[pmg-devel] [PATCH perl-rs 2/7] pve: update to proxmox-tfa 2.0
Wolfgang Bumiller
w.bumiller at proxmox.com
Fri Nov 26 14:55:13 CET 2021
Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
---
pve-rs/Cargo.toml | 3 ++-
pve-rs/debian/control | 4 ++--
pve-rs/src/tfa.rs | 24 +++++++++++++++++++-----
3 files changed, 23 insertions(+), 8 deletions(-)
diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml
index f7cbd8a..74f45e3 100644
--- a/pve-rs/Cargo.toml
+++ b/pve-rs/Cargo.toml
@@ -25,9 +25,10 @@ openssl = "0.10"
serde = "1.0"
serde_bytes = "0.11"
serde_json = "1.0"
+url = "2"
perlmod = { version = "0.9", features = [ "exporter" ] }
proxmox-apt = "0.8"
proxmox-openid = "0.9"
-proxmox-tfa = { version = "1.3.2", features = ["api"] }
+proxmox-tfa = { version = "2", features = ["api"] }
diff --git a/pve-rs/debian/control b/pve-rs/debian/control
index 4988e33..62ab4cb 100644
--- a/pve-rs/debian/control
+++ b/pve-rs/debian/control
@@ -17,8 +17,8 @@ Build-Depends: debhelper (>= 12),
librust-perlmod-0.8+exporter-dev (>= 0.8.1-~~),
librust-proxmox-apt-0.8+default-dev,
librust-proxmox-openid-0.9+default-dev,
- librust-proxmox-tfa-1+api-dev (>= 1.3-~~),
- librust-proxmox-tfa-1+default-dev (>= 1.3-~~),
+ librust-proxmox-tfa-2+api-dev,
+ librust-proxmox-tfa-2+default-dev,
librust-serde-1+default-dev,
librust-serde-bytes-0.11+default-dev,
librust-serde-json-1+default-dev,
diff --git a/pve-rs/src/tfa.rs b/pve-rs/src/tfa.rs
index ecc5eb0..cc53118 100644
--- a/pve-rs/src/tfa.rs
+++ b/pve-rs/src/tfa.rs
@@ -31,6 +31,7 @@ mod export {
use anyhow::{bail, format_err, Error};
use serde_bytes::ByteBuf;
+ use url::Url;
use perlmod::Value;
use proxmox_tfa::api::methods;
@@ -243,10 +244,15 @@ mod export {
#[raw] raw_this: Value,
//#[try_from_ref] this: &Tfa,
userid: &str,
+ origin: Option<Url>,
) -> Result<Option<String>, Error> {
let this: &Tfa = (&raw_this).try_into()?;
let mut inner = this.inner.lock().unwrap();
- match inner.authentication_challenge(UserAccess::new(&raw_this)?, userid)? {
+ match inner.authentication_challenge(
+ UserAccess::new(&raw_this)?,
+ userid,
+ origin.as_ref(),
+ )? {
Some(challenge) => Ok(Some(serde_json::to_string(&challenge)?)),
None => Ok(None),
}
@@ -278,13 +284,20 @@ mod export {
userid: &str,
challenge: &str, //super::TfaChallenge,
response: &str,
+ origin: Option<Url>,
) -> Result<bool, Error> {
let this: &Tfa = (&raw_this).try_into()?;
let challenge: super::TfaChallenge = serde_json::from_str(challenge)?;
let response: super::TfaResponse = response.parse()?;
let mut inner = this.inner.lock().unwrap();
inner
- .verify(UserAccess::new(&raw_this)?, userid, &challenge, response)
+ .verify(
+ UserAccess::new(&raw_this)?,
+ userid,
+ &challenge,
+ response,
+ origin.as_ref(),
+ )
.map(|save| save.needs_saving())
}
@@ -342,6 +355,7 @@ mod export {
value: Option<String>,
challenge: Option<String>,
ty: methods::TfaType,
+ origin: Option<Url>,
) -> Result<methods::TfaUpdateInfo, Error> {
let this: &Tfa = (&raw_this).try_into()?;
methods::add_tfa_entry(
@@ -353,6 +367,7 @@ mod export {
value,
challenge,
ty,
+ origin.as_ref(),
)
}
@@ -864,11 +879,10 @@ impl proxmox_tfa::api::OpenUserChallengeData for UserAccess {
Err(err) => {
eprintln!(
"failed to parse challenge data for user {}: {}",
- userid,
- err
+ userid, err
);
Default::default()
- },
+ }
}
};
--
2.30.2
More information about the pmg-devel
mailing list