mirror of https://github.com/oxen-io/lokinet
exit authentication (initial)
parent
be01808a6b
commit
61c5808765
@ -0,0 +1,58 @@
|
||||
#include "endpoint_rpc.hpp"
|
||||
#include <service/endpoint.hpp>
|
||||
|
||||
namespace llarp::rpc
|
||||
{
|
||||
EndpointAuthRPC::EndpointAuthRPC(
|
||||
std::string url, std::string method, LMQ_ptr lmq, Endpoint_ptr endpoint)
|
||||
: m_URL(std::move(url))
|
||||
, m_Method(std::move(method))
|
||||
, m_LMQ(std::move(lmq))
|
||||
, m_Endpoint(std::move(endpoint))
|
||||
{
|
||||
}
|
||||
|
||||
void
|
||||
EndpointAuthRPC::Start()
|
||||
{
|
||||
m_LMQ->connect_remote(
|
||||
m_URL,
|
||||
[self = shared_from_this()](lokimq::ConnectionID c) {
|
||||
self->m_Conn = std::move(c);
|
||||
LogInfo("connected to endpoint auth server via ", c);
|
||||
},
|
||||
[self = shared_from_this()](lokimq::ConnectionID, std::string_view fail) {
|
||||
LogWarn("failed to connect to endpoint auth server: ", fail);
|
||||
self->m_Endpoint->RouterLogic()->call_later(1s, [self]() { self->Start(); });
|
||||
});
|
||||
}
|
||||
|
||||
void
|
||||
EndpointAuthRPC::AuthenticateAsync(
|
||||
llarp::service::Address from, std::function<void(service::AuthResult)> hook)
|
||||
{
|
||||
if (not m_Conn.has_value())
|
||||
{
|
||||
m_Endpoint->RouterLogic()->Call([hook]() { hook(service::AuthResult::eAuthFailed); });
|
||||
return;
|
||||
}
|
||||
// call method with 1 parameter: the loki address of the remote
|
||||
m_LMQ->send(
|
||||
*m_Conn,
|
||||
m_AuthMethod,
|
||||
[self = shared_from_this(), hook](bool success, std::vector<std::string> data) {
|
||||
service::AuthResult result = service::AuthResult::eAuthFailed;
|
||||
if (success and not data.empty())
|
||||
{
|
||||
const auto maybe = service::ParseAuthResult(data[0]);
|
||||
if (maybe.has_value())
|
||||
{
|
||||
result = *maybe;
|
||||
}
|
||||
}
|
||||
self->m_Endpoint->RouterLogic()->Call([hook, result]() { hook(result); });
|
||||
},
|
||||
from.ToString());
|
||||
} // namespace llarp::rpc
|
||||
|
||||
} // namespace llarp::rpc
|
@ -0,0 +1,35 @@
|
||||
#pragma once
|
||||
|
||||
#include <service/auth.hpp>
|
||||
|
||||
namespace llarp::service
|
||||
{
|
||||
struct Endpoint;
|
||||
}
|
||||
|
||||
namespace llarp::rpc
|
||||
{
|
||||
struct EndpointAuthRPC : public llarp::service::IAuthPolicy,
|
||||
public std::enable_shared_from_this<EndpointAuthRPC>
|
||||
{
|
||||
using LMQ_ptr = std::shared_ptr<lokimq::LokiMQ>;
|
||||
using Endpoint_ptr = std::shared_ptr<llarp::service::Endpoint>;
|
||||
|
||||
explicit EndpointAuthRPC(
|
||||
std::string url, std::string method, LMQ_ptr lmq, Endpoint_ptr endpoint);
|
||||
~EndpointAuthRPC() = default;
|
||||
|
||||
void
|
||||
AuthenticateAsync(
|
||||
llarp::service::Address from,
|
||||
service::ConvoTag tag,
|
||||
std::function<void(service::AuthResult)> hook) override;
|
||||
|
||||
private:
|
||||
const std::string m_AuthURL;
|
||||
const std::string m_AuthMethod;
|
||||
LMQ_ptr m_LMQ;
|
||||
Endpoint_ptr m_Endpoint;
|
||||
std::optional<lokimq::ConnectionID> m_Conn;
|
||||
};
|
||||
} // namespace llarp::rpc
|
@ -0,0 +1,20 @@
|
||||
#include "auth.hpp"
|
||||
#include <unordered_map>
|
||||
|
||||
namespace llarp::service
|
||||
{
|
||||
/// maybe get auth result from string
|
||||
std::optional<AuthResult>
|
||||
ParseAuthResult(std::string data)
|
||||
{
|
||||
static thread_local std::unordered_map<std::string, AuthResult> values = {
|
||||
{"OKAY", AuthResult::eAuthAccepted},
|
||||
{"REJECT", AuthResult::eAuthRejected},
|
||||
{"PAYME", AuthResult::eAuthPaymentRequired},
|
||||
{"LIMITED", AuthResult::eAuthRateLimit}};
|
||||
auto itr = values.find(data);
|
||||
if (itr == values.end())
|
||||
return std::nullopt;
|
||||
return itr->second;
|
||||
}
|
||||
} // namespace llarp::service
|
@ -0,0 +1,39 @@
|
||||
#pragma once
|
||||
#include <optional>
|
||||
#include <string>
|
||||
#include <funcional>
|
||||
#include "address.hpp"
|
||||
#include "handler.hpp"
|
||||
|
||||
namespace llarp::service
|
||||
{
|
||||
/// authentication status
|
||||
enum class AuthResult
|
||||
{
|
||||
/// explicitly accepted
|
||||
eAuthAccepted,
|
||||
/// explicitly rejected
|
||||
eAuthRejected,
|
||||
/// attempt failed
|
||||
eAuthFailed,
|
||||
/// attempt rate limited
|
||||
eAuthRateLimit,
|
||||
/// need mo munny
|
||||
eAuthPaymentRequired
|
||||
};
|
||||
|
||||
/// maybe get auth result from string
|
||||
std::optional<AuthResult>
|
||||
ParseAuthResult(std::string data);
|
||||
|
||||
struct IAuthPolicy
|
||||
{
|
||||
~IAuthPolicy() = default;
|
||||
|
||||
/// asynchronously determine if we accept new convotag from remote service, call hook with
|
||||
/// result later
|
||||
virtual void
|
||||
AuthenticateAsync(
|
||||
service::Address from, service::ConvoTag tag, std::function<void(AuthResult)> hook) = 0;
|
||||
};
|
||||
} // namespace llarp::service
|
Loading…
Reference in New Issue