1 files changed, 508 insertions, 0 deletions
diff --git a/src/polkitmateauthenticator.c b/src/polkitmateauthenticator.c
new file mode 100644
index 0000000..11d28d2
--- /dev/null
+++ b/src/polkitmateauthenticator.c
@@ -0,0 +1,508 @@
+/*
+ * Copyright (C) 2009 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ * Boston, MA 02110-1301, USA.
+ *
+ * Author: David Zeuthen <[email protected]>
+ */
+
+
+#include "config.h"
+
+#include <string.h>
+#include <sys/types.h>
+#include <pwd.h>
+#include <glib/gi18n.h>
+
+#include <polkit/polkit.h>
+#include <polkitagent/polkitagent.h>
+
+#include "polkitmateauthenticator.h"
+#include "polkitmateauthenticationdialog.h"
+
+struct _PolkitMateAuthenticator
+{
+ GObject parent_instance;
+
+ PolkitAuthority *authority;
+ gchar *action_id;
+ gchar *message;
+ gchar *icon_name;
+ PolkitDetails *details;
+ gchar *cookie;
+ GList *identities;
+
+ PolkitActionDescription *action_desc;
+ gchar **users;
+
+ gboolean gained_authorization;
+ gboolean was_cancelled;
+ gboolean new_user_selected;
+ gchar *selected_user;
+
+ PolkitAgentSession *session;
+ GtkWidget *dialog;
+ GMainLoop *loop;
+};
+
+struct _PolkitMateAuthenticatorClass
+{
+ GObjectClass parent_class;
+
+};
+
+enum
+{
+ COMPLETED_SIGNAL,
+ LAST_SIGNAL,
+};
+
+static guint signals[LAST_SIGNAL] = {0};
+
+G_DEFINE_TYPE (PolkitMateAuthenticator, polkit_mate_authenticator, G_TYPE_OBJECT);
+
+static void
+polkit_mate_authenticator_init (PolkitMateAuthenticator *authenticator)
+{
+}
+
+static void
+polkit_mate_authenticator_finalize (GObject *object)
+{
+ PolkitMateAuthenticator *authenticator;
+
+ authenticator = POLKIT_MATE_AUTHENTICATOR (object);
+
+ if (authenticator->authority != NULL)
+ g_object_unref (authenticator->authority);
+ g_free (authenticator->action_id);
+ g_free (authenticator->message);
+ g_free (authenticator->icon_name);
+ if (authenticator->details != NULL)
+ g_object_unref (authenticator->details);
+ g_free (authenticator->cookie);
+ g_list_foreach (authenticator->identities, (GFunc) g_object_unref, NULL);
+ g_list_free (authenticator->identities);
+
+ if (authenticator->action_desc != NULL)
+ g_object_unref (authenticator->action_desc);
+ g_strfreev (authenticator->users);
+
+ g_free (authenticator->selected_user);
+ if (authenticator->session != NULL)
+ g_object_unref (authenticator->session);
+ if (authenticator->dialog != NULL)
+ gtk_widget_destroy (authenticator->dialog);
+ if (authenticator->loop != NULL)
+ g_main_loop_unref (authenticator->loop);
+
+ if (G_OBJECT_CLASS (polkit_mate_authenticator_parent_class)->finalize != NULL)
+ G_OBJECT_CLASS (polkit_mate_authenticator_parent_class)->finalize (object);
+}
+
+static void
+polkit_mate_authenticator_class_init (PolkitMateAuthenticatorClass *klass)
+{
+ GObjectClass *gobject_class;
+
+ gobject_class = G_OBJECT_CLASS (klass);
+
+ gobject_class->finalize = polkit_mate_authenticator_finalize;
+
+ /**
+ * PolkitMateAuthenticator::completed:
+ * @authenticator: A #PolkitMateAuthenticator.
+ * @gained_authorization: Whether the authorization was gained.
+ *
+ * Emitted when the authentication is completed. The user is supposed to dispose of @authenticator
+ * upon receiving this signal.
