~emersion/soju-dev

auth/pam: allow specifying PAM service name as driver param v1 SUPERSEDED

Siva Mahadevan: 1
 auth/pam: allow specifying PAM service name as driver param

 4 files changed, 13 insertions(+), 7 deletions(-)
Export patchset (mbox)
How do I use this?

Copy & paste the following snippet into your terminal to import this patchset into git:

curl -s https://lists.sr.ht/~emersion/soju-dev/patches/52361/mbox | git am -3
Learn more about email & git

[PATCH] auth/pam: allow specifying PAM service name as driver param Export this patch

---
Ideally, I'd actually like to use "soju" as the default service name as do most
third-party applications supporting PAM. However, I'm keeping it as "login" to
avoid a breaking change to the configuration.

 auth/auth.go     |  2 +-
 auth/pam.go      | 11 ++++++++---
 auth/pam_stub.go |  2 +-
 doc/soju.1.scd   |  5 +++--
 4 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/auth/auth.go b/auth/auth.go
index 188e149..39b4f8c 100644
--- a/auth/auth.go
+++ b/auth/auth.go
@@ -24,7 +24,7 @@ func New(driver, source string) (Authenticator, error) {
	case "oauth2":
		return newOAuth2(source)
	case "pam":
		return newPAM()
		return newPAM(source)
	default:
		return nil, fmt.Errorf("unknown auth driver %q", driver)
	}
diff --git a/auth/pam.go b/auth/pam.go
index a7f3663..071142b 100644
--- a/auth/pam.go
+++ b/auth/pam.go
@@ -11,14 +11,19 @@ import (
	"git.sr.ht/~emersion/soju/database"
)

type pamAuth struct{}
type pamAuth struct {
	service string
}

var (
	_ PlainAuthenticator = (*pamAuth)(nil)
)

func newPAM() (Authenticator, error) {
	return pamAuth{}, nil
func newPAM(service string) (Authenticator, error) {
	if service == "" {
		service = "login"
	}
	return pamAuth{service}, nil
}

func (pamAuth) AuthPlain(ctx context.Context, db database.Database, username, password string) error {
diff --git a/auth/pam_stub.go b/auth/pam_stub.go
index 92b12cd..e0ce96f 100644
--- a/auth/pam_stub.go
+++ b/auth/pam_stub.go
@@ -6,6 +6,6 @@ import (
	"errors"
)

func newPAM() (Authenticator, error) {
func newPAM(service string) (Authenticator, error) {
	return nil, errors.New("PAM support is disabled")
}
diff --git a/doc/soju.1.scd b/doc/soju.1.scd
index f06d5f8..a4ea35b 100644
--- a/doc/soju.1.scd
+++ b/doc/soju.1.scd
@@ -235,8 +235,9 @@ The following directives are supported:
		and password in the URL. The authorization server must support OAuth 2.0
		Authorization Server Metadata (RFC 8414) and OAuth 2.0 Token
		Introspection (RFC 7662).
	*auth pam*
		Use PAM authentication.
	*auth pam* [service]
		Use PAM authentication. The service name is optional and defaults to
		"login".

# IRC SERVICE

-- 
2.45.1