void/ZeroTierOne
2
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-06-06 20:43:44 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

progress

Browse source
This commit is contained in:
Grant Limberg 2021-11-30 14:22:25 -08:00
parent 9ef75c0e13
commit 6393a4beec
No known key found for this signature in database
GPG key ID: 2BA62CCABBB4095A
3 changed files with 87 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

62
service/OneService.cpp
View file

@ -247,19 +247,28 @@ public:
} }
void setConfig(const ZT_VirtualNetworkConfig *nwc) { void setConfig(const ZT_VirtualNetworkConfig *nwc) {
char nwbuf[17] = {};
const char* nwid = Utils::hex(nwc->nwid, nwbuf);
fprintf(stderr, "NetworkState::setConfig(%s)\n", nwid);
memcpy(&_config, nwc, sizeof(ZT_VirtualNetworkConfig)); memcpy(&_config, nwc, sizeof(ZT_VirtualNetworkConfig));
if (_config.ssoEnabled && _config.ssoVersion == 1) { if (_config.ssoEnabled && _config.ssoVersion == 1) {
if (_idc == nullptr) { fprintf(stderr, "ssoEnabled for %s\n", nwid);
assert(_config.issuerURL[0] != nullptr); if (_idc == nullptr)
{
assert(_config.issuerURL != nullptr);
assert(_config.ssoClientID != nullptr); assert(_config.ssoClientID != nullptr);
assert(_config.centralAuthURL != nullptr); assert(_config.centralAuthURL != nullptr);
char buf[17] = {};
_idc = zeroidc::zeroidc_new( _idc = zeroidc::zeroidc_new(
Utils::hex(_config.nwid, buf),
_config.issuerURL, _config.issuerURL,
_config.ssoClientID, _config.ssoClientID,
_config.centralAuthURL, _config.centralAuthURL,
_webPort _webPort
); );
fprintf(stderr, "idc created (%s, %s, %s)\n", _config.issuerURL, _config.ssoClientID, _config.centralAuthURL);
} }
if (_ainfo != nullptr) { if (_ainfo != nullptr) {
@ -291,6 +300,14 @@ public:
return _managedRoutes; return _managedRoutes;
} }
const char* getAuthURL() {
if (_ainfo != nullptr) {
return zeroidc::zeroidc_get_auth_url(_ainfo);
}
fprintf(stderr, "_ainfo is null\n");
return "";
}
private: private:
unsigned int _webPort; unsigned int _webPort;
std::shared_ptr<EthernetTap> _tap; std::shared_ptr<EthernetTap> _tap;
@ -410,11 +427,12 @@ static void _networkToJson(nlohmann::json &nj,NetworkState &ns)
} }
} }
nj["dns"] = m; nj["dns"] = m;
if (ns.config().ssoEnabled) {
nj["authenticationURL"] = ns.config().authenticationURL; nj["authenticationURL"] = ns.getAuthURL();
nj["authenticationExpiryTime"] = ns.config().authenticationExpiryTime; nj["authenticationExpiryTime"] = ns.config().authenticationExpiryTime;
nj["ssoEnabled"] = ns.config().ssoEnabled; nj["ssoEnabled"] = ns.config().ssoEnabled;
} }
}
static void _peerToJson(nlohmann::json &pj,const ZT_Peer *peer) static void _peerToJson(nlohmann::json &pj,const ZT_Peer *peer)
{ {
@ -1519,10 +1537,12 @@ public:
// Return [array] of all networks // Return [array] of all networks
res = nlohmann::json::array(); res = nlohmann::json::array();
for (auto it = _nets.begin(); it != _nets.end(); ++it) { for (auto it = _nets.begin(); it != _nets.end(); ++it) {
NetworkState &ns = it->second; NetworkState &ns = it->second;
nlohmann::json nj; nlohmann::json nj;
_networkToJson(res, ns); _networkToJson(nj, ns);
res.push_back(nj);
} }
scode = 200; scode = 200;
@ -1536,8 +1556,14 @@ public:
_networkToJson(res, ns); _networkToJson(res, ns);
scode = 200; scode = 200;
} }
} else scode = 404; } else {
} else scode = 500; fprintf(stderr, "not found\n");
scode = 404;
}
} else {
fprintf(stderr, "_nets is empty??\n");
scode = 500;
}
} else if (ps[0] == "peer") { } else if (ps[0] == "peer") {
ZT_PeerList *pl = _node->peers(); ZT_PeerList *pl = _node->peers();
if (pl) { if (pl) {
@ -1602,7 +1628,15 @@ public:
} else scode = 404; } else scode = 404;
} }
} else scode = 401; // isAuth == false } else if (ps[0] == "sso") {
// SSO redirect handling
fprintf(stderr, "sso get\n");
fprintf(stderr, "path: %s\n", path.c_str());
fprintf(stderr, "body: %s\n", body.c_str());
scode = 200; scode = 200;
} else {
scode = 401; // isAuth == false && !sso
}
} else if ((httpMethod == HTTP_POST)||(httpMethod == HTTP_PUT)) { } else if ((httpMethod == HTTP_POST)||(httpMethod == HTTP_PUT)) {
if (isAuth) { if (isAuth) {
if (ps[0] == "bond") { if (ps[0] == "bond") {
@ -1743,7 +1777,16 @@ public:
else scode = 404; else scode = 404;
} }
} else scode = 401; // isAuth == false } else if (ps[0] == "sso") {
// sso post handling
fprintf(stderr, "sso post\n");
fprintf(stderr, "path: %s\n", path.c_str());
fprintf(stderr, "body: %s\n", body.c_str());
scode = 200;
}
else {
scode = 401; // isAuth == false
}
} else if (httpMethod == HTTP_DELETE) { } else if (httpMethod == HTTP_DELETE) {
if (isAuth) { if (isAuth) {
@ -1774,7 +1817,6 @@ public:
scode = _controller->handleControlPlaneHttpDELETE(std::vector<std::string>(ps.begin()+1,ps.end()),urlArgs,headers,body,responseBody,responseContentType); scode = _controller->handleControlPlaneHttpDELETE(std::vector<std::string>(ps.begin()+1,ps.end()),urlArgs,headers,body,responseBody,responseContentType);
else scode = 404; else scode = 404;
} }
} else scode = 401; // isAuth = false } else scode = 401; // isAuth = false
} else { } else {
scode = 400; scode = 400;

