summaryrefslogtreecommitdiffstats
path: root/ll-auth-binding
diff options
context:
space:
mode:
authorLoïc Collignon <loic.collignon@iot.bzh>2017-07-11 06:36:33 +0200
committerLoïc Collignon <loic.collignon@iot.bzh>2017-07-11 06:36:33 +0200
commit0455a7401f9f0f9bfad82c5ddf04f7dd70b0b852 (patch)
tree819bc150cb62c8eb344656086bbb52892f5288b8 /ll-auth-binding
parent66b90d26cfd555b2aa5fef67d31e539a70256719 (diff)
first somewhat working version.
Change-Id: I3101dc6b8add87eccac3bbf177b1320137f72463 Signed-off-by: Loïc Collignon <loic.collignon@iot.bzh>
Diffstat (limited to 'll-auth-binding')
-rw-r--r--ll-auth-binding/CMakeLists.txt3
-rw-r--r--ll-auth-binding/conf.d/cmake/config.cmake149
-rw-r--r--ll-auth-binding/htdocs/AFB-websock.js174
-rw-r--r--ll-auth-binding/htdocs/CMakeLists.txt43
-rw-r--r--ll-auth-binding/htdocs/IdentityBinding.js72
-rw-r--r--ll-auth-binding/htdocs/auth.html28
-rw-r--r--ll-auth-binding/htdocs/index.html11
-rw-r--r--ll-auth-binding/src/CMakeLists.txt21
-rw-r--r--ll-auth-binding/src/export.map1
-rw-r--r--ll-auth-binding/src/ll-auth-binding.c208
-rwxr-xr-xll-auth-binding/start.sh3
11 files changed, 713 insertions, 0 deletions
diff --git a/ll-auth-binding/CMakeLists.txt b/ll-auth-binding/CMakeLists.txt
new file mode 100644
index 0000000..3784ade
--- /dev/null
+++ b/ll-auth-binding/CMakeLists.txt
@@ -0,0 +1,3 @@
+cmake_minimum_required(VERSION 3.3)
+
+include(${CMAKE_CURRENT_SOURCE_DIR}/conf.d/cmake/config.cmake)
diff --git a/ll-auth-binding/conf.d/cmake/config.cmake b/ll-auth-binding/conf.d/cmake/config.cmake
new file mode 100644
index 0000000..5b4f664
--- /dev/null
+++ b/ll-auth-binding/conf.d/cmake/config.cmake
@@ -0,0 +1,149 @@
+###########################################################################
+# Copyright 2015, 2016, 2017 IoT.bzh
+#
+# author: Fulup Ar Foll <fulup@iot.bzh>
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+###########################################################################
+
+# Project Info
+# ------------------
+set(PROJECT_NAME ll-auth-binding)
+set(PROJECT_VERSION "0.1")
+set(PROJECT_PRETTY_NAME "Low Level Auth Binding")
+set(PROJECT_DESCRIPTION "A low level binding to log users in and out.")
+set(PROJECT_URL "")
+set(PROJECT_ICON "icon.png")
+set(PROJECT_AUTHOR "Collignon, Loïc")
+set(PROJECT_AUTHOR_MAIL "loic.collignon@iot.bzh")
+set(PROJECT_LICENSE "APL2.0")
+set(PROJECT_LANGUAGES,"C")
+
+# Where are stored default templates files from submodule or subtree app-templates in your project tree
+# relative to the root project directory
+set(PROJECT_APP_TEMPLATES_DIR "conf.d/app-templates")
+
+# Where are stored your external libraries for your project. This is 3rd party library that you don't maintain
+# but used and must be built and linked.
+# set(PROJECT_LIBDIR "libs")
+
+# Where are stored data for your application. Pictures, static resources must be placed in that folder.
+# set(PROJECT_RESOURCES "data")
+
+# Which directories inspect to find CMakeLists.txt target files
+# set(PROJECT_SRC_DIR_PATTERN "*")
+
+# Compilation Mode (DEBUG, RELEASE)
+# ----------------------------------
+set(CMAKE_BUILD_TYPE "DEBUG")
+
+# Kernel selection if needed. Impose a minimal version.
