Remove the last couple uses of json get<>
... and replace with the nothrow equivalent of get_ptr
Change-Id: I2d2b83f757d06e8b088e62c6474003ca5cd53de5
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
diff --git a/include/token_authorization_middleware.hpp b/include/token_authorization_middleware.hpp
index 7497b43..a5c3ef8 100644
--- a/include/token_authorization_middleware.hpp
+++ b/include/token_authorization_middleware.hpp
@@ -199,13 +199,17 @@
content_type = content_type_it->second;
boost::algorithm::to_lower(content_type);
}
- std::string username;
- std::string password;
+ const std::string* username;
+ const std::string* password;
bool looks_like_ibm = false;
+
+
+ // This object needs to be declared at this scope so the strings within
+ // it are not destroyed before we can use them
+ nlohmann::json login_credentials;
// Check if auth was provided by a payload
if (content_type == "application/json") {
- auto login_credentials =
- nlohmann::json::parse(req.body, nullptr, false);
+ login_credentials = nlohmann::json::parse(req.body, nullptr, false);
if (login_credentials.is_discarded()) {
res.code = 400;
res.end();
@@ -217,8 +221,8 @@
auto pass_it = login_credentials.find("password");
if (user_it != login_credentials.end() &&
pass_it != login_credentials.end()) {
- username = user_it->get<const std::string>();
- password = pass_it->get<const std::string>();
+ username = user_it->get_ptr<const std::string*>();
+ password = pass_it->get_ptr<const std::string*>();
} else {
// Openbmc appears to push a data object that contains the same
// keys (username and password), attempt to use that
@@ -228,16 +232,16 @@
// "password"]
if (data_it->is_array()) {
if (data_it->size() == 2) {
- username = (*data_it)[0].get<const std::string>();
- password = (*data_it)[1].get<const std::string>();
+ username = (*data_it)[0].get_ptr<const std::string*>();
+ password = (*data_it)[1].get_ptr<const std::string*>();
looks_like_ibm = true;
}
} else if (data_it->is_object()) {
auto user_it = data_it->find("username");
auto pass_it = data_it->find("password");
if (user_it != data_it->end() && pass_it != data_it->end()) {
- username = user_it->get<const std::string>();
- password = pass_it->get<const std::string>();
+ username = user_it->get_ptr<const std::string*>();
+ password = pass_it->get_ptr<const std::string*>();
}
}
}
@@ -247,23 +251,24 @@
auto user_it = req.headers.find("username");
auto pass_it = req.headers.find("password");
if (user_it != req.headers.end() && pass_it != req.headers.end()) {
- username = user_it->second;
- password = pass_it->second;
+ username = &user_it->second;
+ password = &pass_it->second;
}
}
- if (!username.empty() && !password.empty()) {
- if (!pam_authenticate_user(username, password)) {
+ if (username != nullptr && !username->empty() && password != nullptr &&
+ !password->empty()) {
+ if (!pam_authenticate_user(*username, *password)) {
res.code = res.code = static_cast<int>(HttpRespCode::UNAUTHORIZED);
} else {
auto& session =
- PersistentData::session_store->generate_user_session(username);
+ PersistentData::session_store->generate_user_session(*username);
if (looks_like_ibm) {
// IBM requires a very specific login structure, and doesn't
// actually look at the status code. TODO(ed).... Fix that
// upstream
- nlohmann::json ret{{"data", "User '" + username + "' logged in"},
+ nlohmann::json ret{{"data", "User '" + *username + "' logged in"},
{"message", "200 OK"},
{"status", "ok"}};
res.add_header("Set-Cookie", "XSRF-TOKEN=" + session.csrf_token);
@@ -301,5 +306,5 @@
});
}
-} // namespaec TokenAuthorization
+} // namespace TokenAuthorization
} // namespace crow