added some log statements, fixed some typos
[Evergreen.git] / Open-ILS / src / c-apps / oils_auth.c
1 #include "opensrf/osrf_app_session.h"
2 #include "opensrf/osrf_application.h"
3 #include "objson/object.h"
4 #include "opensrf/log.h"
5 #include "oils_utils.h"
6
7 #define OILS_AUTH_CACHE_PRFX "oils_auth_"
8
9
10 #define MODULENAME "open-ils.auth"
11
12 int osrfAppInitialize();
13 int osrfAppChildInit();
14 int osrfMathRun( osrfMethodContext* );
15
16
17 int osrfAppInitialize() {
18
19         osrfAppRegisterMethod( 
20                 MODULENAME, 
21                 "open-ils.auth.authenticate.init", 
22                 "oilsAuthInit", 
23                 "Start the authentication process and returns the intermediate authentication seed"
24                 " PARAMS( username )", 1, 0 );
25
26         osrfAppRegisterMethod( 
27                 MODULENAME, 
28                 "open-ils.auth.authenticate.complete", 
29                 "oilsAuthComplete", 
30                 "Completes the authentication process and returns the auth token "
31                 "PARAMS(username, md5sum( seed + password ) )", 2, 0 );
32
33         osrfAppRegisterMethod( 
34                 MODULENAME, 
35                 "open-ils.auth.session.retrieve", 
36                 "oilsAuthSessionRetrieve", 
37                 "Returns the user object (password blanked) for the given login session "
38                 "PARAMS( authToken )", 1, 0 );
39
40         osrfAppRegisterMethod( 
41                 MODULENAME, 
42                 "open-ils.auth.session.delete", 
43                 "oilsAuthSessionDelete", 
44                 "Destroys the given login session "
45                 "PARAMS( authToken )",  1, 0 );
46
47         return 0;
48 }
49
50 int osrfAppChildInit() {
51         return 0;
52 }
53
54 int oilsAuthInit( osrfMethodContext* ctx ) {
55         OSRF_METHOD_VERIFY_CONTEXT(ctx); 
56
57         jsonObject* resp;
58         char* username = NULL;
59         char* seed = NULL;
60         char* md5seed = NULL;
61         char* key = NULL;
62
63         if( (username = jsonObjectGetString(jsonObjectGetIndex(ctx->params, 0))) ) {
64
65                 seed = va_list_to_string( "%d.%d.%s", time(NULL), getpid(), username );
66                 key = va_list_to_string( "%s%s", OILS_AUTH_CACHE_PRFX, username );
67
68                 md5seed = md5sum(seed);
69                 osrfCachePutString( key, md5seed, 30 );
70
71                 osrfLogDebug( "oilsAuthInit(): has seed %s and key %s", md5seed, key );
72
73                 resp = jsonNewObject(md5seed);  
74                 osrfAppRespondComplete( ctx, resp );
75
76                 jsonObjectFree(resp);
77                 free(seed);
78                 free(md5seed);
79                 free(key);
80                 return 0;
81         }
82
83         return -1;
84 }
85
86
87 int oilsAuthComplete( osrfMethodContext* ctx ) {
88         OSRF_METHOD_VERIFY_CONTEXT(ctx); 
89
90         char* uname = jsonObjectGetString(jsonObjectGetIndex(ctx->params, 0));
91         char* password = jsonObjectGetString(jsonObjectGetIndex(ctx->params, 1));
92         char* storageMethod = "open-ils.storage.direct.actor.user.search.usrname.atomic";
93         osrfMessage* omsg = NULL;
94
95         if( uname && password ) {
96
97                 /* grab the user object from storage */
98                 osrfLogDebug( "oilsAuth calling method %s with username %s", storageMethod, uname );
99
100                 osrfAppSession* session = osrfAppSessionClientInit( "open-ils.storage" ); /**/
101                 //jsonObject* params = jsonNewObject(uname); /**/
102                 jsonObject* params = jsonParseString("[\"%s\"]", uname);
103                 int reqid = osrfAppSessionMakeRequest( session, params, storageMethod, 1, NULL );
104                 jsonObjectFree(params);
105                 osrfLogInternal("oilsAuth waiting from response from storage...");
106                 omsg = osrfAppSessionRequestRecv( session, reqid, 60 ); /**/
107                 osrfLogInternal("oilsAuth storage request returned");
108
109                 if(!omsg) { 
110                         osrfAppSessionFree(session);
111                         return osrfAppRequestRespondException( ctx->session, ctx->request,
112                                 "No response from storage server for method %s", storageMethod ); 
113                 }
114
115                 jsonObject* userObj = osrfMessageGetResult(omsg);
116
117                 char* _j = jsonObjectToJSON(userObj);
118                 osrfLogDebug( "Auth received user object from storage: %s", _j );