+# NOTE FOR NOW IT CHECKS KERNEL Yocto SDK Kernel version
+# else only HOST VERSION
+# -----------------------------------------------
+#set (kernel_minimal_version 4.8)
+
+# Compiler selection if needed. Impose a minimal version.
+# -----------------------------------------------
+set (gcc_minimal_version 4.9)
+
+# PKG_CONFIG required packages
+# -----------------------------
+set (PKG_REQUIRED_LIST
+ json-c
+ libsystemd>=222
+ afb-daemon
+ libmicrohttpd>=0.9.55
+)
+
+# Static constante definition
+# -----------------------------
+add_compile_options()
+
+# LANG Specific compile flags set for all build types
+set(CMAKE_C_FLAGS "")
+set(CMAKE_CXX_FLAGS "")
+
+# Print a helper message when every thing is finished
+# ----------------------------------------------------
+#set(CLOSING_MESSAGE "")
+#set(PACKAGE_MESSAGE "Install widget file using in the target : afm-util install ${PROJECT_NAME}.wgt")
+
+# (BUG!!!) as PKG_CONFIG_PATH does not work [should be an env variable]
+# ---------------------------------------------------------------------
+set(CMAKE_INSTALL_PREFIX $ENV{HOME}/opt)
+set(CMAKE_PREFIX_PATH ${CMAKE_PREFIX_PATH} ${CMAKE_INSTALL_PREFIX}/lib64/pkgconfig ${CMAKE_INSTALL_PREFIX}/lib/pkgconfig)
+set(LD_LIBRARY_PATH ${CMAKE_INSTALL_PREFIX}/lib64 ${CMAKE_INSTALL_PREFIX}/lib)
+
+# Optional location for config.xml.in
+# -----------------------------------
+#set(WIDGET_CONFIG_TEMPLATE ${CMAKE_CURRENT_SOURCE_DIR}/conf.d/config.xml.in)
+
+# Mandatory widget Mimetype specification of the main unit
+# --------------------------------------------------------------------------
+# Choose between :
+#- text/html : HTML application,
+# content.src designates the home page of the application
+#
+#- application/vnd.agl.native : AGL compatible native,
+# content.src designates the relative path of the binary.
+#
+# - application/vnd.agl.service: AGL service, content.src is not used.
+#
+#- ***application/x-executable***: Native application,
+# content.src designates the relative path of the binary.
+# For such application, only security setup is made.
+#
+set(WIDGET_TYPE MimeType_Not_Set)
+
+# Mandatory Widget entry point file of the main unit
+# --------------------------------------------------------------
+# This is the file that will be executed, loaded,
+# at launch time by the application framework.
+#
+set(WIDGET_ENTRY_POINT EntryPoint_Path_Not_Set)
+
+# Optional dependencies order
+# ---------------------------
+#set(EXTRA_DEPENDENCIES_ORDER)
+
+# Optional Extra global include path
+# -----------------------------------
+#set(EXTRA_INCLUDE_DIRS)
+
+# Optional extra libraries
+# -------------------------
+#set(EXTRA_LINK_LIBRARIES)
+
+# Optional force binding installation
+# ------------------------------------
+# set(BINDINGS_INSTALL_PREFIX PrefixPath )
+
+# Optional force binding Linking flag
+# ------------------------------------
+# set(BINDINGS_LINK_FLAG LinkOptions )
+
+# Optional force package prefix generation, like widget
+# -----------------------------------------------------
+# set(PKG_PREFIX DestinationPath)
+
+# Optional Application Framework security token
+# and port use for remote debugging.