+ **/
+ signals[COMPLETED_SIGNAL] = g_signal_new ("completed",
+ POLKIT_MATE_TYPE_AUTHENTICATOR,
+ G_SIGNAL_RUN_LAST,
+ 0, /* class offset */
+ NULL, /* accumulator */
+ NULL, /* accumulator data */
+ g_cclosure_marshal_VOID__BOOLEAN,
+ G_TYPE_NONE,
+ 1,
+ G_TYPE_BOOLEAN);
+}
+
+static PolkitActionDescription *
+get_desc_for_action (PolkitAuthority *authority,
+ const gchar *action_id)
+{
+ GList *action_descs;
+ GList *l;
+ PolkitActionDescription *result;
+
+ result = NULL;
+
+ action_descs = polkit_authority_enumerate_actions_sync (authority,
+ NULL,
+ NULL);
+ for (l = action_descs; l != NULL; l = l->next)
+ {
+ PolkitActionDescription *action_desc = POLKIT_ACTION_DESCRIPTION (l->data);
+
+ if (strcmp (polkit_action_description_get_action_id (action_desc), action_id) == 0)
+ {
+ result = g_object_ref (action_desc);
+ goto out;
+ }
+ }
+
+ out:
+
+ g_list_foreach (action_descs, (GFunc) g_object_unref, NULL);
+ g_list_free (action_descs);
+
+ return result;
+}
+
+static void
+on_dialog_deleted (GtkWidget *widget,
+ GdkEvent *event,
+ gpointer user_data)
+{
+ PolkitMateAuthenticator *authenticator = POLKIT_MATE_AUTHENTICATOR (user_data);
+
+ polkit_mate_authenticator_cancel (authenticator);
+}
+
+static void
+on_user_selected (GObject *object,
+ GParamSpec *pspec,
+ gpointer user_data)
+{
+ PolkitMateAuthenticator *authenticator = POLKIT_MATE_AUTHENTICATOR (user_data);
+
+ /* clear any previous messages */
+ polkit_mate_authentication_dialog_set_info_message (POLKIT_MATE_AUTHENTICATION_DIALOG (authenticator->dialog), "");
+
+ polkit_mate_authenticator_cancel (authenticator);
+ authenticator->new_user_selected = TRUE;
+}
+
+PolkitMateAuthenticator *
+polkit_mate_authenticator_new (const gchar *action_id,
+ const gchar *message,
+ const gchar *icon_name,
+ PolkitDetails *details,
+ const gchar *cookie,
+ GList *identities)
+{
+ PolkitMateAuthenticator *authenticator;
+ GList *l;
+ guint n;
+ GError *error;
+
+ authenticator = POLKIT_MATE_AUTHENTICATOR (g_object_new (POLKIT_MATE_TYPE_AUTHENTICATOR, NULL));
+
+ error = NULL;
+ authenticator->authority = polkit_authority_get_sync (NULL /* GCancellable* */, &error);
+ if (authenticator->authority == NULL)
+ {
+ g_critical ("Error getting authority: %s", error->message);
+ g_error_free (error);
+ goto error;
+ }
+
+ authenticator->action_id = g_strdup (action_id);
+ authenticator->message = g_strdup (message);
+ authenticator->icon_name = g_strdup (icon_name);
+ if (details != NULL)
+ authenticator->details = g_object_ref (details);
+ authenticator->cookie = g_strdup (cookie);
+ authenticator->identities = g_list_copy (identities);
+ g_list_foreach (authenticator->identities, (GFunc) g_object_ref, NULL);
+
+ authenticator->action_desc = get_desc_for_action (authenticator->authority,
+ authenticator->action_id);
+ if (authenticator->action_desc == NULL)
+ goto error;
+
+ authenticator->users = g_new0 (gchar *, g_list_length (authenticator->identities) + 1);
+ for (l = authenticator->identities, n = 0; l != NULL; l = l->next, n++)
+ {
+ PolkitUnixUser *user = POLKIT_UNIX_USER (l->data);
+ uid_t uid;
+ struct passwd *passwd;
+
+ uid = polkit_unix_user_get_uid (user);
+ passwd = getpwuid (uid);
+ authenticator->users[n] = g_strdup (passwd->pw_name);
+ }
+
+ authenticator->dialog = polkit_mate_authentication_dialog_new
+ (authenticator->action_id,
+ polkit_action_description_get_vendor_name (authenticator->action_desc),
+ polkit_action_description_get_vendor_url (authenticator->action_desc),
