Add basic [LDAP] authentication and /token routes

lib/vmpooler/api/helpers.rb

@@ -4,6 +4,35 @@ module Vmpooler
 
     module Helpers
 
+      def authenticate(auth, username_str, password_str)
+        case auth['provider']
+          when 'ldap'
+            require 'rubygems'
+            require 'net/ldap'
+
+            ldap = Net::LDAP.new(
+              :host => auth[:ldap]['host'],
+              :port => auth[:ldap]['port'] || 389,
+              :encryption => {
+                :method => :start_tls,
+                :tls_options => { :ssl_version => 'TLSv1' }
+              },
+              :base => auth[:ldap]['base'],
+              :auth => {
+                :method => :simple,
+                :username => "#{auth[:ldap]['user_object']}=#{username_str},#{auth[:ldap]['base']}",
+                :password => password_str
+              }
+            )
+
+            if ldap.bind
+              return true
+            end
+        end
+
+        return false
+      end
+
       def mean(list)
         s = list.map(&:to_f).reduce(:+).to_f
         (s > 0 && list.length > 0) ? s / list.length.to_f : 0

lib/vmpooler/api/reroute.rb

@@ -11,6 +11,18 @@ module Vmpooler
       call env.merge("PATH_INFO" => "/api/v#{api_version}/summary")
     end
 
+    post '/token/?' do
+      call env.merge("PATH_INFO" => "/api/v#{api_version}/token")
+    end
+
+    get '/token/:token/?' do
+      call env.merge("PATH_INFO" => "/api/v#{api_version}/token/#{params[:token]}")
+    end
+
+    delete '/token/:token/?' do
+      call env.merge("PATH_INFO" => "/api/v#{api_version}/token/#{params[:token]}")
+    end
+
     get '/vm/?' do
       call env.merge("PATH_INFO" => "/api/v#{api_version}/vm")
     end

lib/vmpooler/api/v1.rb

@@ -173,6 +173,72 @@ module Vmpooler
       JSON.pretty_generate(result)
     end
 
+    get "#{api_prefix}/token/:token/?" do
+      content_type :json
+
+      result = {}
+
+      Vmpooler::API.settings.config[:auth] ? status(401) : status(404)
+      result['ok'] = false
+
+      if Vmpooler::API.settings.config[:auth] and Vmpooler::API.settings.redis.exists('vmpooler__token__' + params[:token])
+        status(200)
+        result['ok'] = true
+
+        result[params[:token]] = Vmpooler::API.settings.redis.hgetall('vmpooler__token__' + params[:token])        
+      end
+
+      JSON.pretty_generate(result)
+    end
+
+    delete "#{api_prefix}/token/:token/?" do
+      content_type :json
+
+      result = {}
+
+      Vmpooler::API.settings.config[:auth] ? status(401) : status(404)
+      result['ok'] = false
+
+      if Vmpooler::API.settings.config[:auth] and Vmpooler::API.settings.redis.exists('vmpooler__token__' + params[:token])
+        status(200)
+        result['ok'] = true
+
+        Vmpooler::API.settings.redis.del('vmpooler__token__' + params[:token])
+      end
+
+      JSON.pretty_generate(result)
+    end
+
+    post "#{api_prefix}/token" do
+      content_type :json
+
+      result = {}
+
+      Vmpooler::API.settings.config[:auth] ? status(401) : status(404)
+      result['ok'] = false
+
+      jdata = JSON.parse(request.body.read)
+
+      if Vmpooler::API.settings.config[:auth] and jdata['username'] and jdata['password']
+        if authenticate(
+          Vmpooler::API.settings.config[:auth],
+          jdata['username'].to_s,
+          jdata['password'].to_s
+        )
+          status(200)
+          result['ok'] = true
+
+          o = [('a'..'z'), ('0'..'9')].map(&:to_a).flatten
+          result['token'] = o[rand(25)] + (0...31).map { o[rand(o.length)] }.join
+
+          Vmpooler::API.settings.redis.hset('vmpooler__token__' + result['token'], 'user', jdata['username'].to_s)
+          Vmpooler::API.settings.redis.hset('vmpooler__token__' + result['token'], 'timestamp', Time.now)
+        end
+      end
+
+      JSON.pretty_generate(result)
+    end
+
     get "#{api_prefix}/vm/?" do
       content_type :json