AccountService: Add HTTPBasicAuth support
This commit adds HTTPBasicAuth Get/Patch support
Tested By:
Redfish service validator passes.
```
curl -k --user "root:0penBmc" -H "Content-Type: application/json" -X PATCH -d '{"HTTPBasicAuth":"Enabled"}' https://192.168.7.2/redfish/v1/AccountService
```
Succeeds with various values.
Enabled: Basic auth succeeds.
Disabled: Basic auth no longer works. AccountService reports "Disabled"
For HTTPBasicAuth status.
Change-Id: Ic417bf3cd4135f05ab34c8613c7fbce953157b03
Signed-off-by: Ravi Teja <raviteja28031990@gmail.com>
Signed-off-by: Ed Tanous <ed@tanous.net>
diff --git a/Redfish.md b/Redfish.md
index 91c2c01..5e410ad 100644
--- a/Redfish.md
+++ b/Redfish.md
@@ -58,6 +58,7 @@
- AccountLockoutThreshold
- Accounts
- Description
+- HTTPBasicAuth
- LDAP
- MaxPasswordLength
- MinPasswordLength
diff --git a/redfish-core/lib/account_service.hpp b/redfish-core/lib/account_service.hpp
index 7df5d83..aab116e 100644
--- a/redfish-core/lib/account_service.hpp
+++ b/redfish-core/lib/account_service.hpp
@@ -1191,8 +1191,7 @@
nlohmann::json& json = asyncResp->res.jsonValue;
json["@odata.id"] = "/redfish/v1/AccountService";
- json["@odata.type"] = "#AccountService."
- "v1_10_0.AccountService";
+ json["@odata.type"] = "#AccountService.v1_15_0.AccountService";
json["Id"] = "AccountService";
json["Name"] = "Account Service";
json["Description"] = "Account Service";
@@ -1200,6 +1199,15 @@
json["MaxPasswordLength"] = 20;
json["Accounts"]["@odata.id"] = "/redfish/v1/AccountService/Accounts";
json["Roles"]["@odata.id"] = "/redfish/v1/AccountService/Roles";
+ json["HTTPBasicAuth"] = authMethodsConfig.basic
+ ? account_service::BasicAuthState::Enabled
+ : account_service::BasicAuthState::Disabled;
+
+ nlohmann::json::array_t allowed;
+ allowed.emplace_back(account_service::BasicAuthState::Enabled);
+ allowed.emplace_back(account_service::BasicAuthState::Disabled);
+ json["HTTPBasicAuth@AllowableValues"] = std::move(allowed);
+
json["Oem"]["OpenBMC"]["@odata.type"] =
"#OpenBMCAccountService.v1_0_0.AccountService";
json["Oem"]["OpenBMC"]["@odata.id"] =
@@ -1300,6 +1308,7 @@
LdapPatchParams ldapObject;
LdapPatchParams activeDirectoryObject;
AuthMethods auth;
+ std::optional<std::string> httpBasicAuth;
// clang-format off
if (!json_util::readJsonPatch(
req, asyncResp->res,
@@ -1329,12 +1338,30 @@
"Oem/OpenBMC/AuthMethods/Cookie", auth.cookie,
"Oem/OpenBMC/AuthMethods/SessionToken", auth.sessionToken,
"Oem/OpenBMC/AuthMethods/TLS", auth.tls,
- "Oem/OpenBMC/AuthMethods/XToken", auth.xToken))
+ "Oem/OpenBMC/AuthMethods/XToken", auth.xToken,
+ "HTTPBasicAuth", httpBasicAuth))
{
return;
}
// clang-format on
+ if (httpBasicAuth)
+ {
+ if (*httpBasicAuth == "Enabled")
+ {
+ auth.basicAuth = true;
+ }
+ else if (*httpBasicAuth == "Disabled")
+ {
+ auth.basicAuth = false;
+ }
+ else
+ {
+ messages::propertyValueNotInList(asyncResp->res, "HttpBasicAuth",
+ *httpBasicAuth);
+ }
+ }
+
if (minPasswordLength)
{
setDbusProperty(