1{
2    This file is part of the Free Pascal run time library.
3    Copyright (c) 2019 by the Free Pascal development team
4
5    SQLDB REST bridge : HTTP authorization
6
7    See the file COPYING.FPC, included in this distribution,
8    for details about the copyright.
9
10    This program is distributed in the hope that it will be useful,
11    but WITHOUT ANY WARRANTY; without even the implied warranty of
12    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
13
14 **********************************************************************}
15unit sqldbrestauthini;
16
17{$mode objfpc}{$H+}
18
19interface
20
21uses
22  Classes, SysUtils, sqldbrestauth, inifiles;
23
24Type
25  TBasicAuthIniOption = (baoClearOnRead,      // Clear values first
26                         baoSkipPassword,     // Do not save/load password
27                         baoSkipMaskPassword, // do not mask the password
28                         baoUserNameAsMask    // use the username as mask for password
29                         );
30  TBasicAuthIniOptions = Set of TBasicAuthIniOption;
31
32  TSQLDBRestBasicAuthHelper = class helper for TRestBasicAuthenticator
33  Private
34    Procedure ClearValues;
35  Public
36    Procedure LoadFromIni(Const aIni: TCustomIniFile; aOptions : TBasicAuthIniOptions = []); overload;
37    Procedure LoadFromIni(Const aIni: TCustomIniFile; ASection : String; aOptions : TBasicAuthIniOptions); overload;
38    Procedure LoadFromFile(Const aFileName : String; aOptions : TBasicAuthIniOptions = []); overload;
39    Procedure LoadFromFile(Const aFileName : String; Const ASection : String; aOptions : TBasicAuthIniOptions); overload;
40    Procedure SaveToFile(Const aFileName : String; aOptions : TBasicAuthIniOptions = []);overload;
41    Procedure SaveToFile(Const aFileName : String; Const ASection : String; aOptions : TBasicAuthIniOptions = []);overload;
42    Procedure SaveToIni(Const aIni: TCustomIniFile; aOptions : TBasicAuthIniOptions = []); overload;
43    Procedure SaveToIni(Const aIni: TCustomIniFile; ASection : String; aOptions : TBasicAuthIniOptions); overload;
44  end;
45
46Var
47  DefaultBasicAuthSection : String = 'BasicAuth';
48  TrivialEncryptKey : String = 'SQLDBAuth';
49
50Function BasicAuthIniOptionsToStr(Options: TBasicAuthIniOptions): String;
51Function StrToBasicAuthIniOptions(S : String) : TBasicAuthIniOptions;
52
53implementation
54
55uses typinfo,strutils;
56
57Function BasicAuthIniOptionsToStr(Options: TBasicAuthIniOptions): String;
58
59begin
60  Result:=SetToString(PTypeInfo(TypeInfo(TBasicAuthIniOptions)),Integer(Options),false);
61end;
62
63Function StrToBasicAuthIniOptions(S : String) : TBasicAuthIniOptions;
64
65var
66  i : integer;
67begin
68  I:=StringToSet(PTypeInfo(TypeInfo(TBasicAuthIniOptions)),S);
69  Result:=TBasicAuthIniOptions(I);
70end;
71
72
73{ TSQLDBRestBasicAuthHelper }
74
75Const
76  KeyUserID = 'UserID';
77  KeyUserName = 'UserName';
78  KeyPassword = 'Password';
79  KeyRealm = 'Realm';
80  KeySQL = 'SQL';
81
82
83
84procedure TSQLDBRestBasicAuthHelper.ClearValues;
85begin
86  DefaultUserID:='';
87  DefaultUserName:='';
88  DefaultPassword:='';
89  AuthenticateUserSQL.Clear;
90  AuthenticationRealm:='';
91end;
92
93procedure TSQLDBRestBasicAuthHelper.LoadFromIni(const aIni: TCustomIniFile; ASection: String; aOptions: TBasicAuthIniOptions);
94
95Var
96  M,P : String;
97begin
98  With aIni do
99    begin
100    if (baoClearOnRead in aOptions) then
