;

34
zeroidc/src/ext.rs
View file

@ -5,11 +5,17 @@ use crate::{AuthInfo, ZeroIDC};
#[no_mangle]
pub extern "C" fn zeroidc_new(
network_id: *const c_char,
issuer: *const c_char,
client_id: *const c_char,
auth_endpoint: *const c_char,
web_listen_port: u16,
) -> *mut ZeroIDC {
if network_id.is_null() {
println!("network_id is null");
return std::ptr::null_mut();
}
if issuer.is_null() {
println!("issuer is null");
return std::ptr::null_mut();
@ -25,12 +31,14 @@ pub extern "C" fn zeroidc_new(
return std::ptr::null_mut();
}
let iss = unsafe { CStr::from_ptr(issuer) };
let c_id = unsafe { CStr::from_ptr(client_id) };
let network_id = unsafe {CStr::from_ptr(network_id) };
let issuer = unsafe { CStr::from_ptr(issuer) };
let client_id = unsafe { CStr::from_ptr(client_id) };
let auth_endpoint = unsafe { CStr::from_ptr(auth_endpoint) };
match ZeroIDC::new(
iss.to_str().unwrap(),
c_id.to_str().unwrap(),
network_id.to_str().unwrap(),
issuer.to_str().unwrap(),
client_id.to_str().unwrap(),
auth_endpoint.to_str().unwrap(),
web_listen_port,
) {
@ -82,6 +90,24 @@ pub extern "C" fn zeroidc_is_running(ptr: *mut ZeroIDC) -> bool {
idc.is_running()
}
#[no_mangle]
pub extern "C" fn zeroidc_process_form_post(ptr: *mut ZeroIDC, body: *const c_char) -> bool {
let idc = unsafe {
assert!(!ptr.is_null());
&mut *ptr
};
if body.is_null() {
println!("body is null");
return false
}
let body = unsafe { CStr::from_ptr(body) }
.to_str().unwrap().to_string();
false
}
#[no_mangle]
pub extern "C" fn zeroidc_get_auth_info(
ptr: *mut ZeroIDC,

3
zeroidc/src/lib.rs
View file

@ -21,6 +21,7 @@ pub struct ZeroIDC {
struct Inner {
running: bool,
network_id: String,
auth_endpoint: String,
oidc_thread: Option<JoinHandle<()>>,
oidc_client: Option<openidconnect::core::CoreClient>,
@ -43,6 +44,7 @@ pub struct AuthInfo {
impl ZeroIDC {
fn new(
network_id: &str,
issuer: &str,
client_id: &str,
auth_ep: &str,
@ -51,6 +53,7 @@ impl ZeroIDC {
let idc = ZeroIDC {
inner: Arc::new(Mutex::new(Inner {
running: false,
network_id: network_id.to_string(),
auth_endpoint: auth_ep.to_string(),
oidc_thread: None,
oidc_client: None,