119                 free(_j);
120
121                 /* the method is atomic, grab the first user we receive */
122                 if( userObj ) userObj = jsonObjectGetIndex(userObj, 0);
123                 
124                 if(!userObj) { /* XXX needs to be a 'friendly' exception */
125                         osrfMessageFree(omsg);
126                         osrfAppSessionFree(session);
127                         return osrfAppRequestRespondException( ctx->session, 
128                                         ctx->request, "User %s not found in the database", uname );
129                 }
130
131                 char* realPassword = oilsFMGetString( userObj, "passwd" ); /**/
132                 char* seed = osrfCacheGetString( "%s%s", OILS_AUTH_CACHE_PRFX, uname ); /**/
133
134                 if(!seed) {
135                         osrfMessageFree(omsg);
136                         osrfAppSessionFree(session);
137                         return osrfAppRequestRespondException( ctx->session,
138                                 ctx->request, "No authentication seed found. "
139                                 "open-ils.auth.authenticate.init must be called first");
140                 }
141
142                 osrfLogDebug( "oilsAuth retrieved seed from cache: %s", seed );
143                 char* maskedPw = md5sum( "%s%s", seed, realPassword );
144                 if(!maskedPw) return -1;
145                 osrfLogDebug( "oilsAuth generated masked password %s. "
146                                 "Testing against provided password %s", maskedPw, password );
147
148                 jsonObject* response;
149
150                 if( !strcmp( maskedPw, password ) ) {
151
152                         osrfLogInfo( "Login successful for %s", uname );
153                         char* string = va_list_to_string( "%d.%d.%s", getpid(), time(NULL), uname ); /**/
154                         char* authToken = md5sum(string); /**/
155                         char* authKey = va_list_to_string( "%s%s", OILS_AUTH_CACHE_PRFX, authToken ); /**/
156
157                         osrfLogInternal("oilsAuthComplete(): Setting fieldmapper string on the user object");
158                         oilsFMSetString( userObj, "passwd", "" );
159                         osrfCachePutObject( authKey, userObj, 28800 ); /* XXX config value */
160                         osrfLogInternal("oilsAuthComplete(): Placed user object into cache");
161                         response = jsonNewObject( authToken );
162                         free(string); free(authToken); free(authKey);
163
164                 } else {
165
166                         osrfLogInfo( "Login failed for for %s", uname );
167                         response = jsonNewNumberObject(0);
168                 }
169
170                 osrfLogInternal("oilsAuthComplete responding to client");
171                 osrfAppRespondComplete( ctx, response ); 
172                 jsonObjectFree(response);
173                 osrfMessageFree(omsg);
174                 osrfAppSessionFree(session);
175
176         } else {
177                 return osrfAppRequestRespondException( ctx->session, ctx->request, 
178                         "username and password required for method: %s", ctx->method->name );
179         }
180
181         return 0;
182
183 }
184
185 int oilsAuthSessionRetrieve( osrfMethodContext* ctx ) {
186         OSRF_METHOD_VERIFY_CONTEXT(ctx); 
187
188         char* authToken = jsonObjectGetString( jsonObjectGetIndex(ctx->params, 0));
189         jsonObject* userObj = NULL;
190
191         if( authToken ){
192                 char* key = va_list_to_string("%s%s", OILS_AUTH_CACHE_PRFX, authToken ); /**/
193                 userObj = osrfCacheGetObject( key ); /**/
194                 free(key);
195         }
196
197         osrfAppRespondComplete( ctx, userObj );
198         jsonObjectFree(userObj);
199         return 0;
200 }
201
202 int oilsAuthSessionDelete( osrfMethodContext* ctx ) {
203         OSRF_METHOD_VERIFY_CONTEXT(ctx); 
204
205         char* authToken = jsonObjectGetString( jsonObjectGetIndex(ctx->params, 0) );
206         jsonObject* resp = NULL;
207
208         if( authToken ) {
209                 char* key = va_list_to_string("%s%s", OILS_AUTH_CACHE_PRFX, authToken ); /**/
210                 osrfCacheRemove(key);
211                 resp = jsonNewObject(authToken); /**/
212                 free(key);
213         }
214
215         osrfAppRespondComplete( ctx, resp );
216         jsonObjectFree(resp);
217         return 0;
218 }
219
220
221