aljaz/addons
1
0
Fork 0
mirror of https://github.com/aljazceru/addons.git synced 2025-12-17 21:24:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
ec7b51fb96cebd430a3c703ed8171c02be2790aa
addons/mosquitto/data/auth_srv.sh
Pascal Vizeli 6af0f83c55 Mqtt update (#620) 
* Update Mosquitto / Auth plugin

* file

* extract auth plugin builder

* fix arm

* fix build

* Fix multiarch build

* cleanup

* test

* Use own plugin

* cleanup config handling

* Fix startup

* revert bashio config

* fix error

* Update CHANGELOG.md

* cleanup
2019-07-01 15:37:53 +02:00

118 lines
2.6 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# shellcheck disable=SC2244,SC1117
set -e
CONFIG_PATH=/data/options.json
SYSTEM_USER=/data/system_user.json
REQUEST=()
REQUEST_BODY=""
declare -A LOCAL_DB
## Functions
function http_ok() {
echo -e "HTTP/1.1 200 OK\n"
exit 0
}
function http_error() {
echo -e "HTTP/1.1 400 Bad Request\n"
exit 0
}
function create_userdb() {
local logins=0
local username=""
local password=""
local hass_pw=""
local addons_pw=""
logins=$(jq --raw-output '.logins | length' $CONFIG_PATH)
for (( i=0; i < "$logins"; i++ )); do
username="$(jq --raw-output ".logins[$i].username" $CONFIG_PATH)"
password="$(jq --raw-output ".logins[$i].password" $CONFIG_PATH)"
LOCAL_DB["${username}"]="${password}"
done
# Add system user to DB
hass_pw=$(jq --raw-output '.homeassistant.password' $SYSTEM_USER)
addons_pw=$(jq --raw-output '.addons.password' $SYSTEM_USER)
LOCAL_DB['homeassistant']="${hass_pw}"
LOCAL_DB['addons']="${addons_pw}"
}
function read_request() {
local content_length=0
while read -r line; do
line="${line%%[[:cntrl:]]}"
if [[ "${line}" =~ Content-Length ]]; then
content_length="${line//[!0-9]/}"
fi
if [ -z "$line" ]; then
if [ "${content_length}" -gt 0 ]; then
read -r -n "${content_length}" REQUEST_BODY
fi
break
fi
REQUEST+=("$line")
done
}
function get_var() {
local variable=$1
local value=""
urldecode() { : "${*//+/ }"; echo -e "${_//%/\\x}"; }
# shellcheck disable=SC2001
value="$(echo "$REQUEST_BODY" | sed "s/.*$variable=\([^&]*\).*/\1/g")"
urldecode "${value}"
}
## MAIN ##
read_request
# This feature currently not implemented, we response with 200
if [[ "${REQUEST[0]}" =~ /superuser ]] || [[ "${REQUEST[0]}" =~ /acl ]]; then
http_ok
fi
# We read now the user data
create_userdb
username="$(get_var username)"
password="$(get_var password)"
# If local user
if [ "${LOCAL_DB["${username}"]}" == "${password}" ]; then
echo "[INFO] found ${username} on local database" >&2
http_ok
elif [ ${LOCAL_DB["${username}"]+_} ]; then
echo "[WARN] Not found ${username} on local database" >&2
http_error
fi
# Ask HomeAssistant Auth
auth_header="X-Hassio-Key: ${HASSIO_TOKEN}"
content_type="Content-Type: application/x-www-form-urlencoded"
if curl -s -f -X POST -d "${REQUEST_BODY}" -H "${content_type}" -H "${auth_header}" http://hassio/auth > /dev/null; then
echo "[INFO] found ${username} on Home Assistant" >&2
http_ok
fi
echo "[ERROR] Auth error with ${username}" >&2
http_error
Reference in New Issue View Git Blame Copy Permalink