+#------------------------------------------------------------
+#set(AFB_TOKEN "" CACHE PATH "Default AFB_TOKEN")
+#set(AFB_REMPORT "1234" CACHE PATH "Default AFB_TOKEN")
+
+# This include is mandatory and MUST happens at the end
+# of this file, else you expose you to unexpected behavior
+# -----------------------------------------------------------
+include(${PROJECT_APP_TEMPLATES_DIR}/cmake/common.cmake)
diff --git a/ll-auth-binding/htdocs/AFB-websock.js b/ll-auth-binding/htdocs/AFB-websock.js
new file mode 100644
index 0000000..08a7ffe
--- /dev/null
+++ b/ll-auth-binding/htdocs/AFB-websock.js
@@ -0,0 +1,174 @@
+AFB = function(base, initialtoken){
+
+var urlws = "ws://"+window.location.host+"/"+base;
+var urlhttp = "http://"+window.location.host+"/"+base;
+
+/*********************************************/
+/**** ****/
+/**** AFB_context ****/
+/**** ****/
+/*********************************************/
+var AFB_context;
+{
+ var UUID = undefined;
+ var TOKEN = initialtoken;
+
+ var context = function(token, uuid) {
+ this.token = token;
+ this.uuid = uuid;
+ }
+
+ context.prototype = {
+ get token() {return TOKEN;},
+ set token(tok) {if(tok) TOKEN=tok;},
+ get uuid() {return UUID;},
+ set uuid(id) {if(id) UUID=id;}
+ };
+
+ AFB_context = new context();
+}
+/*********************************************/
+/**** ****/
+/**** AFB_websocket ****/
+/**** ****/
+/*********************************************/
+var AFB_websocket;
+{
+ var CALL = 2;
+ var RETOK = 3;
+ var RETERR = 4;
+ var EVENT = 5;
+
+ var PROTO1 = "x-afb-ws-json1";
+
+ AFB_websocket = function(onopen, onabort) {
+ var u = urlws;
+ if (AFB_context.token) {
+ u = u + '?x-afb-token=' + AFB_context.token;
+ if (AFB_context.uuid)
+ u = u + '&x-afb-uuid=' + AFB_context.uuid;
+ }
+ this.ws = new WebSocket(u, [ PROTO1 ]);
+ this.pendings = {};
+ this.awaitens = {};
+ this.counter = 0;
+ this.ws.onopen = onopen.bind(this);
+ this.ws.onerror = onerror.bind(this);
+ this.ws.onclose = onclose.bind(this);
+ this.ws.onmessage = onmessage.bind(this);
+ this.onopen = onopen;
+ this.onabort = onabort;
+ this.onclose = onabort;
+ }
+
+ function onerror(event) {
+ var f = this.onabort;
+ if (f) {
+ delete this.onopen;
+ delete this.onabort;
+ f && f(this);
+ }
+ this.onerror && this.onerror(this);
+ }
+
+ function onopen(event) {
+ var f = this.onopen;
+ delete this.onopen;
+ delete this.onabort;
+ f && f(this);
+ }
+
+ function onclose(event) {
+ for (var id in this.pendings) {
+ var ferr = this.pendings[id].onerror;
+ ferr && ferr(null, this);
+ }
+ this.pendings = {};
+ this.onclose && this.onclose();
+ }
+
+ function fire(awaitens, name, data) {
+ var a = awaitens[name];
+ if (a)
+ a.forEach(function(handler){handler(data);});
+ var i = name.indexOf("/");
+ if (i >= 0) {
+ a = awaitens[name.substring(0,i)];
+ if (a)
+ a.forEach(function(handler){handler(data);});
+ }
+ a = awaitens["*"];
+ if (a)
+ a.forEach(function(handler){handler(data);});
+ }
+
+ function reply(pendings, id, ans, offset) {
+ if (id in pendings) {
+ var p = pendings[id];
+ delete pendings[id];
+ var f = p[offset];
+ f(ans);
+ }
+ }
+
+ function onmessage(event) {
+ var obj = JSON.parse(event.data);
+ var code = obj[0];
+ var id = obj[1];
+ var ans = obj[2];
+ AFB_context.token = obj[3];
+ switch (code) {
+ case RETOK:
+ reply(this.pendings, id, ans, 0);
+ break;
+ case RETERR:
+ reply(this.pendings, id, ans, 1);
+ break;
+ case EVENT:
+ default:
+ fire(this.awaitens, id, ans);
