]>
git.ipfire.org Git - thirdparty/squid.git/blob - src/auth/basic/UserRequest.cc
2 #include "auth/basic/auth_basic.h"
3 #include "auth/basic/User.h"
4 #include "auth/basic/UserRequest.h"
8 AuthBasicUserRequest::authenticated() const
10 Auth::Basic::User
const *basic_auth
= dynamic_cast<Auth::Basic::User
const *>(user().getRaw());
12 if (basic_auth
&& basic_auth
->authenticated())
18 /* log a basic user in
21 AuthBasicUserRequest::authenticate(HttpRequest
* request
, ConnStateData
* conn
, http_hdr_type type
)
23 assert(user() != NULL
);
25 /* if the password is not ok, do an identity */
26 if (!user() || user()->credentials() != Auth::Ok
)
29 /* are we about to recheck the credentials externally? */
30 if ((user()->expiretime
+ static_cast<Auth::Basic::Config
*>(Auth::Config::Find("basic"))->credentialsTTL
) <= squid_curtime
) {
31 debugs(29, 4, HERE
<< "credentials expired - rechecking");
35 /* we have been through the external helper, and the credentials haven't expired */
36 debugs(29, 9, HERE
<< "user '" << user()->username() << "' authenticated");
38 /* Decode now takes care of finding the AuthUser struct in the cache */
39 /* after external auth occurs anyway */
40 user()->expiretime
= current_time
.tv_sec
;
46 AuthBasicUserRequest::module_direction()
48 /* null auth_user is checked for by AuthUserRequest::direction() */
49 if (user()->auth_type
!= Auth::AUTH_BASIC
)
50 return Auth::CRED_ERROR
;
52 switch (user()->credentials()) {
56 return Auth::CRED_LOOKUP
;
59 if (user()->expiretime
+ static_cast<Auth::Basic::Config
*>(Auth::Config::Find("basic"))->credentialsTTL
<= squid_curtime
)
60 return Auth::CRED_LOOKUP
;
61 return Auth::CRED_VALID
;
64 return Auth::CRED_VALID
;
67 return Auth::CRED_ERROR
;
71 /* send the initial data to a basic authenticator module */
73 AuthBasicUserRequest::module_start(RH
* handler
, void *data
)
75 assert(user()->auth_type
== Auth::AUTH_BASIC
);
76 Auth::Basic::User
*basic_auth
= dynamic_cast<Auth::Basic::User
*>(user().getRaw());
77 assert(basic_auth
!= NULL
);
78 debugs(29, 9, HERE
<< "'" << basic_auth
->username() << ":" << basic_auth
->passwd
<< "'");
80 if (static_cast<Auth::Basic::Config
*>(Auth::Config::Find("basic"))->authenticateProgram
== NULL
) {
81 debugs(29, DBG_CRITICAL
, "ERROR: No Basic authentication program configured.");
86 /* check to see if the auth_user already has a request outstanding */
87 if (user()->credentials() == Auth::Pending
) {
88 /* there is a request with the same credentials already being verified */
89 basic_auth
->queueRequest(this, handler
, data
);
93 basic_auth
->submitRequest(this, handler
, data
);