+ authenticator->icon_name,
+ authenticator->message,
+ authenticator->details,
+ authenticator->users);
+ g_signal_connect (authenticator->dialog,
+ "delete-event",
+ G_CALLBACK (on_dialog_deleted),
+ authenticator);
+ g_signal_connect (authenticator->dialog,
+ "notify::selected-user",
+ G_CALLBACK (on_user_selected),
+ authenticator);
+
+ return authenticator;
+
+ error:
+ g_object_unref (authenticator);
+ return NULL;
+}
+
+static void
+session_request (PolkitAgentSession *session,
+ const char *request,
+ gboolean echo_on,
+ gpointer user_data)
+{
+ PolkitMateAuthenticator *authenticator = POLKIT_MATE_AUTHENTICATOR (user_data);
+ gchar *password;
+ gchar *modified_request;
+
+ password = NULL;
+
+ //g_debug ("in conversation_pam_prompt, request='%s', echo_on=%d", request, echo_on);
+
+ /* Fix up, and localize, password prompt if it's password auth */
+ if (g_ascii_strncasecmp (request, "password:", 9) == 0)
+ {
+ if (strcmp (g_get_user_name (), authenticator->selected_user) != 0)
+ {
+ modified_request = g_strdup_printf (_("_Password for %s:"), authenticator->selected_user);
+ }
+ else
+ {
+ modified_request = g_strdup (_("_Password:"));
+ }
+ }
+ else
+ {
+ modified_request = g_strdup (request);
+ }
+
+ gtk_widget_show_all (GTK_WIDGET (authenticator->dialog));
+ gtk_window_present (GTK_WINDOW (authenticator->dialog));
+ password = polkit_mate_authentication_dialog_run_until_response_for_prompt (POLKIT_MATE_AUTHENTICATION_DIALOG (authenticator->dialog),
+ modified_request,
+ echo_on,
+ &authenticator->was_cancelled,
+ &authenticator->new_user_selected);
+
+ /* cancel auth unless user provided a password */
+ if (password == NULL)
+ {
+ polkit_mate_authenticator_cancel (authenticator);
+ goto out;
+ }
+ else
+ {
+ polkit_agent_session_response (authenticator->session, password);
+ g_free (password);
+ }
+
+out:
+ g_free (modified_request);
+}
+
+static void
+session_show_error (PolkitAgentSession *session,
+ const gchar *msg,
+ gpointer user_data)
+{
+ PolkitMateAuthenticator *authenticator = POLKIT_MATE_AUTHENTICATOR (user_data);
+ gchar *s;
+
+ s = g_strconcat ("<b>", msg, "</b>", NULL);
+ polkit_mate_authentication_dialog_set_info_message (POLKIT_MATE_AUTHENTICATION_DIALOG (authenticator->dialog), s);
+ g_free (s);
+}
+
+static void
+session_show_info (PolkitAgentSession *session,
+ const gchar *msg,
+ gpointer user_data)
+{
+ PolkitMateAuthenticator *authenticator = POLKIT_MATE_AUTHENTICATOR (user_data);
+ gchar *s;
+
+ s = g_strconcat ("<b>", msg, "</b>", NULL);
+ polkit_mate_authentication_dialog_set_info_message (POLKIT_MATE_AUTHENTICATION_DIALOG (authenticator->dialog), s);
+ g_free (s);
+
+ gtk_widget_show_all (GTK_WIDGET (authenticator->dialog));
+ gtk_window_present (GTK_WINDOW (authenticator->dialog));
+}
+
+
+static void
+session_completed (PolkitAgentSession *session,
+ gboolean gained_authorization,
+ gpointer user_data)
+{
+ PolkitMateAuthenticator *authenticator = POLKIT_MATE_AUTHENTICATOR (user_data);
+
+ authenticator->gained_authorization = gained_authorization;
+
+ //g_debug ("in conversation_done gained=%d", gained_authorization);
+
+ g_main_loop_quit (authenticator->loop);
+}
+
+
+static gboolean
+do_initiate (gpointer user_data)
+{
+ PolkitMateAuthenticator *authenticator = POLKIT_MATE_AUTHENTICATOR (user_data);
+ PolkitIdentity *identity;
+ gint num_tries;
+
+ gtk_widget_show_all (GTK_WIDGET (authenticator->dialog));
