32 bool pam(
const std::string & s )
34 return !G::is_windows() && ( s ==
"pam:" || s ==
"/pam" ) ;
36 bool plain(
const std::string & s )
40 bool parse(
const std::string & s , std::string &
id , std::string & pwd )
47 void check(
const std::string & s )
53 if( !parse( s ,
id , pwd ) )
54 throw Secrets::ClientAccountError() ;
66 namespace imp = SecretsImp ;
67 if( !c.empty() ) imp::check( c ) ;
73 const std::string & log_name )
75 return std::make_unique<SecretsFileServer>( path , log_name ) ;
79 const std::string & log_name )
81 return std::make_unique<SecretsFileClient>( path , log_name ) ;
87 m_id_pwd(SecretsImp::plain(path)) ,
88 m_file(m_id_pwd?
std::string():path,true,log_name)
91 SecretsImp::parse( path , m_id , m_pwd ) ;
97bool GAuth::SecretsFileClient::validSelector(
G::string_view selector )
const
100 return selector.empty() ;
101 else if( !m_file.valid() )
102 return selector.empty() ;
104 return m_file.containsClientSelector( selector ) ;
107bool GAuth::SecretsFileClient::mustAuthenticate(
G::string_view selector )
const
111 else if( !m_file.valid() )
114 return m_file.containsClientSecret( selector ) ;
119 if( m_id_pwd && type ==
"plain"_sv )
129 return m_file.clientSecret( type , selector ) ;
136 m_pam(SecretsImp::pam(spec)) ,
137 m_file(m_pam?
std::string():spec,true,log_name)
144std::string GAuth::SecretsFileServer::source()
const
146 return m_pam ? std::string(
"pam:") : m_file.path() ;
149bool GAuth::SecretsFileServer::valid()
const
151 return m_pam || m_file.valid() ;
157 return m_file.serverSecret( type ,
id ) ;
160std::pair<std::string,std::string> GAuth::SecretsFileServer::serverTrust(
const std::string & address_range )
const
163 return m_file.serverTrust( address_range ) ;
169 return m_file.containsServerSecret( type ,
id ) ;
Encapsulates a userid/shared-secret/hash-function tuple from the secrets file.
static Secret none()
Factory function that returns a secret that is not valid().
~SecretsFileClient() override
Destructor.
SecretsFileClient(const std::string &path_spec, const std::string &log_name)
Constructor. See GAuth::Secrets::newClientSecrets().
~SecretsFileServer() override
Destructor.
SecretsFileServer(const std::string &path, const std::string &log_name)
Constructor. See GAuth::Secrets::newServerSecrets().
static void check(const std::string &path, bool with_warnings)
Checks the given file.
static std::unique_ptr< SaslServerSecrets > newServerSecrets(const std::string &spec, const std::string &log_name)
Factory function for server secrets.
static void check(const std::string &client, const std::string &server, const std::string &pop)
Checks the given secret sources.
static std::unique_ptr< SaslClientSecrets > newClientSecrets(const std::string &spec, const std::string &log_name)
Factory function for client secrets.
static bool valid(string_view, bool strict=true)
Returns true if the string is a valid base64 encoding, possibly allowing for embedded newlines,...
static std::string tail(string_view in, std::size_t pos, string_view default_={})
Returns the last part of the string after the given position.
static std::string head(string_view in, std::size_t pos, string_view default_={})
Returns the first part of the string up to just before the given position.
static bool headMatch(const std::string &in, string_view head) noexcept
Returns true if the string has the given start (or head is empty).
A class like c++17's std::string_view.
SASL authentication classes.