[pmg-devel] [PATCH perl-rs 2/7] pve: update to proxmox-tfa 2.0

all lists on lists.proxmox.com
 help / color / mirror / Atom feed

From: Wolfgang Bumiller <w.bumiller@proxmox.com>
To: pmg-devel@lists.proxmox.com
Subject: [pmg-devel] [PATCH perl-rs 2/7] pve: update to proxmox-tfa 2.0
Date: Fri, 26 Nov 2021 14:55:13 +0100	[thread overview]
Message-ID: <20211126135524.117846-10-w.bumiller@proxmox.com> (raw)
In-Reply-To: <20211126135524.117846-1-w.bumiller@proxmox.com>

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
---
 pve-rs/Cargo.toml     |  3 ++-
 pve-rs/debian/control |  4 ++--
 pve-rs/src/tfa.rs     | 24 +++++++++++++++++++-----
 3 files changed, 23 insertions(+), 8 deletions(-)

diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml
index f7cbd8a..74f45e3 100644
--- a/pve-rs/Cargo.toml
+++ b/pve-rs/Cargo.toml
@@ -25,9 +25,10 @@ openssl = "0.10"
 serde = "1.0"
 serde_bytes = "0.11"
 serde_json = "1.0"
+url = "2"
 
 perlmod = { version = "0.9", features = [ "exporter" ] }
 
 proxmox-apt = "0.8"
 proxmox-openid = "0.9"
-proxmox-tfa = { version = "1.3.2", features = ["api"] }
+proxmox-tfa = { version = "2", features = ["api"] }
diff --git a/pve-rs/debian/control b/pve-rs/debian/control
index 4988e33..62ab4cb 100644
--- a/pve-rs/debian/control
+++ b/pve-rs/debian/control
@@ -17,8 +17,8 @@ Build-Depends: debhelper (>= 12),
  librust-perlmod-0.8+exporter-dev (>= 0.8.1-~~),
  librust-proxmox-apt-0.8+default-dev,
  librust-proxmox-openid-0.9+default-dev,
- librust-proxmox-tfa-1+api-dev (>= 1.3-~~),
- librust-proxmox-tfa-1+default-dev (>= 1.3-~~),
+ librust-proxmox-tfa-2+api-dev,
+ librust-proxmox-tfa-2+default-dev,
  librust-serde-1+default-dev,
  librust-serde-bytes-0.11+default-dev,
  librust-serde-json-1+default-dev,
diff --git a/pve-rs/src/tfa.rs b/pve-rs/src/tfa.rs
index ecc5eb0..cc53118 100644
--- a/pve-rs/src/tfa.rs
+++ b/pve-rs/src/tfa.rs
@@ -31,6 +31,7 @@ mod export {
 
     use anyhow::{bail, format_err, Error};
     use serde_bytes::ByteBuf;
+    use url::Url;
 
     use perlmod::Value;
     use proxmox_tfa::api::methods;
@@ -243,10 +244,15 @@ mod export {
         #[raw] raw_this: Value,
         //#[try_from_ref] this: &Tfa,
         userid: &str,
+        origin: Option<Url>,
     ) -> Result<Option<String>, Error> {
         let this: &Tfa = (&raw_this).try_into()?;
         let mut inner = this.inner.lock().unwrap();
-        match inner.authentication_challenge(UserAccess::new(&raw_this)?, userid)? {
+        match inner.authentication_challenge(
+            UserAccess::new(&raw_this)?,
+            userid,
+            origin.as_ref(),
+        )? {
             Some(challenge) => Ok(Some(serde_json::to_string(&challenge)?)),
             None => Ok(None),
         }
@@ -278,13 +284,20 @@ mod export {
         userid: &str,
         challenge: &str, //super::TfaChallenge,
         response: &str,
+        origin: Option<Url>,
     ) -> Result<bool, Error> {
         let this: &Tfa = (&raw_this).try_into()?;
         let challenge: super::TfaChallenge = serde_json::from_str(challenge)?;
         let response: super::TfaResponse = response.parse()?;
         let mut inner = this.inner.lock().unwrap();
         inner
-            .verify(UserAccess::new(&raw_this)?, userid, &challenge, response)
+            .verify(
+                UserAccess::new(&raw_this)?,
+                userid,
+                &challenge,
+                response,
+                origin.as_ref(),
+            )
             .map(|save| save.needs_saving())
     }
 