+ break;
+ }
+ }
+
+ function close() {
+ this.ws.close();
+ this.onabort();
+ }
+
+ function call(method, request) {
+ return new Promise((function(resolve, reject){
+ var id, arr;
+ do {
+ id = String(this.counter = 4095 & (this.counter + 1));
+ } while (id in this.pendings);
+ this.pendings[id] = [ resolve, reject ];
+ arr = [CALL, id, method, request ];
+ if (AFB_context.token) arr.push(AFB_context.token);
+ this.ws.send(JSON.stringify(arr));
+ }).bind(this));
+ }
+
+ function onevent(name, handler) {
+ var id = name;
+ var list = this.awaitens[id] || (this.awaitens[id] = []);
+ list.push(handler);
+ }
+
+ AFB_websocket.prototype = {
+ close: close,
+ call: call,
+ onevent: onevent
+ };
+}
+/*********************************************/
+/**** ****/
+/**** ****/
+/**** ****/
+/*********************************************/
+return {
+ context: AFB_context,
+ ws: AFB_websocket
+};
+};
+
diff --git a/ll-auth-binding/htdocs/CMakeLists.txt b/ll-auth-binding/htdocs/CMakeLists.txt
new file mode 100644
index 0000000..5bdb47f
--- /dev/null
+++ b/ll-auth-binding/htdocs/CMakeLists.txt
@@ -0,0 +1,43 @@
+###########################################################################
+# Copyright 2015, 2016, 2017 IoT.bzh
+#
+# author: Fulup Ar Foll <fulup@iot.bzh>
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+###########################################################################
+
+
+
+##################################################
+# HTML Testing Files
+##################################################
+PROJECT_TARGET_ADD(www_test)
+
+ file(GLOB SOURCE_FILES "*.html" "*.js" "*.jpg")
+
+ add_custom_target(${TARGET_NAME}
+ DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/${TARGET_NAME}
+ )
+
+ add_custom_command(
+ DEPENDS ${SOURCE_FILES}
+ OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/${TARGET_NAME}
+ COMMAND mkdir -p ${CMAKE_CURRENT_BINARY_DIR}/${TARGET_NAME}
+ COMMAND touch ${CMAKE_CURRENT_BINARY_DIR}/${TARGET_NAME}
+ COMMAND cp -r ${SOURCE_FILES} ${CMAKE_CURRENT_BINARY_DIR}/${TARGET_NAME}
+ )
+
+ SET_TARGET_PROPERTIES(${TARGET_NAME} PROPERTIES
+ LABELS "HTDOCS"
+ OUTPUT_NAME ${TARGET_NAME}
+ )
diff --git a/ll-auth-binding/htdocs/IdentityBinding.js b/ll-auth-binding/htdocs/IdentityBinding.js
new file mode 100644
index 0000000..5f9ea24
--- /dev/null
+++ b/ll-auth-binding/htdocs/IdentityBinding.js
@@ -0,0 +1,72 @@
+ var afb = new AFB("api", "mysecret");
+ var ws;
+ var evtidx=0;
+
+ function getParameterByName(name, url) {
+ if (!url) {
+ url = window.location.href;
+ }
+ name = name.replace(/[\[\]]/g, "\\$&");
+ var regex = new RegExp("[?&]" + name + "(=([^&#]*)|&|#|$)"),
+ results = regex.exec(url);
+ if (!results) return null;
+ if (!results[2]) return '';
+ return decodeURIComponent(results[2].replace(/\+/g, " "));
+ }
+
+ // default soundcard is "PCH"
+ var devid=getParameterByName("devid");
+ if (!devid) devid="hw:0";
+
+ var sndname=getParameterByName("sndname");
+ if (!sndname) sndname="PCH";
+
+ var quiet=getParameterByName("quiet");
+ if (!quiet) quiet="99";
+
+ function init() {
+ ws = new afb.ws(onopen, onabort);
+ }
+
+ function onopen() {
+ document.getElementById("main").style.visibility = "visible";
+ document.getElementById("connected").innerHTML = "Binder WS Active";
+ document.getElementById("connected").style.background = "lightgreen";
+ ws.onevent("*", gotevent);
+ }
+
+ function onabort() {
+ document.getElementById("main").style.visibility = "hidden";
