forked from theRainbird/CoreRemoting
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathLinuxPamAuthProvider.cs
61 lines (51 loc) · 2.16 KB
/
LinuxPamAuthProvider.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
using System.Diagnostics.CodeAnalysis;
using System.Linq;
using Npam;
namespace CoreRemoting.Authentication
{
/// <summary>
/// Authentication provider to check credentials against local Linux user accounts.
/// </summary>
[SuppressMessage("ReSharper", "MemberCanBePrivate.Global")]
public class LinuxPamAuthProvider : IAuthenticationProvider
{
public const string CREDENTIAL_TYPE_USERNAME = "username";
public const string CREDENTIAL_TYPE_PASSWORD = "password";
/// <summary>
/// Authenticates the provided credentials and returns the authenticated identity, if successful.
/// </summary>
/// <param name="credentials">Array of credentials ("username", "password")</param>
/// <param name="authenticatedIdentity">Authenticated Identity</param>
/// <returns>Indicates whether the authentication was successful.</returns>
public bool Authenticate(Credential[] credentials, out RemotingIdentity authenticatedIdentity)
{
authenticatedIdentity = null;
if (credentials == null)
return false;
var userName =
credentials
.Where(c => c.Name.ToLower() == CREDENTIAL_TYPE_USERNAME)
.Select(c => c.Value)
.FirstOrDefault();
var password =
credentials
.Where(c => c.Name.ToLower() == CREDENTIAL_TYPE_PASSWORD)
.Select(c => c.Value)
.FirstOrDefault();
var isAuthenticated = NpamUser.Authenticate("passwd", userName, password);
if (isAuthenticated)
{
var accountInfo = NpamUser.GetAccountInfo(userName);
authenticatedIdentity =
new RemotingIdentity()
{
Name = accountInfo.Username,
IsAuthenticated = true,
Roles = new []{ accountInfo.GroupID.ToString() }
};
return true;
}
return false;
}
}
}