diff options
author | Ravi Teja <raviteja28031990@gmail.com> | 2024-04-22 14:56:13 +0300 |
---|---|---|
committer | Ravi Teja <raviteja28031990@gmail.com> | 2024-04-25 21:16:38 +0300 |
commit | 482a69e72d6be4d9fdefa7b45207e8ac83d4a1a5 (patch) | |
tree | bb1e665ae78118db6ac0c9e9cc1ffea3b5777e7d | |
parent | 6b54e4e08678c0e32ed02adc87237f6ffa936691 (diff) | |
download | bmcweb-482a69e72d6be4d9fdefa7b45207e8ac83d4a1a5.tar.xz |
AccountService: Add HTTPBasicAuth support
This commit adds HTTPBasicAuth Get/Patch support
Tested By:
Redfish service validator passes.
```
curl -k --user "root:0penBmc" -H "Content-Type: application/json" -X PATCH -d '{"HTTPBasicAuth":"Enabled"}' https://192.168.7.2/redfish/v1/AccountService
```
Succeeds with various values.
Enabled: Basic auth succeeds.
Disabled: Basic auth no longer works. AccountService reports "Disabled"
For HTTPBasicAuth status.
Change-Id: Ic417bf3cd4135f05ab34c8613c7fbce953157b03
Signed-off-by: Ravi Teja <raviteja28031990@gmail.com>
Signed-off-by: Ed Tanous <ed@tanous.net>
-rw-r--r-- | Redfish.md | 1 | ||||
-rw-r--r-- | redfish-core/lib/account_service.hpp | 33 |
2 files changed, 31 insertions, 3 deletions
diff --git a/Redfish.md b/Redfish.md index 91c2c01601..5e410ad616 100644 --- a/Redfish.md +++ b/Redfish.md @@ -58,6 +58,7 @@ Fields common to all schemas - AccountLockoutThreshold - Accounts - Description +- HTTPBasicAuth - LDAP - MaxPasswordLength - MinPasswordLength diff --git a/redfish-core/lib/account_service.hpp b/redfish-core/lib/account_service.hpp index 7df5d83ab2..aab116e6b1 100644 --- a/redfish-core/lib/account_service.hpp +++ b/redfish-core/lib/account_service.hpp @@ -1191,8 +1191,7 @@ inline void nlohmann::json& json = asyncResp->res.jsonValue; json["@odata.id"] = "/redfish/v1/AccountService"; - json["@odata.type"] = "#AccountService." - "v1_10_0.AccountService"; + json["@odata.type"] = "#AccountService.v1_15_0.AccountService"; json["Id"] = "AccountService"; json["Name"] = "Account Service"; json["Description"] = "Account Service"; @@ -1200,6 +1199,15 @@ inline void json["MaxPasswordLength"] = 20; json["Accounts"]["@odata.id"] = "/redfish/v1/AccountService/Accounts"; json["Roles"]["@odata.id"] = "/redfish/v1/AccountService/Roles"; + json["HTTPBasicAuth"] = authMethodsConfig.basic + ? account_service::BasicAuthState::Enabled + : account_service::BasicAuthState::Disabled; + + nlohmann::json::array_t allowed; + allowed.emplace_back(account_service::BasicAuthState::Enabled); + allowed.emplace_back(account_service::BasicAuthState::Disabled); + json["HTTPBasicAuth@AllowableValues"] = std::move(allowed); + json["Oem"]["OpenBMC"]["@odata.type"] = "#OpenBMCAccountService.v1_0_0.AccountService"; json["Oem"]["OpenBMC"]["@odata.id"] = @@ -1300,6 +1308,7 @@ inline void handleAccountServicePatch( LdapPatchParams ldapObject; LdapPatchParams activeDirectoryObject; AuthMethods auth; + std::optional<std::string> httpBasicAuth; // clang-format off if (!json_util::readJsonPatch( req, asyncResp->res, @@ -1329,12 +1338,30 @@ inline void handleAccountServicePatch( "Oem/OpenBMC/AuthMethods/Cookie", auth.cookie, "Oem/OpenBMC/AuthMethods/SessionToken", auth.sessionToken, "Oem/OpenBMC/AuthMethods/TLS", auth.tls, - "Oem/OpenBMC/AuthMethods/XToken", auth.xToken)) + "Oem/OpenBMC/AuthMethods/XToken", auth.xToken, + "HTTPBasicAuth", httpBasicAuth)) { return; } // clang-format on + if (httpBasicAuth) + { + if (*httpBasicAuth == "Enabled") + { + auth.basicAuth = true; + } + else if (*httpBasicAuth == "Disabled") + { + auth.basicAuth = false; + } + else + { + messages::propertyValueNotInList(asyncResp->res, "HttpBasicAuth", + *httpBasicAuth); + } + } + if (minPasswordLength) { setDbusProperty( |