+ document.getElementById("connected").innerHTML = "Connected Closed";
+ document.getElementById("connected").style.background = "red";
+
+ }
+
+ function replyok(obj) {
+ console.log("replyok:" + JSON.stringify(obj));
+ document.getElementById("output").innerHTML = "OK: "+JSON.stringify(obj);
+ }
+
+ function replyerr(obj) {
+ console.log("replyerr:" + JSON.stringify(obj));
+ document.getElementById("output").innerHTML = "ERROR: "+JSON.stringify(obj);
+ }
+
+ function gotevent(obj) {
+ console.log("gotevent:" + JSON.stringify(obj));
+ document.getElementById("outevt").innerHTML = (evtidx++) +": "+JSON.stringify(obj);
+ }
+
+ function send(message) {
+ var api = document.getElementById("api").value;
+ var verb = document.getElementById("verb").value;
+ document.getElementById("question").innerHTML = "subscribe: "+api+"/"+verb + " (" + JSON.stringify(message) +")";
+ ws.call(api+"/"+verb, {data:message}).then(replyok, replyerr);
+ }
+
+
+ function callbinder(api, verb, query) {
+ console.log ("subscribe api="+api+" verb="+verb+" query=" +query);
+ document.getElementById("question").innerHTML = "apicall: " + api+"/"+verb +" ("+ JSON.stringify(query)+")";
+ ws.call(api+"/"+verb, query).then(replyok, replyerr);
+ }
diff --git a/ll-auth-binding/htdocs/auth.html b/ll-auth-binding/htdocs/auth.html
new file mode 100644
index 0000000..6e0da89
--- /dev/null
+++ b/ll-auth-binding/htdocs/auth.html
@@ -0,0 +1,28 @@
+<html>
+ <head>
+ <title>ll-auth-binding test</title>
+ <script type="text/javascript" src="AFB-websock.js"></script>
+ <script type="text/javascript" src="IdentityBinding.js"></script>
+ </head>
+
+ <body onload="init();">
+ <h1>Identity Binding</h1>
+ <button id="connected" onclick="init()">Binder WS Fail</button>
+ <br>
+ <ol>
+ <!--
+ <li><button onclick="callbinder('ll-auth','login', {})">login</button></li>
+ <li><button onclick="callbinder('ll-auth','logout', {})">logout</button></li>
+ -->
+ <li><button onclick="callbinder('ll-auth','getuser', {})">get user</button></li>
+ </ol>
+ <br>
+ <div id="main" style="visibility:hidden">
+ <ol>
+ <li>Question <div id="question"></div></li>
+ <li>Response <div id="output"></div></li>
+ <li>Events: <div id="outevt"></div>
+ </ol>
+ </div>
+ </body>
+</html> \ No newline at end of file
diff --git a/ll-auth-binding/htdocs/index.html b/ll-auth-binding/htdocs/index.html
new file mode 100644
index 0000000..5eb0401
--- /dev/null
+++ b/ll-auth-binding/htdocs/index.html
@@ -0,0 +1,11 @@
+<html>
+ <head>
+ <title>Identity Binding tests</title>
+ </head>
+ <body>
+ <h1>Identity Binding tests</h1>
+ <ol>
+ <li><a href="auth.html">Auth</a></li>
+ </ol>
+ </body>
+</html>
diff --git a/ll-auth-binding/src/CMakeLists.txt b/ll-auth-binding/src/CMakeLists.txt
new file mode 100644
index 0000000..2b682bd
--- /dev/null
+++ b/ll-auth-binding/src/CMakeLists.txt
@@ -0,0 +1,21 @@
+PROJECT_TARGET_ADD(ll-auth-binding)
+
+# Require PAM but there is no find_package
+set(PAM_INCLUDE_DIR "/usr/include/")
+set(PAM_LIBRARY "/lib64/libpam.so.0")
+set(PAM_MISC_LIBRARY "/lib64/libpam_misc.so.0")
+include_directories(${PAM_INCLUDE_DIR})
+
+add_library(ll-auth-binding MODULE ll-auth-binding.c)
+
+set_target_properties(ll-auth-binding PROPERTIES
+ PREFIX "afb-"
+ LABELS "BINDING"
+ LINK_FLAGS ${BINDINGS_LINK_FLAG}
+ OUTPUT_NAME ${TARGET_NAME})
+
+target_link_libraries(ll-auth-binding ${link_libraries} ${PAM_LIBRARY} ${PAM_MISC_LIBRARY})
+
+install(
