progress

4 years ago · 6393a4beec
3 changed files with 87 additions and 16 deletions
--- a/service/OneService.cpp
+++ b/service/OneService.cpp
@ -247,19 +247,28 @@ public:
 	}

 	void setConfig(const ZT_VirtualNetworkConfig *nwc) {
+		char nwbuf[17] = {};
+		const char* nwid = Utils::hex(nwc->nwid, nwbuf);
+		fprintf(stderr, "NetworkState::setConfig(%s)\n", nwid);
 		memcpy(&_config, nwc, sizeof(ZT_VirtualNetworkConfig));

 		if (_config.ssoEnabled && _config.ssoVersion == 1) {
-			if (_idc == nullptr) {
-				assert(_config.issuerURL[0] != nullptr);
+			fprintf(stderr, "ssoEnabled for %s\n", nwid);
+			if (_idc == nullptr)
+			{
+				assert(_config.issuerURL != nullptr);
 				assert(_config.ssoClientID != nullptr);
 				assert(_config.centralAuthURL != nullptr);
+				char buf[17] = {};
 				_idc = zeroidc::zeroidc_new(
+					Utils::hex(_config.nwid, buf),
 					_config.issuerURL,
 					_config.ssoClientID,
 					_config.centralAuthURL,
 					_webPort
 				);
+
+				fprintf(stderr, "idc created (%s, %s, %s)\n", _config.issuerURL, _config.ssoClientID, _config.centralAuthURL);
 			}

 			if (_ainfo != nullptr) {
@ -291,6 +300,14 @@ public:
 		return _managedRoutes;
 	}

+	const char* getAuthURL() {
+		if (_ainfo != nullptr) {
+			return zeroidc::zeroidc_get_auth_url(_ainfo);
+		}
+		fprintf(stderr, "_ainfo is null\n");
+		return "";
+	}
+
 private:
 	unsigned int _webPort;
 	std::shared_ptr<EthernetTap> _tap;
@ -410,10 +427,11 @@ static void _networkToJson(nlohmann::json &nj,NetworkState &ns)
 		}
 	}
 	nj["dns"] = m;
-
-	nj["authenticationURL"] = ns.config().authenticationURL;
-	nj["authenticationExpiryTime"] = ns.config().authenticationExpiryTime;
-	nj["ssoEnabled"] = ns.config().ssoEnabled;
+	if (ns.config().ssoEnabled) {
+		nj["authenticationURL"] = ns.getAuthURL();
+		nj["authenticationExpiryTime"] = ns.config().authenticationExpiryTime;
+		nj["ssoEnabled"] = ns.config().ssoEnabled;
+	}
 }

 static void _peerToJson(nlohmann::json &pj,const ZT_Peer *peer)
@ -1519,10 +1537,12 @@ public:
 							// Return [array] of all networks

 							res = nlohmann::json::array();
+							
 							for (auto it = _nets.begin(); it != _nets.end(); ++it) {
 								NetworkState &ns = it->second;
 								nlohmann::json nj;
-								_networkToJson(res, ns);
+								_networkToJson(nj, ns);
+								res.push_back(nj);
 							}

 							scode = 200;
@ -1536,8 +1556,14 @@ public:
 								_networkToJson(res, ns);
 								scode = 200;
 							}
-						} else scode = 404;
-					} else scode = 500;
+						} else {
+							fprintf(stderr, "not found\n");
+							scode = 404;
+						}
+					} else {
+						fprintf(stderr, "_nets is empty??\n");
+						scode = 500;
+					}
 				} else if (ps[0] == "peer") {
 					ZT_PeerList *pl = _node->peers();
 					if (pl) {
@ -1602,7 +1628,15 @@ public:
 					} else scode = 404;
 				}

-			} else scode = 401; // isAuth == false
+			} else if (ps[0] == "sso") {
+				// SSO redirect handling
+				fprintf(stderr, "sso get\n");
+				fprintf(stderr, "path: %s\n", path.c_str());
+				fprintf(stderr, "body: %s\n", body.c_str());
+				scode = 200;				scode = 200;
+			} else {
+				scode = 401; // isAuth == false && !sso
+			}
 		} else if ((httpMethod == HTTP_POST)||(httpMethod == HTTP_PUT)) {
 			if (isAuth) {
 				if (ps[0] == "bond") {
@ -1743,7 +1777,16 @@ public:
 					else scode = 404;
 				}

