Archives/falk-werner_webfuse
1
0
Fork 0
mirror of https://github.com/falk-werner/webfuse synced 2024-10-27 20:34:10 +00:00
Code Issues Releases Wiki Activity

allow to specify authentication token via command line or environment variable

Browse Source
This commit is contained in:
Falk Werner 2023-02-04 09:59:32 +01:00
parent b55ae45018
commit 97f4acb98e
2 changed files with 36 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
doc/webfuse_provider.md
View File

@ -15,6 +15,13 @@ Inject a remote filesystem via webfuse.
| -p | --path | path | path of local filesystem to inject (default: .) | | -p | --path | path | path of local filesystem to inject (default: .) |
| -u | --url | url | url of webfuse server | | -u | --url | url | url of webfuse server |
| -a | --ca-path | path | path of ca file | | -a | --ca-path | path | path of ca file |
| -t | --token | token | authentication token (overrides WEBFUSE_TOKEN) |
## Environment variables
| Variable | Description |
| -------- | ----------- |
| WEBFUSE_TOKEN | Default value of webfuse token |
## Examples ## Examples
@ -28,3 +35,5 @@ Inject a remote filesystem via webfuse.
`webfuse_provider -u wss://localhost/` `webfuse_provider -u wss://localhost/`
- inject current diectory via TLS using a specific ca: - inject current diectory via TLS using a specific ca:
`webfuse_provider -u wss://localhost/ -a /path/to/server-cert.pem` `webfuse_provider -u wss://localhost/ -a /path/to/server-cert.pem`
- inject current directory, authenticate via token:
`webfuse_provider -u wss://localhost/ -t my_token`

31
src/provider_main.cpp
View File

@ -8,6 +8,8 @@
#include <getopt.h> #include <getopt.h>
#include <csignal> #include <csignal>
#include <cstdlib>
#include <iostream> #include <iostream>
namespace namespace
@ -29,11 +31,18 @@ public:
, cmd(command::run) , cmd(command::run)
, exit_code() , exit_code()
{ {
char const * const webfuse_token = getenv("WEBFUSE_TOKEN");
if (nullptr != webfuse_token)
{
token = webfuse_token;
}
struct option const long_options[] = struct option const long_options[] =
{ {
{"path" , required_argument, nullptr, 'p'}, {"path" , required_argument, nullptr, 'p'},
{"url" , required_argument, nullptr, 'u'}, {"url" , required_argument, nullptr, 'u'},
{"ca-path", required_argument, nullptr, 'a'}, {"ca-path", required_argument, nullptr, 'a'},
{"token" , required_argument, nullptr, 't'},
{"version", no_argument , nullptr, 'v'}, {"version", no_argument , nullptr, 'v'},
{"help" , no_argument , nullptr, 'h'}, {"help" , no_argument , nullptr, 'h'},
{nullptr , 0 , nullptr, 0 } {nullptr , 0 , nullptr, 0 }
@ -45,7 +54,7 @@ public:
while (!finished) while (!finished)
{ {
int option_index = 0; int option_index = 0;
const int c = getopt_long(argc, argv, "p:u:a:vh", long_options, &option_index); const int c = getopt_long(argc, argv, "p:u:a:t:vh", long_options, &option_index);
switch (c) switch (c)
{ {
case -1: case -1:
@ -60,6 +69,9 @@ public:
case 'a': case 'a':
ca_path = optarg; ca_path = optarg;
break; break;
case 't':
token = optarg;
break;
case 'h': case 'h':
cmd = command::show_help; cmd = command::show_help;
break; break;
@ -86,6 +98,7 @@ public:
std::string base_path; std::string base_path;
std::string url; std::string url;
std::string ca_path; std::string ca_path;
std::string token;
command cmd; command cmd;
int exit_code; int exit_code;
}; };
@ -102,9 +115,17 @@ Options:
--url, -u set url of webfuse2 service --url, -u set url of webfuse2 service
--path, -p set path of directory to expose (default: .) --path, -p set path of directory to expose (default: .)
--ca-path, -a set path of ca file (default: not set) --ca-path, -a set path of ca file (default: not set)
--token, -t set authentication token (default: see below)
--version, -v print version and quit --version, -v print version and quit
--help, -h print this message and quit --help, -h print this message and quit
Authentication Token:
When requested by webfuse server, the authentication token
is determined as follows:
- if present, use contents of environment variable WEBFUSE_TOKEN
- else if specified, use the contents fo the -t option
- else query user for authentication token
Examples: Examples:
webfuse-provider -u ws://localhost:8080/ webfuse-provider -u ws://localhost:8080/
webfuse-provider -u ws://localhost:8080/ -p /some/directory webfuse-provider -u ws://localhost:8080/ -p /some/directory
@ -126,7 +147,8 @@ void on_signal(int _)
class filesystem: public webfuse::filesystem_i class filesystem: public webfuse::filesystem_i
{ {
public: public:
explicit filesystem(std::string const & base_path) filesystem(std::string const & base_path, std::string const & token)
: token_(token)
{ {
char buffer[PATH_MAX]; char buffer[PATH_MAX];
char * resolved_path = ::realpath(base_path.c_str(), buffer); char * resolved_path = ::realpath(base_path.c_str(), buffer);
@ -420,7 +442,7 @@ public:
std::string get_credentials() override std::string get_credentials() override
{ {
return getpass("credentials: "); return (!token_.empty()) ? token_ : getpass("credentials: ");
} }
@ -431,6 +453,7 @@ private:
} }
std::string base_path_; std::string base_path_;
std::string token_;
}; };
} }
@ -449,7 +472,7 @@ int main(int argc, char* argv[])
signal(SIGINT, &on_signal); signal(SIGINT, &on_signal);
signal(SIGTERM, &on_signal); signal(SIGTERM, &on_signal);
filesystem fs(ctx.base_path); filesystem fs(ctx.base_path, ctx.token);
webfuse::provider provider(fs, ctx.ca_path); webfuse::provider provider(fs, ctx.ca_path);
provider.set_connection_listener([](bool connected) { provider.set_connection_listener([](bool connected) {
if (!connected) if (!connected)