forked from moriyoshi/s3-sftp-proxy
-
Notifications
You must be signed in to change notification settings - Fork 0
/
user.go
102 lines (92 loc) · 2.38 KB
/
user.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
package main
import (
"fmt"
"github.com/pkg/errors"
"golang.org/x/crypto/ssh"
"io/ioutil"
)
type User struct {
Name string
Password string
PublicKeys []ssh.PublicKey
}
type UserStore struct {
Name string
Users []*User
usersMap map[string]*User
}
type UserStores map[string]UserStore
func (us *UserStore) Add(u *User) {
us.Users = append(us.Users, u)
us.usersMap[u.Name] = u
}
func (us *UserStore) Lookup(name string) *User {
u, _ := us.usersMap[name]
return u
}
func parseAuthorizedKeys(pubKeys []ssh.PublicKey, pubKeyFileContent []byte) ([]ssh.PublicKey, error) {
for len(pubKeyFileContent) > 0 {
var pubKey ssh.PublicKey
var err error
pubKey, _, _, pubKeyFileContent, err = ssh.ParseAuthorizedKey(pubKeyFileContent)
if err != nil {
return pubKeys, err
}
pubKeys = append(pubKeys, pubKey)
}
return pubKeys, nil
}
func buildUsersFromAuthConfigInplace(users []*User, aCfg *AuthConfig) ([]*User, error) {
for name, params := range aCfg.Users {
var pubKeys []ssh.PublicKey
if params.PublicKeys != "" {
var err error
pubKeys, err = parseAuthorizedKeys(pubKeys, []byte(params.PublicKeys))
if err != nil {
return users, errors.Wrapf(err, `user "%s"`, name)
}
}
if params.PublicKeyFile != "" {
var err error
pubKeysFileContent, err := ioutil.ReadFile(params.PublicKeyFile)
if err != nil {
return users, errors.Wrapf(err, `user "%s"`, name)
}
pubKeys, err = parseAuthorizedKeys(pubKeys, pubKeysFileContent)
if err != nil {
return users, errors.Wrapf(err, `user "%s"`, name)
}
}
users = append(users, &User{
Name: name,
Password: params.Password,
PublicKeys: pubKeys,
})
}
return users, nil
}
func buildUsersFromAuthConfig(users []*User, aCfg *AuthConfig) ([]*User, error) {
switch aCfg.Type {
case "inplace":
return buildUsersFromAuthConfigInplace(users, aCfg)
default:
return users, fmt.Errorf("unknown auth config type: %s", aCfg.Type)
}
}
func NewUserStoresFromConfig(cfg *S3SFTPProxyConfig) (UserStores, error) {
uStores := UserStores{}
for name, aCfg := range cfg.AuthConfigs {
var err error
var users []*User
users, err = buildUsersFromAuthConfig(users, aCfg)
if err != nil {
return nil, err
}
usersMap := map[string]*User{}
for _, u := range users {
usersMap[u.Name] = u
}
uStores[name] = UserStore{Name: name, Users: users, usersMap: usersMap}
}
return uStores, nil
}