-			} else scode = 401; // isAuth == false
+			} else if (ps[0] == "sso") {
+				// sso post handling
+				fprintf(stderr, "sso post\n");
+				fprintf(stderr, "path: %s\n", path.c_str());
+				fprintf(stderr, "body: %s\n", body.c_str());
+				scode = 200;
+			}
+			else {
+				scode = 401; // isAuth == false
+			}
 		} else if (httpMethod == HTTP_DELETE) {
 			if (isAuth) {

@ -1774,7 +1817,6 @@ public:
 						scode = _controller->handleControlPlaneHttpDELETE(std::vector<std::string>(ps.begin()+1,ps.end()),urlArgs,headers,body,responseBody,responseContentType);
 					else scode = 404;
 				}
-
 			} else scode = 401; // isAuth = false
 		} else {
 			scode = 400;
--- a/zeroidc/src/ext.rs
+++ b/zeroidc/src/ext.rs
@ -5,11 +5,17 @@ use crate::{AuthInfo, ZeroIDC};

 #[no_mangle]
 pub extern "C" fn zeroidc_new(
+    network_id: *const c_char,
    issuer: *const c_char,
    client_id: *const c_char,
    auth_endpoint: *const c_char,
    web_listen_port: u16,
 ) -> *mut ZeroIDC {
+    if network_id.is_null() {
+        println!("network_id is null");
+        return std::ptr::null_mut();
+
+    }
    if issuer.is_null() {
        println!("issuer is null");
        return std::ptr::null_mut();
@ -25,12 +31,14 @@ pub extern "C" fn zeroidc_new(
        return std::ptr::null_mut();
    }

-    let iss = unsafe { CStr::from_ptr(issuer) };
-    let c_id = unsafe { CStr::from_ptr(client_id) };
+    let network_id = unsafe {CStr::from_ptr(network_id) };
+    let issuer = unsafe { CStr::from_ptr(issuer) };
+    let client_id = unsafe { CStr::from_ptr(client_id) };
    let auth_endpoint = unsafe { CStr::from_ptr(auth_endpoint) };
    match ZeroIDC::new(
-        iss.to_str().unwrap(),
-        c_id.to_str().unwrap(),
+        network_id.to_str().unwrap(),
+        issuer.to_str().unwrap(),
+        client_id.to_str().unwrap(),
        auth_endpoint.to_str().unwrap(),
        web_listen_port,
    ) {
@ -82,6 +90,24 @@ pub extern "C" fn zeroidc_is_running(ptr: *mut ZeroIDC) -> bool {
    idc.is_running()
 }

+#[no_mangle]
+pub extern "C" fn zeroidc_process_form_post(ptr: *mut ZeroIDC, body: *const c_char) -> bool {
+    let idc = unsafe {
+        assert!(!ptr.is_null());
+        &mut *ptr
+    };
+
+    if body.is_null() {
+        println!("body is null");
+        return false
+    }
+
+    let body = unsafe { CStr::from_ptr(body) }
+        .to_str().unwrap().to_string();
+
+    false
+}
+
 #[no_mangle]
 pub extern "C" fn zeroidc_get_auth_info(
    ptr: *mut ZeroIDC,
--- a/zeroidc/src/lib.rs
+++ b/zeroidc/src/lib.rs
@ -21,6 +21,7 @@ pub struct ZeroIDC {

 struct Inner {
    running: bool,
+    network_id: String,
    auth_endpoint: String,
    oidc_thread: Option<JoinHandle<()>>,
    oidc_client: Option<openidconnect::core::CoreClient>,
@ -43,6 +44,7 @@ pub struct AuthInfo {

 impl ZeroIDC {
    fn new(
+        network_id: &str,
        issuer: &str,
        client_id: &str,
        auth_ep: &str,
@ -51,6 +53,7 @@ impl ZeroIDC {
        let idc = ZeroIDC {
            inner: Arc::new(Mutex::new(Inner {
                running: false,
+                network_id: network_id.to_string(),
                auth_endpoint: auth_ep.to_string(),
                oidc_thread: None,
                oidc_client: None,