feat: Pass user to auth_method::authenticator_check_request

This is required for LDAP authentication, because we need username to format the corresponding DN. NO_DOC=picodata internal patch NO_CHANGELOG=picodata internal patch NO_TEST=picodata internal patch

feat: Pass user to auth_method::authenticator_check_request
b9f9a4d5 · Dmitry Ivanov · b766a14b · b9f9a4d5 · b9f9a4d5 · b9f9a4d5
Commit b9f9a4d5 authored 1 year ago by Dmitry Ivanov
--- a/src/box/auth_chap_sha1.c
+++ b/src/box/auth_chap_sha1.c
@@ -250,10 +250,12 @@ auth_chap_sha1_authenticator_delete(struct authenticator *auth_)
 /** auth_method::authenticator_check_request */
 static bool
 auth_chap_sha1_authenticate_request(const struct authenticator *auth_,
+				    const char *user,
 				    const char *salt,
 				    const char *auth_request,
 				    const char *auth_request_end)
 {
+	(void)user;
 	const struct auth_chap_sha1_authenticator *auth =
 		(const struct auth_chap_sha1_authenticator *)auth_;
 	uint32_t scramble_len;

--- a/src/box/auth_md5.c
+++ b/src/box/auth_md5.c
@@ -205,10 +205,12 @@ auth_md5_authenticator_delete(struct authenticator *auth_)
 /** auth_method::authenticator_check_request */
 static bool
 auth_md5_authenticate_request(const struct authenticator *auth_,
+			      const char *user,
 			      const char *salt,
 			      const char *auth_request,
 			      const char *auth_request_end)
 {
+	(void)user;
 	const struct auth_md5_authenticator *auth =
 		(const struct auth_md5_authenticator *)auth_;
 	uint32_t client_pass_len;

--- a/src/box/authentication.c
+++ b/src/box/authentication.c
@@ -49,7 +49,7 @@ authenticate_password(const struct authenticator *auth,
 	const char *auth_request, *auth_request_end;
 	auth_request_prepare(auth->method, password, password_len, user, salt,
 			     &auth_request, &auth_request_end);
-	bool ret = authenticate_request(auth, salt, auth_request,
+	bool ret = authenticate_request(auth, user, salt, auth_request,
 					auth_request_end);
 	region_truncate(region, region_svp);
 	return ret;
@@ -109,7 +109,7 @@ authenticate(const char *user_name, uint32_t user_name_len,
 		return -1;
 	if (user == NULL || user->def->auth == NULL ||
 	    user->def->auth->method != method ||
-	    !authenticate_request(user->def->auth, salt,
+	    !authenticate_request(user->def->auth, user->def->name, salt,
 				  auth_request, auth_request_end)) {
 		auth_res.is_authenticated = false;
 		if (session_run_on_auth_triggers(&auth_res) != 0)

--- a/src/box/authentication.h
+++ b/src/box/authentication.h
@@ -138,6 +138,7 @@ struct auth_method {
 	 */
 	bool
 	(*authenticate_request)(const struct authenticator *auth,
+				const char *user,
 				const char *salt,
 				const char *auth_request,
 				const char *auth_request_end);
@@ -191,13 +192,15 @@ authenticator_delete(struct authenticator *auth)
 * NOTE: the request must be well-formed (checked by auth_request_check).
 */
 static inline bool
-authenticate_request(const struct authenticator *auth, const char *salt,
+authenticate_request(const struct authenticator *auth,
+		     const char *user, const char *salt,
 		     const char *auth_request, const char *auth_request_end)
 {
 	assert(auth->method->auth_request_check(auth->method, auth_request,
 						auth_request_end) == 0);
-	return auth->method->authenticate_request(
-			auth, salt, auth_request, auth_request_end);
+	return auth->method->authenticate_request(auth, user, salt,
+						  auth_request,
+						  auth_request_end);
 }

 /**