diff options
3 files changed, 35 insertions, 11 deletions
diff --git a/admin/Sources/Services/ogAdmServer/sources/ogAdmServer.cpp b/admin/Sources/Services/ogAdmServer/sources/ogAdmServer.cpp index d70aa0c5..25042363 100644 --- a/admin/Sources/Services/ogAdmServer/sources/ogAdmServer.cpp +++ b/admin/Sources/Services/ogAdmServer/sources/ogAdmServer.cpp @@ -22,6 +22,7 @@ static char pasguor[LONPRM]; // Password del usuario static char datasource[LONPRM]; // Dirección IP del gestor de base de datos static char catalog[LONPRM]; // Nombre de la base de datos static char interface[LONPRM]; // Interface name +static char auth_token[LONPRM]; // API token //________________________________________________________________________________________________________ // Función: tomaConfiguracion @@ -77,7 +78,8 @@ static bool tomaConfiguracion(const char *filecfg) snprintf(catalog, sizeof(catalog), "%s", value); else if (!strcmp(StrToUpper(key), "INTERFACE")) snprintf(interface, sizeof(interface), "%s", value); - + else if (!strcmp(StrToUpper(key), "APITOKEN")) + snprintf(auth_token, sizeof(auth_token), "%s", value); line = fgets(buf, sizeof(buf), fcfg); } @@ -132,6 +134,7 @@ struct og_client { int keepalive_idx; bool rest; unsigned int content_length; + char auth_token[64]; }; static inline int og_client_socket(const struct og_client *cli) @@ -3880,6 +3883,15 @@ static int og_client_not_found(struct og_client *cli) return -1; } +static int og_client_not_authorized(struct og_client *cli) +{ + char buf[] = "HTTP/1.1 404 Unauthorized\r\nContent-Length: 0\r\n\r\n"; + + send(og_client_socket(cli), buf, strlen(buf), 0); + + return -1; +} + static int og_client_ok(struct og_client *cli, char *buf_reply) { char buf[4096] = {}; @@ -3918,6 +3930,11 @@ static int og_client_state_process_payload_rest(struct og_client *cli) body = strstr(cli->buf, "\r\n\r\n") + 4; + if (strcmp(cli->auth_token, auth_token)) { + syslog(LOG_ERR, "wrong Authentication key\n"); + return og_client_not_authorized(cli); + } + if (cli->content_length) { root = json_loads(body, 0, &json_err); if (!root) { @@ -4047,6 +4064,10 @@ static int og_client_state_recv_hdr_rest(struct og_client *cli) cli->msg_len += cli->content_length; } + ptr = strstr(cli->buf, "Authorization: "); + if (ptr) + sscanf(ptr, "Authorization: %64[^\r\n]", cli->auth_token); + return 1; } diff --git a/admin/Sources/Services/ogAdmServer/tests/config/ogAdmServer.cfg b/admin/Sources/Services/ogAdmServer/tests/config/ogAdmServer.cfg index aa201130..41d812b6 100644 --- a/admin/Sources/Services/ogAdmServer/tests/config/ogAdmServer.cfg +++ b/admin/Sources/Services/ogAdmServer/tests/config/ogAdmServer.cfg @@ -5,3 +5,4 @@ PASSWORD=test-db datasource=localhost CATALOG=test-db INTERFACE=eth1 +APITOKEN=07b3bfe728954619b58f0107ad73acc1 diff --git a/admin/Sources/Services/ogAdmServer/tests/run-tests.sh b/admin/Sources/Services/ogAdmServer/tests/run-tests.sh index f0cae2a7..ca00b5ff 100755 --- a/admin/Sources/Services/ogAdmServer/tests/run-tests.sh +++ b/admin/Sources/Services/ogAdmServer/tests/run-tests.sh @@ -1,10 +1,12 @@ -curl -X POST http://127.0.0.1:8888/clients -d @post_clients.json -curl -X GET http://127.0.0.1:8888/clients -curl -X POST http://127.0.0.1:8888/wol -d @wol.json -curl -X POST http://127.0.0.1:8888/shell/run -d @post_shell_run.json -curl -X POST http://127.0.0.1:8888/shell/output -d @post_shell_output.json -curl -X POST http://127.0.0.1:8888/session -d @session.json -curl -X POST http://127.0.0.1:8888/poweroff -d @poweroff.json -curl -X POST http://127.0.0.1:8888/reboot -d @reboot.json -curl -X POST http://127.0.0.1:8888/stop -d @stop.json -curl -X POST http://127.0.0.1:8888/refresh -d @refresh.json +API_KEY="07b3bfe728954619b58f0107ad73acc1" + +curl -X POST -H "Authorization: $API_KEY" http://127.0.0.1:8888/clients -d @post_clients.json +curl -X GET -H "Authorization: $API_KEY" http://127.0.0.1:8888/clients +curl -X POST -H "Authorization: $API_KEY" http://127.0.0.1:8888/wol -d @wol.json +curl -X POST -H "Authorization: $API_KEY" http://127.0.0.1:8888/shell/run -d @post_shell_run.json +curl -X POST -H "Authorization: $API_KEY" http://127.0.0.1:8888/shell/output -d @post_shell_output.json +curl -X POST -H "Authorization: $API_KEY" http://127.0.0.1:8888/session -d @session.json +curl -X POST -H "Authorization: $API_KEY" http://127.0.0.1:8888/poweroff -d @poweroff.json +curl -X POST -H "Authorization: $API_KEY" http://127.0.0.1:8888/reboot -d @reboot.json +curl -X POST -H "Authorization: $API_KEY" http://127.0.0.1:8888/stop -d @stop.json +curl -X POST -H "Authorization: $API_KEY" http://127.0.0.1:8888/refresh -d @refresh.json |