+ gtk_window_present (GTK_WINDOW (authenticator->dialog));
+ if (!polkit_mate_authentication_dialog_run_until_user_is_selected (POLKIT_MATE_AUTHENTICATION_DIALOG (authenticator->dialog)))
+ {
+ /* user cancelled the dialog */
+ /*g_debug ("User cancelled before selecting a user");*/
+ authenticator->was_cancelled = TRUE;
+ goto out;
+ }
+
+ authenticator->loop = g_main_loop_new (NULL, TRUE);
+
+ num_tries = 0;
+
+ try_again:
+
+ g_free (authenticator->selected_user);
+ authenticator->selected_user = polkit_mate_authentication_dialog_get_selected_user (POLKIT_MATE_AUTHENTICATION_DIALOG (authenticator->dialog));
+
+ /*g_debug ("Authenticating user %s", authenticator->selected_user);*/
+ identity = polkit_unix_user_new_for_name (authenticator->selected_user, NULL);
+
+ authenticator->session = polkit_agent_session_new (identity, authenticator->cookie);
+
+ g_object_unref (identity);
+
+ g_signal_connect (authenticator->session,
+ "request",
+ G_CALLBACK (session_request),
+ authenticator);
+
+ g_signal_connect (authenticator->session,
+ "show-info",
+ G_CALLBACK (session_show_info),
+ authenticator);
+
+ g_signal_connect (authenticator->session,
+ "show-error",
+ G_CALLBACK (session_show_error),
+ authenticator);
+
+ g_signal_connect (authenticator->session,
+ "completed",
+ G_CALLBACK (session_completed),
+ authenticator);
+
+ polkit_agent_session_initiate (authenticator->session);
+
+ g_main_loop_run (authenticator->loop);
+
+ /*g_debug ("gained_authorization=%d was_cancelled=%d new_user_selected=%d.",
+ authenticator->gained_authorization,
+ authenticator->was_cancelled,
+ authenticator->new_user_selected);*/
+
+ if (authenticator->new_user_selected)
+ {
+ /*g_debug ("New user selected");*/
+ authenticator->new_user_selected = FALSE;
+ g_object_unref (authenticator->session);
+ authenticator->session = NULL;
+ goto try_again;
+ }
+
+ num_tries++;
+
+ if (!authenticator->gained_authorization && !authenticator->was_cancelled)
+ {
+ if (authenticator->dialog != NULL)
+ {
+ gchar *s;
+
+ s = g_strconcat ("<b>", _("Authentication Failure"), "</b>", NULL);
+ polkit_mate_authentication_dialog_set_info_message (
+ POLKIT_MATE_AUTHENTICATION_DIALOG (authenticator->dialog),
+ s);
+ g_free (s);
+ gtk_widget_queue_draw (authenticator->dialog);
+
+ /* shake the dialog to indicate error */
+ polkit_mate_authentication_dialog_indicate_error (POLKIT_MATE_AUTHENTICATION_DIALOG (authenticator->dialog));
+
+ if (num_tries < 3)
+ {
+ g_object_unref (authenticator->session);
+ authenticator->session = NULL;
+ goto try_again;
+ }
+ }
+ }
+
+ out:
+ g_signal_emit_by_name (authenticator, "completed", authenticator->gained_authorization);
+
+ g_object_unref (authenticator);
+
+ return FALSE;
+}
+
+void
+polkit_mate_authenticator_initiate (PolkitMateAuthenticator *authenticator)
+{
+ /* run from idle since we're going to block the main loop in the dialog (which has a recursive mainloop) */
+ g_idle_add (do_initiate, g_object_ref (authenticator));
+}
+
+void
+polkit_mate_authenticator_cancel (PolkitMateAuthenticator *authenticator)
+{
+ if (authenticator->dialog != NULL)
+ polkit_mate_authentication_dialog_cancel (POLKIT_MATE_AUTHENTICATION_DIALOG (authenticator->dialog));
+
+ authenticator->was_cancelled = TRUE;
+
+ if (authenticator->session != NULL)
+ {
+ polkit_agent_session_cancel (authenticator->session);
+ }
+}
+
+const gchar *
+polkit_mate_authenticator_get_cookie (PolkitMateAuthenticator *authenticator)
+{
+ return authenticator->cookie;
+}
+
+