Auth: adds JWT bearer auth via /authenticate.

Works in addition to digest auth
2021-07-06 22:52:33 -07:00
parent f64ffcb8cc
commit 4d51ba7dd2
8 changed files with 314 additions and 10 deletions
--- a/kordophone/Bridge/Operations/MBIMAuthenticateOperation.m
+++ b/kordophone/Bridge/Operations/MBIMAuthenticateOperation.m
@@ -0,0 +1,72 @@
+//
+//  MBIMAuthenticateOperation.m
+//  MBIMAuthenticateOperation
+//
+//  Created by James Magahern on 7/6/21.
+//  Copyright © 2021 James Magahern. All rights reserved.
+//
+
+#import "MBIMAuthenticateOperation.h"
+#import "MBIMBridge.h"
+#import "MBIMAuthToken.h"
+
+@implementation MBIMAuthenticateOperation
+
+ (void)load { [super load]; }
+
+ (NSString *)endpointName
+{
+    return @"authenticate";
+}
+
+ (BOOL)requiresAuthentication
+{
+    return NO;
+}
+
+- (void)main
+{
+    NSObject<HTTPResponse> *response = nil;
+    
+    if (self.requestBodyData.length == 0) {
+        self.serverCompletionBlock([[HTTPErrorResponse alloc] initWithErrorCode:400]);
+        return;
+    }
+    
+    NSError *error = nil;
+    NSDictionary *args = [NSJSONSerialization JSONObjectWithData:self.requestBodyData options:0 error:&error];
+    if (error || args.count == 0) {
+        response = [[HTTPErrorResponse alloc] initWithErrorCode:400];
+    } else {
+        do {
+            NSString *username = [args objectForKey:@"username"];
+            NSString *password = [args objectForKey:@"password"];
+            
+            if (!username || !password) {
+                response = [[HTTPErrorResponse alloc] initWithErrorCode:400];
+                break;
+            }
+            
+            if (![MBIMBridge.sharedInstance.authUsername isEqualToString:username]) {
+                response = [[HTTPErrorResponse alloc] initWithErrorCode:401];
+                break;
+            }
+            
+            if (![MBIMBridge.sharedInstance.authPassword isEqualToString:password]) {
+                response = [[HTTPErrorResponse alloc] initWithErrorCode:401];
+                break;
+            }
+
+            MBIMAuthToken *token = [[MBIMAuthToken alloc] initWithUsername:username];
+            
+            // All systems go 
+            response = [MBIMJSONDataResponse responseWithJSONObject:@{
+                @"jwt" : token.jwtToken
+            }];
+        } while (NO);
+    }
+    
+    self.serverCompletionBlock(response);
+}
+
+@end