Changeset 724 in code for trunk/user.go


Ignore:
Timestamp:
Nov 21, 2021, 3:10:54 PM (4 years ago)
Author:
contact
Message:

Add support for post-connection-registration upstream SASL auth

Once the downstream connection has logged in with their bouncer
credentials, allow them to issue more SASL auths which will be
redirected to the upstream network. This allows downstream clients
to provide UIs to login to transparently login to upstream networks.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/user.go

    r722 r724  
    405405}
    406406
     407func (net *network) autoSaveSASLPlain(ctx context.Context, username, password string) {
     408        // User may have e.g. EXTERNAL mechanism configured. We do not want to
     409        // automatically erase the key pair or any other credentials.
     410        if net.SASL.Mechanism != "" && net.SASL.Mechanism != "PLAIN" {
     411                return
     412        }
     413
     414        net.logger.Printf("auto-saving SASL PLAIN credentials with username %q", username)
     415        net.SASL.Mechanism = "PLAIN"
     416        net.SASL.Plain.Username = username
     417        net.SASL.Plain.Password = password
     418        if err := net.user.srv.db.StoreNetwork(ctx, net.user.ID, &net.Network); err != nil {
     419                net.logger.Printf("failed to save SASL PLAIN credentials: %v", err)
     420        }
     421}
     422
    407423type user struct {
    408424        User
Note: See TracChangeset for help on using the changeset viewer.