+ TARGETS ll-auth-binding
+ LIBRARY DESTINATION ${BINDINGS_INSTALL_DIR})
diff --git a/ll-auth-binding/src/export.map b/ll-auth-binding/src/export.map
new file mode 100644
index 0000000..ee2f413
--- /dev/null
+++ b/ll-auth-binding/src/export.map
@@ -0,0 +1 @@
+{ global: afbBindingV*; local: *; };
diff --git a/ll-auth-binding/src/ll-auth-binding.c b/ll-auth-binding/src/ll-auth-binding.c
new file mode 100644
index 0000000..e85d63a
--- /dev/null
+++ b/ll-auth-binding/src/ll-auth-binding.c
@@ -0,0 +1,208 @@
+#define _GNU_SOURCE
+#include <stdio.h>
+#include <string.h>
+#include <json-c/json.h>
+#include <security/pam_appl.h>
+#include <security/pam_misc.h>
+
+#define AFB_BINDING_VERSION 2
+#include <afb/afb-binding.h>
+
+static struct pam_conv conv = { misc_conv, NULL };
+
+static char* current_device = NULL;
+static char* current_user = NULL;
+
+afb_event evt_login, evt_logout;
+
+/// @brief API's verb 'login'. Try to login a user using a device
+/// @param[in] req The request object. Should contains a json with a "device" key.
+static void verb_login(struct afb_req req)
+{
+ struct json_object* args = NULL;
+ struct json_object* device_object = NULL;
+ pam_handle_t* pamh;
+ int r;
+
+ if (current_user)
+ {
+ AFB_ERROR("[login] the current user must be logged out first!");
+ afb_req_fail(req, "current user must be logged out first!", NULL);
+ return;
+ }
+
+ args = afb_req_json(req);
+ if (args == NULL || !json_object_object_get_ex(args, "device", &device_object))
+ {
+ AFB_ERROR("[login] device must be provided!");
+ afb_req_fail(req, "device must be provided!", NULL);
+ return;
+ }
+
+ const char* device = json_object_get_string(device_object);
+
+ if ((r = pam_start("agl", NULL, &conv, &pamh)) != PAM_SUCCESS)
+ {
+ AFB_ERROR("PAM start failed!");
+ afb_req_fail(req, "PAM start failed!", NULL);
+ return;
+ }
+
+ char pam_variable[4096] = "DEVICE=";
+ strcat(pam_variable, device);
+
+ if ((r = pam_putenv(pamh, pam_variable)) != PAM_SUCCESS)
+ {
+ AFB_ERROR("PAM putenv failed!");
+ afb_req_fail(req, "PAM putenv failed!", NULL);
+ pam_end(pamh, r);
+ return;
+ }
+
+ if ((r = pam_authenticate(pamh, 0)) != PAM_SUCCESS)
+ {
+ AFB_ERROR("PAM authenticate failed!");
+ afb_req_fail(req, "PAM authenticate failed!", NULL);
+ pam_end(pamh, r);
+ return;
+ }
+
+ if ((r = pam_acct_mgmt(pamh, 0)) != PAM_SUCCESS)
+ {
+ AFB_ERROR("PAM acct_mgmt failed!");
+ afb_req_fail(req, "PAM acct_mgmt failed!", NULL);
+ pam_end(pamh, r);
+ return;
+ }
+
+ const char* pam_user;
+ pam_get_item(pamh, PAM_USER, (const void**)&pam_user);
+ if (!pam_user)
+ {
+ AFB_ERROR("[login] No user provided by the PAM module!");
+ afb_req_fail(req, "No user provided by the PAM module!", NULL);
+ return;
+ }
+
+ current_device = strdup(device);
+ current_user = strdup(pam_user);
+
+ if ((r = pam_end(pamh, r)) != PAM_SUCCESS)
+ {
+ AFB_ERROR("PAM end failed!");
+ afb_req_fail(req, "PAM end failed!", NULL);
+ return;
+ }
+
+ AFB_INFO("[login] device: %s, user: %s", current_device, current_user);
+ json_object* result = json_object_new_object();
+ json_object_object_add(result, "device", json_object_new_string(current_device));
+ json_object_object_add(result, "user", json_object_new_string(current_user));
+ afb_req_success(req, NULL, current_device);
+ afb_event_broadcast(evt_login, result);
+}
+
+/// @brief API's verb 'lgout'. Try to logout a user using a device
+/// @param[in] req The request object. Should contains a json with a "device" key.