34
zeroidc/src/ext.rs
View file

@ -5,11 +5,17 @@ use crate::{AuthInfo, ZeroIDC};
#[no_mangle] #[no_mangle]
pub extern "C" fn zeroidc_new( pub extern "C" fn zeroidc_new(
network_id: *const c_char,
issuer: *const c_char, issuer: *const c_char,
client_id: *const c_char, client_id: *const c_char,
auth_endpoint: *const c_char, auth_endpoint: *const c_char,
web_listen_port: u16, web_listen_port: u16,
) -> *mut ZeroIDC { ) -> *mut ZeroIDC {
if network_id.is_null() {
println!("network_id is null");
return std::ptr::null_mut();
}
if issuer.is_null() { if issuer.is_null() {
println!("issuer is null"); println!("issuer is null");
return std::ptr::null_mut(); return std::ptr::null_mut();
@ -25,12 +31,14 @@ pub extern "C" fn zeroidc_new(
return std::ptr::null_mut(); return std::ptr::null_mut();
} }
let iss = unsafe { CStr::from_ptr(issuer) }; let network_id = unsafe {CStr::from_ptr(network_id) };
let c_id = unsafe { CStr::from_ptr(client_id) }; let issuer = unsafe { CStr::from_ptr(issuer) };
let client_id = unsafe { CStr::from_ptr(client_id) };
let auth_endpoint = unsafe { CStr::from_ptr(auth_endpoint) }; let auth_endpoint = unsafe { CStr::from_ptr(auth_endpoint) };
match ZeroIDC::new( match ZeroIDC::new(
iss.to_str().unwrap(), network_id.to_str().unwrap(),
c_id.to_str().unwrap(), issuer.to_str().unwrap(),
client_id.to_str().unwrap(),
auth_endpoint.to_str().unwrap(), auth_endpoint.to_str().unwrap(),
web_listen_port, web_listen_port,
) { ) {
@ -82,6 +90,24 @@ pub extern "C" fn zeroidc_is_running(ptr: *mut ZeroIDC) -> bool {
idc.is_running() idc.is_running()
} }
#[no_mangle]
pub extern "C" fn zeroidc_process_form_post(ptr: *mut ZeroIDC, body: *const c_char) -> bool {
let idc = unsafe {
assert!(!ptr.is_null());
&mut *ptr
};
if body.is_null() {
println!("body is null");
return false
}
let body = unsafe { CStr::from_ptr(body) }
.to_str().unwrap().to_string();
false
}
#[no_mangle] #[no_mangle]
pub extern "C" fn zeroidc_get_auth_info( pub extern "C" fn zeroidc_get_auth_info(
ptr: *mut ZeroIDC, ptr: *mut ZeroIDC,

3
zeroidc/src/lib.rs
View file

@ -21,6 +21,7 @@ pub struct ZeroIDC {
struct Inner { struct Inner {
running: bool, running: bool,
network_id: String,
auth_endpoint: String, auth_endpoint: String,
oidc_thread: Option<JoinHandle<()>>, oidc_thread: Option<JoinHandle<()>>,
oidc_client: Option<openidconnect::core::CoreClient>, oidc_client: Option<openidconnect::core::CoreClient>,
@ -43,6 +44,7 @@ pub struct AuthInfo {
impl ZeroIDC { impl ZeroIDC {
fn new( fn new(
network_id: &str,
issuer: &str, issuer: &str,
client_id: &str, client_id: &str,
auth_ep: &str, auth_ep: &str,
@ -51,6 +53,7 @@ impl ZeroIDC {
let idc = ZeroIDC { let idc = ZeroIDC {
inner: Arc::new(Mutex::new(Inner { inner: Arc::new(Mutex::new(Inner {
running: false, running: false,
network_id: network_id.to_string(),
auth_endpoint: auth_ep.to_string(), auth_endpoint: auth_ep.to_string(),
oidc_thread: None, oidc_thread: None,
oidc_client: None, oidc_client: None,