json_gssapi/src/commands/GSSAcquireCred.cpp

   1 /*
   2  * Copyright (c) 2014 <copyright holder> <email>
   3  *
   4  * For license details, see the LICENSE file in the root of this project.
   5  *
   6  */
   7
   8 #include "GSSAcquireCred.h"
   9 #include "GSSException.h"
  10 #include <cache/GSSNameCache.h>
  11
  12 #include <stdexcept>
  13
  14 GSSAcquireCred::GSSAcquireCred(gss_acq_cred_type fn) : function(fn)
  15 {
  16   desired_name = GSS_C_NO_NAME;
  17   desiredMechs.addOID( GSSOID((char *)"{ 1 3 6 1 5 5 15 1 1 18 }") );
  18 }
  19
  20 GSSAcquireCred::GSSAcquireCred ( const GSSAcquireCred& other )
  21 {
  22
  23 }
  24
  25 GSSAcquireCred::~GSSAcquireCred()
  26 {
  27
  28 }
  29
  30 GSSAcquireCred::GSSAcquireCred (
  31     JSONObject *params,
  32     gss_acq_cred_type fn
  33 ) : GSSCommand ( params )
  34 {
  35   /* Variables */
  36   /* Error checking */
  37   /* Setup */
  38   /* Main */
  39   loadParameters(params);
  40   function = fn;
  41   /* Cleanup */
  42   /* Return */
  43 }
  44
  45
  46 bool GSSAcquireCred::loadParameters(JSONObject *params)
  47 {
  48   /* Variables */
  49   std::string sCredUsage;
  50   size_t nDesiredMechs;
  51
  52   /* Error checking */
  53   /* Setup */
  54   // Should I zeroOut?
  55
  56   /* Main processing */
  57   // Easy stuff(*params)
  58   this->time_req = (*params)["arguments"]["time_req"].integer();
  59
  60   /**************
  61    * cred_usage *
  62    **************/
  63   if ( ! params->get("arguments").get("cred_usage").isNull() )
  64   {
  65     if (params->get("arguments").get("cred_usage").isString())
  66     {
  67       sCredUsage = params->get("arguments").get("cred_usage").string();
  68       if (sCredUsage == "GSS_C_BOTH")
  69         this->cred_usage = GSS_C_BOTH;
  70       else if (sCredUsage == "GSS_C_INITIATE")
  71         this->cred_usage = GSS_C_INITIATE;
  72       else if (sCredUsage == "GSS_C_ACCEPT")
  73         this->cred_usage = GSS_C_ACCEPT;
  74       else
  75         throw std::invalid_argument( std::string("Invalid cred_usage type given: ") + sCredUsage );
  76     } else if (params->get("arguments").get("cred_usage").isInteger())
  77       this->cred_usage = (gss_cred_usage_t)( params->get("arguments").get("cred_usage").integer() );
  78     else
  79       throw std::invalid_argument( "Unrecognized argument type for cred_usage." );
  80       }
  81
  82   /*****************
  83    * desired_mechs *
  84    *****************/
  85   if ( ! params->get("arguments").get("desired_mechs").isNull() )
  86   {
  87     if ( params->get("arguments").get("desired_mechs").isArray() )
  88     {
  89       for (nDesiredMechs = 0;
  90           nDesiredMechs < params->get("arguments").get("desired_mechs").size();
  91           nDesiredMechs++)
  92       {
  93         std::string mechStr = params->get("arguments").get("desired_mechs")[nDesiredMechs].string();
  94         desiredMechs.addOID( GSSOID(mechStr).toGss() );
  95       }
  96     } else
  97       throw std::invalid_argument("Unrecognized desired_mechs array.");
  98   }
  99
 100   /****************
 101    * desired_name *
 102    ****************/
 103   if ( ! params->get("arguments").get("desired_name").isNull() )
 104   {
 105     std::string key = params->get("arguments").get("desired_name").string();
 106     this->desired_name = GSSNameCache::instance()->retrieve(key);
 107   }
 108
 109
 110   /* Cleanup */
 111   /* Return */
 112   return true;
 113 }
 114
 115
 116
 117 void GSSAcquireCred::execute()
 118 {
 119   /* Variables */
 120   gss_cred_id_t output_cred_handle;
 121   gss_OID_set   actual_mechs;
 122
 123   /* Error checking */
 124   /* Setup */
 125   /* Main */
 126   this->retVal = function(
 127     &this->minor_status,
 128     this->desired_name.toGss(),
 129     this->time_req,
 130     this->desiredMechs.toGss(),
 131     this->cred_usage,
 132     &output_cred_handle,
 133     &actual_mechs,
 134     &this->time_rec
 135   );
 136
 137   if (GSS_ERROR(this->retVal) )
 138   {
 139     std::string err("Error acquiring credential for user '");
 140     err += desired_name.toString();
 141     err += "'.";
 142     throw GSSException(err, this->retVal, this->minor_status);
 143   }
 144
 145   this->cred.setValue(output_cred_handle);
 146   this->actualMechs = actual_mechs;
 147
 148   /* Cleanup */
 149   /* Return */
 150 }
 151
 152 /* Desired JSON output:
 153  *
 154  * {
 155  *   "command": "gss_acquire_cred",
 156  *   "return_values": {
 157  *     "major_status": 0,
 158  *     "minor_status": 0,
 159  *     "cred_handle": "###########",
 160  *     "actual_mechs": [
 161  *       "{ 1 2 3 4 }",
 162  *       "{ 5 6 7 8 }"
 163  *     ],
 164  *     "time_rec": 0
 165  *   }
 166  * }
 167  */
 168 JSONObject *GSSAcquireCred::toJSON()
 169 {
 170   /* Variables */
 171   JSONObject *ret = new JSONObject();
 172   JSONObject *values = new JSONObject();
 173 //   JSONObject mechs = JSONObject::array();
 174   JSONObject *temp;
 175
 176   /* Error checking */
 177
 178   /* Setup */
 179
 180   /* Main */
 181   // Return Values
 182   // Easy stuff
 183   values->set("major_status", this->retVal);
 184   values->set("minor_status", this->minor_status);
 185   values->set("time_rec", (int)this->time_rec );
 186
 187   // Objects that generate their own JSONObject
 188   temp = this->cred.toJSONValue();
 189   values->set("output_cred_handle", *temp );
 190
 191   temp = this->actualMechs.toJSONValue();
 192   values->set("actual_mechs", *temp);
 193
 194   // Put it all together.
 195   ret->set("command", "gss_acquire_cred");
 196   ret->set("return_values", *values);
 197
 198   /* Cleanup */
 199
 200   /* Return */
 201   return(ret);
 202 }