101       ClearValues;
102    DefaultUserName:=ReadString(ASection,KeyUserName,DefaultUserName);
103    DefaultUserID:=ReadString(ASection,KeyUserID,DefaultUserID);
104    AuthenticationRealm:=ReadString(ASection,KeyRealm,AuthenticationRealm);
105    AuthenticateUserSQL.StrictDelimiter:=True;
106    AuthenticateUserSQL.Delimiter:='&';
107    AuthenticateUserSQL.DelimitedText:=ReadString(ASection,KeySQL,AuthenticateUserSQL.DelimitedText);
108    // optional parts
109    if not (baoSkipPassword in aOptions) then
110      begin
111      if baoSkipMaskPassword in aOptions then
112        P:=ReadString(ASection,KeyPassword,DefaultPassword)
113      else
114        begin
115        P:=ReadString(ASection,KeyPassword,'');
116        if (P<>'') then
117          begin
118          if baoUserNameAsMask in aOptions then
119            M:=DefaultUserName
120          else
121            M:=TrivialEncryptKey;
122          P:=XorDecode(M,P);
123          end;
124        end;
125      DefaultPassword:=P;
126      end;
127    end;
128end;
129
130procedure TSQLDBRestBasicAuthHelper.LoadFromIni(const aIni: TCustomIniFile; aOptions: TBasicAuthIniOptions);
131begin
132  LoadFromIni(aIni,DefaultBasicAuthSection,aOptions);
133end;
134
135procedure TSQLDBRestBasicAuthHelper.LoadFromFile(const aFileName: String; aOptions: TBasicAuthIniOptions);
136
137
138begin
139  Loadfromfile(aFileName,DefaultBasicAuthSection,aOptions);
140end;
141
142procedure TSQLDBRestBasicAuthHelper.LoadFromFile(const aFileName: String; const ASection: String; aOptions: TBasicAuthIniOptions);
143
144Var
145  Ini : TCustomIniFile;
146
147begin
148  Ini:=TMeminiFile.Create(aFileName);
149  try
150    LoadFromIni(Ini,aSection,aOptions);
151  finally
152    Ini.Free;
153  end;
154end;
155
156procedure TSQLDBRestBasicAuthHelper.SaveToFile(const aFileName: String; aOptions: TBasicAuthIniOptions);
157begin
158  SaveToFile(aFileName,DefaultBasicAuthSection,aOptions);
159end;
160
161procedure TSQLDBRestBasicAuthHelper.SaveToFile(const aFileName: String; const ASection: String; aOptions: TBasicAuthIniOptions);
162Var
163  Ini : TCustomIniFile;
164
165begin
166  Ini:=TMeminiFile.Create(aFileName);
167  try
168    SaveToini(Ini,aSection,aOptions);
169    Ini.UpdateFile;
170  finally
171    Ini.Free;
172  end;
173end;
174
175procedure TSQLDBRestBasicAuthHelper.SaveToIni(const aIni: TCustomIniFile; aOptions: TBasicAuthIniOptions);
176begin
177  SaveToIni(aIni,DefaultBasicAuthSection,aOptions);
178end;
179
180procedure TSQLDBRestBasicAuthHelper.SaveToIni(const aIni: TCustomIniFile; ASection: String; aOptions: TBasicAuthIniOptions);
181
182Var
183  M,P : String;
184
185begin
186  With aIni do
187    begin
188    WriteString(ASection,KeyUserName,DefaultUserName);
189    WriteString(ASection,KeyUserID,DefaultUserID);
190    WriteString(ASection,KeyRealm,AuthenticationRealm);
191    AuthenticateUserSQL.StrictDelimiter:=True;
192    AuthenticateUserSQL.Delimiter:='&';
193    WriteString(ASection,KeySQL,AuthenticateUserSQL.DelimitedText);
194    if not (baoSkipPassword in aOptions) then
195      begin
196      P:=DefaultPassword;
197      if Not (baoSkipMaskPassword in aOptions) then
198        begin
199        if baoUserNameAsMask in aOptions then
200          M:=DefaultUserName
201        else
202          M:=TrivialEncryptKey;
203        P:=XorEncode(M,P);
204        end;
205      WriteString(ASection,KeyPassword,P);
206      end;
207    end;
208end;
209
210end.
211
212