@@ -342,6 +355,7 @@ mod export {
         value: Option<String>,
         challenge: Option<String>,
         ty: methods::TfaType,
+        origin: Option<Url>,
     ) -> Result<methods::TfaUpdateInfo, Error> {
         let this: &Tfa = (&raw_this).try_into()?;
         methods::add_tfa_entry(
@@ -353,6 +367,7 @@ mod export {
             value,
             challenge,
             ty,
+            origin.as_ref(),
         )
     }
 
@@ -864,11 +879,10 @@ impl proxmox_tfa::api::OpenUserChallengeData for UserAccess {
                 Err(err) => {
                     eprintln!(
                         "failed to parse challenge data for user {}: {}",
-                        userid,
-                        err
+                        userid, err
                     );
                     Default::default()
-                },
+                }
             }
         };
 
-- 
2.30.2

next prev parent reply	other threads:[~2021-11-26 13:55 UTC|newest]

Thread overview: 24+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-11-26 13:55 [pmg-devel] [PATCH multiple 0/7] PMG TFA support Wolfgang Bumiller
2021-11-26 13:55 ` [pmg-devel] [PATCH api 1/6] add tfa.json and its lock methods Wolfgang Bumiller
2021-11-26 13:55 ` [pmg-devel] [PATCH api 2/6] add PMG::TFAConfig module Wolfgang Bumiller
2021-11-26 13:55 ` [pmg-devel] [PATCH api 3/6] add TFA API Wolfgang Bumiller
2021-11-26 17:29   ` Stoiko Ivanov
2021-11-26 13:55 ` [pmg-devel] [PATCH api 4/6] add tfa config api Wolfgang Bumiller
2021-11-26 13:55 ` [pmg-devel] [PATCH api 5/6] implement tfa authentication Wolfgang Bumiller
2021-11-26 13:55 ` [pmg-devel] [PATCH api 6/6] provide qrcode.min.js from libjs-qrcodejs Wolfgang Bumiller
2021-11-26 13:55 ` [pmg-devel] [PATCH gui] add TFA components Wolfgang Bumiller
2021-11-26 13:55 ` [pmg-devel] [PATCH perl-rs 1/7] pve: bump perlmod to 0.9 Wolfgang Bumiller
2021-11-26 13:55 ` Wolfgang Bumiller [this message]
2021-11-26 13:55 ` [pmg-devel] [PATCH perl-rs 3/7] pve: bump d/control Wolfgang Bumiller
2021-11-26 13:55 ` [pmg-devel] [PATCH perl-rs 4/7] import pmg-rs Wolfgang Bumiller
2021-11-26 13:55 ` [pmg-devel] [PATCH perl-rs 5/7] pmg: bump perlmod to 0.9 Wolfgang Bumiller
2021-11-26 13:55 ` [pmg-devel] [PATCH perl-rs 6/7] pmg: add tfa module Wolfgang Bumiller
2021-11-26 13:55 ` [pmg-devel] [PATCH perl-rs 7/7] pmg: bump d/control Wolfgang Bumiller
2021-11-26 13:55 ` [pmg-devel] [PATCH proxmox 1/6] tfa: fix typo in docs Wolfgang Bumiller
2021-11-26 13:55 ` [pmg-devel] [PATCH proxmox 2/6] tfa: add WebauthnConfig::digest method Wolfgang Bumiller
2021-11-26 13:55 ` [pmg-devel] [PATCH proxmox 3/6] tfa: let OriginUrl deref to its inner Url, add FromStr impl Wolfgang Bumiller
2021-11-26 13:55 ` [pmg-devel] [PATCH proxmox 4/6] tfa: make configured webauthn origin optional Wolfgang Bumiller
2021-11-26 13:55 ` [pmg-devel] [PATCH proxmox 5/6] tfa: clippy fixes Wolfgang Bumiller
2021-11-26 13:55 ` [pmg-devel] [PATCH proxmox 6/6] bump proxmox-tfa to 2.0.0-1 Wolfgang Bumiller
2021-11-26 17:34 ` [pmg-devel] [PATCH multiple 0/7] PMG TFA support Stoiko Ivanov
2021-11-28 21:17 ` [pmg-devel] applied-series: " Thomas Lamprecht

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20211126135524.117846-10-w.bumiller@proxmox.com \
    --to=w.bumiller@proxmox.com \
    --cc=pmg-devel@lists.proxmox.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.

Service provided by Proxmox Server Solutions GmbH | Privacy | Legal