api: add list_domains

This commit is contained in:
Dietmar Maurer 2020-04-09 11:36:45 +02:00
parent 685e13347e
commit 708db4b3ae
3 changed files with 48 additions and 1 deletions

View File

@ -13,6 +13,7 @@ use crate::auth_helpers::*;
use crate::api2::types::*; use crate::api2::types::*;
pub mod user; pub mod user;
pub mod domain;
fn authenticate_user(username: &str, password: &str) -> Result<(), Error> { fn authenticate_user(username: &str, password: &str) -> Result<(), Error> {
@ -137,6 +138,7 @@ const SUBDIRS: SubdirMap = &[
"ticket", &Router::new() "ticket", &Router::new()
.post(&API_METHOD_CREATE_TICKET) .post(&API_METHOD_CREATE_TICKET)
), ),
("domains", &domain::ROUTER),
("users", &user::ROUTER), ("users", &user::ROUTER),
]; ];

42
src/api2/access/domain.rs Normal file
View File

@ -0,0 +1,42 @@
use failure::*;
use serde_json::{json, Value};
use proxmox::api::api;
use proxmox::api::router::Router;
use crate::api2::types::*;
#[api(
returns: {
description: "List of realms.",
type: Array,
items: {
type: Object,
description: "User configuration (without password).",
properties: {
realm: {
description: "Realm ID.",
type: String,
},
comment: {
schema: SINGLE_LINE_COMMENT_SCHEMA,
optional: true,
},
},
}
}
)]
/// Authentication domain/realm index.
///
/// Anyone can access this, because we need that list for the login
/// box (before the user is authenticated).
fn list_domains() -> Result<Value, Error> {
let mut list = Vec::new();
list.push(json!({ "realm": "pam", "comment": "Linux PAM standard authentication" }));
list.push(json!({ "realm": "pbs", "comment": "Proxmox Backup authentication server" }));
Ok(list.into())
}
pub const ROUTER: Router = Router::new()
.get(&API_METHOD_LIST_DOMAINS);

View File

@ -524,7 +524,10 @@ pub async fn handle_request(api: Arc<ApiConfig>, req: Request<Body>) -> Result<R
let mut uri_param = HashMap::new(); let mut uri_param = HashMap::new();
if comp_len == 4 && components[2] == "access" && components[3] == "ticket" { if comp_len == 4 && components[2] == "access" && (
(components[3] == "ticket" && method == hyper::Method::POST) ||
(components[3] == "domains" && method == hyper::Method::GET)
) {
// explicitly allow those calls without auth // explicitly allow those calls without auth
} else { } else {
let (ticket, token) = extract_auth_data(&parts.headers); let (ticket, token) = extract_auth_data(&parts.headers);