"Start the authentication process and returns the intermediate authentication seed"
" PARAMS( username )", 1, 0 );
- osrfAppRegisterMethod(
- MODULENAME,
- "open-ils.auth.authenticate.init.barcode",
- "oilsAuthInitBarcode",
- "Start the authentication process using a patron barcode and return "
+ osrfAppRegisterMethod(
+ MODULENAME,
+ "open-ils.auth.authenticate.init.barcode",
+ "oilsAuthInitBarcode",
+ "Start the authentication process using a patron barcode and return "
"the intermediate authentication seed. PARAMS(barcode)", 1, 0);
- osrfAppRegisterMethod(
- MODULENAME,
- "open-ils.auth.authenticate.init.username",
- "oilsAuthInitUsername",
- "Start the authentication process using a patron username and return "
+ osrfAppRegisterMethod(
+ MODULENAME,
+ "open-ils.auth.authenticate.init.username",
+ "oilsAuthInitUsername",
+ "Start the authentication process using a patron username and return "
"the intermediate authentication seed. PARAMS(username)", 1, 0);
osrfAppRegisterMethod(
Return to client: Intermediate authentication seed.
*/
int oilsAuthInit(osrfMethodContext* ctx) {
- OSRF_METHOD_VERIFY_CONTEXT(ctx);
+ OSRF_METHOD_VERIFY_CONTEXT(ctx);
int resp = 0;
- char* identifier = // free
+ char* identifier = // free
jsonObjectToSimpleString(jsonObjectGetIndex(ctx->params, 0));
- const char* nonce =
+ const char* nonce =
jsonObjectGetString(jsonObjectGetIndex(ctx->params, 1));
- if (!nonce) nonce = "";
+ if (!nonce) nonce = "";
if (!identifier) return -1; // we need an identifier
if (oilsAuthIdentIsBarcode(identifier)) {
int verified = 0;
- // We won't be needing the seed again, remove it
- osrfCacheRemove("%s%s%s", OILS_AUTH_CACHE_PRFX, identifier, nonce);
+ // We won't be needing the seed again, remove it
+ osrfCacheRemove("%s%s%s", OILS_AUTH_CACHE_PRFX, identifier, nonce);
// Ask the DB to verify the user's password.
// Here, the password is md5(md5(password) + salt)
jsonObjectFree(verify_obj);
}
- char* countkey = va_list_to_string("%s%s%s",
+ char* countkey = va_list_to_string("%s%s%s",
OILS_AUTH_CACHE_PRFX, identifier, OILS_AUTH_COUNT_SFFX );
- jsonObject* countobject = osrfCacheGetObject( countkey );
- if(countobject) {
- long failcount = (long) jsonObjectGetNumber( countobject );
- if(failcount >= _oilsAuthBlockCount) {
- verified = 0;
- osrfLogInfo(OSRF_LOG_MARK,
+ jsonObject* countobject = osrfCacheGetObject( countkey );
+ if(countobject) {
+ long failcount = (long) jsonObjectGetNumber( countobject );
+ if(failcount >= _oilsAuthBlockCount) {
+ verified = 0;
+ osrfLogInfo(OSRF_LOG_MARK,
"oilsAuth found too many recent failures for '%s' : %i, "
"forcing failure state.", identifier, failcount);
- }
- if(verified == 0) {
- failcount += 1;
- }
- jsonObjectSetNumber( countobject, failcount );
- osrfCachePutObject( countkey, countobject, _oilsAuthBlockTimeout );
- jsonObjectFree(countobject);
- }
- free(countkey);
+ }
+ if(verified == 0) {
+ failcount += 1;
+ }
+ jsonObjectSetNumber( countobject, failcount );
+ osrfCachePutObject( countkey, countobject, _oilsAuthBlockTimeout );
+ jsonObjectFree(countobject);
+ }
+ free(countkey);
- return verified;
+ return verified;
}
/**
Upon deciding whether to allow the logon, return a corresponding event to the client.