+static void verb_logout(struct afb_req req)
+{
+ struct json_object* args = NULL;
+ struct json_object* device_object = NULL;
+
+ args = afb_req_json(req);
+ if (args == NULL || !json_object_object_get_ex(args, "device", &device_object))
+ {
+ AFB_INFO("[logout] device must be provided!");
+ afb_req_fail(req, "device must be provided!", NULL);
+ return;
+ }
+
+ const char* device = json_object_get_string(device_object);
+ if (current_device && !strcmp(device, current_device))
+ {
+ free(current_device);
+ current_device = NULL;
+ if (current_user)
+ {
+ free(current_user);
+ current_user = NULL;
+ AFB_INFO("[logout] device: %s", device);
+ afb_req_success(req, NULL, device);
+ afb_event_broadcast(evt_logout, NULL);
+ return;
+ }
+ else
+ {
+ AFB_INFO("No user was linked to this device!");
+ afb_req_fail(req, "No user was linked to this device!", NULL);
+ return;
+ }
+ }
+
+ AFB_INFO("The unplugged device wasn't the user key!");
+ afb_req_fail(req, "The unplugged device wasn't the user key!", NULL);
+}
+
+static void verb_getuser(struct afb_req req)
+{
+ if (!current_device || !current_user)
+ {
+ afb_req_fail(req, "there is no logged user!", NULL);
+ return;
+ }
+
+ json_object* result = json_object_new_object();
+ json_object_object_add(result, "user", json_object_new_string(current_user));
+ json_object_object_add(result, "device", json_object_new_string(current_device));
+
+ afb_req_success(req, result, NULL);
+}
+
+int ll_auth_init()
+{
+ current_user = NULL;
+ current_device = NULL;
+ evt_login = afb_daemon_make_event("login");
+ evt_logout = afb_daemon_make_event("logout");
+
+ if (afb_event_is_valid(evt_login) && afb_event_is_valid(evt_logout))
+ return 0;
+
+ AFB_ERROR("Can't create events");
+ return -1;
+}
+
+static const afb_verb_v2 _ll_auth_binding_verbs[]= {
+ {
+ .verb = "login",
+ .callback = verb_login,
+ .auth = NULL,
+ .info = NULL,
+ .session = AFB_SESSION_NONE_V2
+ },
+ {
+ .verb = "logout",
+ .callback = verb_logout,
+ .auth = NULL,
+ .info = NULL,
+ .session = AFB_SESSION_NONE_V2
+ },
+ {
+ .verb = "getuser",
+ .callback = verb_getuser,
+ .auth = NULL,
+ .info = NULL,
+ .session = AFB_SESSION_NONE_V2
+ },
+ { .verb=NULL}
+};
+
+const struct afb_binding_v2 afbBindingV2 = {
+ .api = "ll-auth",
+ .specification = NULL,
+ .verbs = _ll_auth_binding_verbs,
+ .preinit = ll_auth_init,
+ .init = NULL,
+ .onevent = NULL,
+ .noconcurrency = 0
+};
diff --git a/ll-auth-binding/start.sh b/ll-auth-binding/start.sh
new file mode 100755
index 0000000..3842372
--- /dev/null
+++ b/ll-auth-binding/start.sh
@@ -0,0 +1,3 @@
+#!/bin/bash
+
+afb-daemon --port=9000 --token='' --binding=/home/agl/projects/ll-auth-binding/build/src/afb-ll-auth-binding.so --verbose --roothttp=/home/agl/projects/ll-auth-binding/htdocs