diff options
Diffstat (limited to 'pkg/auth/mechanism.go')
-rw-r--r-- | pkg/auth/mechanism.go | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/pkg/auth/mechanism.go b/pkg/auth/mechanism.go new file mode 100644 index 0000000..8a28739 --- /dev/null +++ b/pkg/auth/mechanism.go @@ -0,0 +1,49 @@ +// Copyright (C) 2019 LEAP +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with this program. If not, see <http://www.gnu.org/licenses/>. + +package auth + +import ( + "0xacab.org/leap/vpnweb/pkg/auth/anon" + "0xacab.org/leap/vpnweb/pkg/auth/sip2" + "0xacab.org/leap/vpnweb/pkg/config" + "log" +) + +func GetAuthenticator(opts *config.Opts, skipConnect bool) Authenticator { + switch opts.Auth { + case anon.Label: + return anon.GetAuthenticator(opts, skipConnect) + case sip2.Label: + doAuthenticationChecks(opts) + return sip2.GetAuthenticator(opts, skipConnect) + default: + bailOnBadAuthModule(opts.Auth) + } + return nil +} + +func doAuthenticationChecks(opts *config.Opts) { + if opts.AuthSecret == "" { + log.Fatal("Need to provide an AuthSecret value for SIP Authentication") + } + if len(opts.AuthSecret) < 20 { + log.Fatal("Please provider an AuthSecret longer than 20 chars") + } +} + +func bailOnBadAuthModule(module string) { + log.Fatal("Unknown auth module: '", module, "'. Should be one of: ", sip2.Label, ", ", anon.Label, ".") +} |