*/
int oilsAuthComplete( osrfMethodContext* ctx ) {
- OSRF_METHOD_VERIFY_CONTEXT(ctx);
+ OSRF_METHOD_VERIFY_CONTEXT(ctx);
- const jsonObject* args = jsonObjectGetIndex(ctx->params, 0);
+ const jsonObject* args = jsonObjectGetIndex(ctx->params, 0);
- const char* uname = jsonObjectGetString(jsonObjectGetKeyConst(args, "username"));
- const char* identifier = jsonObjectGetString(jsonObjectGetKeyConst(args, "identifier"));
- const char* password = jsonObjectGetString(jsonObjectGetKeyConst(args, "password"));
- const char* type = jsonObjectGetString(jsonObjectGetKeyConst(args, "type"));
- int orgloc = (int) jsonObjectGetNumber(jsonObjectGetKeyConst(args, "org"));
- const char* workstation = jsonObjectGetString(jsonObjectGetKeyConst(args, "workstation"));
- const char* barcode = jsonObjectGetString(jsonObjectGetKeyConst(args, "barcode"));
- const char* ewho = jsonObjectGetString(jsonObjectGetKeyConst(args, "agent"));
- const char* nonce = jsonObjectGetString(jsonObjectGetKeyConst(args, "nonce"));
+ const char* uname = jsonObjectGetString(jsonObjectGetKeyConst(args, "username"));
+ const char* identifier = jsonObjectGetString(jsonObjectGetKeyConst(args, "identifier"));
+ const char* password = jsonObjectGetString(jsonObjectGetKeyConst(args, "password"));
+ const char* type = jsonObjectGetString(jsonObjectGetKeyConst(args, "type"));
+ int orgloc = (int) jsonObjectGetNumber(jsonObjectGetKeyConst(args, "org"));
+ const char* workstation = jsonObjectGetString(jsonObjectGetKeyConst(args, "workstation"));
+ const char* barcode = jsonObjectGetString(jsonObjectGetKeyConst(args, "barcode"));
+ const char* ewho = jsonObjectGetString(jsonObjectGetKeyConst(args, "agent"));
+ const char* nonce = jsonObjectGetString(jsonObjectGetKeyConst(args, "nonce"));
- const char* ws = (workstation) ? workstation : "";
- if (!nonce) nonce = "";
+ const char* ws = (workstation) ? workstation : "";
+ if (!nonce) nonce = "";
// we no longer care how the identifier reaches us,
// as long as we have one.
}
}
- if (!identifier) {
- return osrfAppRequestRespondException(ctx->session, ctx->request,
- "username/barcode and password required for method: %s",
+ if (!identifier) {
+ return osrfAppRequestRespondException(ctx->session, ctx->request,
+ "username/barcode and password required for method: %s",
ctx->method->name);
- }
+ }
osrfLogInfo(OSRF_LOG_MARK,
"Patron completing authentication with identifer %s", identifier);
- /* Use __FILE__, harmless_line_number for creating
- * OILS_EVENT_AUTH_FAILED events (instead of OSRF_LOG_MARK) to avoid
- * giving away information about why an authentication attempt failed.
- */
- int harmless_line_number = __LINE__;
+ /* Use __FILE__, harmless_line_number for creating
+ * OILS_EVENT_AUTH_FAILED events (instead of OSRF_LOG_MARK) to avoid
+ * giving away information about why an authentication attempt failed.
+ */
+ int harmless_line_number = __LINE__;
- if( !type )
- type = OILS_AUTH_STAFF;
+ if( !type )
+ type = OILS_AUTH_STAFF;
- oilsEvent* response = NULL; // free
- jsonObject* userObj = NULL; // free
- int card_active = 1; // boolean; assume active until proven otherwise
+ oilsEvent* response = NULL; // free
+ jsonObject* userObj = NULL; // free
+ int card_active = 1; // boolean; assume active until proven otherwise
int using_card = 0; // true if this is a barcode login
char* cache_key = va_list_to_string(
"%s%s%s", OILS_AUTH_CACHE_PRFX, identifier, nonce);
jsonObject* cacheObj = osrfCacheGetObject(cache_key); // free
- if (!cacheObj) {
- return osrfAppRequestRespondException(ctx->session,
- ctx->request, "No authentication seed found. "
- "open-ils.auth.authenticate.init must be called first "
- " (check that memcached is running and can be connected to) "
- );
+ if (!cacheObj) {
+ return osrfAppRequestRespondException(ctx->session,
+ ctx->request, "No authentication seed found. "
+ "open-ils.auth.authenticate.init must be called first "
+ " (check that memcached is running and can be connected to) "
+ );
}
int user_id = jsonObjectGetNumber(
projects / working / Evergreen.git / commitdiff