From patchwork Wed Jan  6 14:18:27 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Stefan Schantl <stefan.schantl@ipfire.org>
X-Patchwork-Id: 3792
Return-Path: <development-bounces@lists.ipfire.org>
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (P-384)
	 client-signature RSA-PSS (4096 bits))
	(Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK))
	by web04.haj.ipfire.org (Postfix) with ESMTPS id 4D9s0q5gmpz3wgR
	for <patchwork@web04.haj.ipfire.org>; Wed,  6 Jan 2021 14:18:35 +0000 (UTC)
Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (P-384)
	 client-signature ECDSA (P-384))
	(Client CN "mail02.haj.ipfire.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
	by mail01.ipfire.org (Postfix) with ESMTPS id 4D9s0q2Dqlz1KZ;
	Wed,  6 Jan 2021 14:18:35 +0000 (UTC)
Received: from mail02.haj.ipfire.org (localhost [127.0.0.1])
	by mail02.haj.ipfire.org (Postfix) with ESMTP id 4D9s0q1g1tz2yF1;
	Wed,  6 Jan 2021 14:18:35 +0000 (UTC)
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature ECDSA (P-384)
 client-signature RSA-PSS (4096 bits))
 (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK))
 by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4D9s0p2zC0z2xMq
 for <development@lists.ipfire.org>; Wed,  6 Jan 2021 14:18:34 +0000 (UTC)
Received: from [127.0.0.1] (localhost [127.0.0.1])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384)
 (No client certificate requested)
 by mail01.ipfire.org (Postfix) with ESMTPSA id 4D9s0n3NVXz1Jd;
 Wed,  6 Jan 2021 14:18:33 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org;
 s=202003rsa;
 t=1609942713;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
 content-transfer-encoding:content-transfer-encoding;
 bh=3FO6JbstJgmqKHnxY5GbmE2okRJCptnaBlMqMj494EM=;
 b=QhIg6FY5x/DDNl62LRPg+gsehEO0kMi4n2VQoPvMhfWmXnuUvZBZKWLnNEwp3HwAU/Xk7G
 N/AE0y9qD14JuMWB9QWFZXXjKVyW1X1NPobmZqzEnwzLCYVGKkRseLfCggWxkuZGR+VPaW
 oo028F3MnGRms5TUwLVY5Ma4UL+SvMqk8j20rKRbtZh7uUDI+RXw863tUwlHikb2pWvwX0
 VDK3lDWGgTpEqEXujucT6+jgZOnaKPaFyou3+APqRLggrMZPiz4et/Se0ijOVqgfvvJnWS
 d+kh7tW7mHGnLLJ8Y/0Vam5OPUDvLvh0WafPQMAd9aZpzyN288CE3W2fPjJNKA==
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org;
 s=202003ed25519; t=1609942713;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
 content-transfer-encoding:content-transfer-encoding;
 bh=3FO6JbstJgmqKHnxY5GbmE2okRJCptnaBlMqMj494EM=;
 b=ZrUDu/H8QcQaNhpkfuoJLMXdxdo0gbkoTtBxC/Da3Vx8vbUiONoPhIQb+s6cPL0KYgTFRX
 RGyusZFV5w9j5HCQ==
From: Stefan Schantl <stefan.schantl@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCHv2] ddns.cgi: Make dealing with auth tokens more user-friendly.
Date: Wed,  6 Jan 2021 15:18:27 +0100
Message-Id: <20210106141827.3947-1-stefan.schantl@ipfire.org>
MIME-Version: 1.0
X-BeenThere: development@lists.ipfire.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IPFire development talk <development.lists.ipfire.org>
List-Unsubscribe: <https://lists.ipfire.org/mailman/options/development>,
 <mailto:development-request@lists.ipfire.org?subject=unsubscribe>
List-Archive: <http://lists.ipfire.org/pipermail/development/>
List-Post: <mailto:development@lists.ipfire.org>
List-Help: <mailto:development-request@lists.ipfire.org?subject=help>
List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/development>,
 <mailto:development-request@lists.ipfire.org?subject=subscribe>
Errors-To: development-bounces@lists.ipfire.org
Sender: "Development" <development-bounces@lists.ipfire.org>

If a provider supports authentication with a token, now
the username and password fileds will be swapped by some
Java Script code in favour of an input field for the token.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---
 html/cgi-bin/ddns.cgi  | 112 ++++++++++++++++++++++++++++++++++++-----
 langs/de/cgi-bin/de.pl |   2 +
 langs/en/cgi-bin/en.pl |   2 +
 3 files changed, 104 insertions(+), 12 deletions(-)

diff --git a/html/cgi-bin/ddns.cgi b/html/cgi-bin/ddns.cgi
index 024eaf7f6..9b58db895 100644
--- a/html/cgi-bin/ddns.cgi
+++ b/html/cgi-bin/ddns.cgi
@@ -59,14 +59,18 @@ $settings{'HOSTNAME'} = '';
 $settings{'DOMAIN'} = '';
 $settings{'LOGIN'} = '';
 $settings{'PASSWORD'} = '';
+$settings{'TOKEN'} = '';
 $settings{'ENABLED'} = '';
 $settings{'PROXY'} = '';
 $settings{'SERVICE'} = '';
 
 $settings{'ACTION'} = '';
 
-# Get supported ddns providers.
-my @providers = &GetProviders();
+# Get all supported ddns providers.
+my @providers = &GetProviders("all");
+
+# Get provider which support a token based authentication mechanism.
+my @token_provider = &GetProviders("token-providers");
 
 # Hook to regenerate the configuration files, if cgi got called from command line.
 if ($ENV{"REMOTE_ADDR"} eq "") {
@@ -178,6 +182,11 @@ if (($settings{'ACTION'} eq $Lang::tr{'add'}) || ($settings{'ACTION'} eq $Lang::
 		$errormessage = $Lang::tr{'password not set'};
 	}
 
+	# Check if a token has been given for provider which support tokens.
+	if (($settings{'SERVICE'} ~~ @token_provider) && ($settings{'TOKEN'} eq '')) {
+		$errormessage = $Lang::tr{'token not set'};
+	}
+
 	# Go furter if there was no error.
 	if (!$errormessage) {
 		# Splitt hostname field into 2 parts for storrage.
@@ -189,6 +198,16 @@ if (($settings{'ACTION'} eq $Lang::tr{'add'}) || ($settings{'ACTION'} eq $Lang::
 			$settings{'ENABLED'} = 'off';
 		}
 
+		# Handle token provider.
+		if($settings{'SERVICE'} ~~ @token_provider) {
+			# Clear username and password if they contain values.
+			undef($settings{'LOGIN'});
+			undef($settings{'PASSWORD'});
+
+			# Assign the token as a password for saving.
+			$settings{'PASSWORD'} = $settings{'TOKEN'};
+		}
+
 		# Handle adding new accounts.
 		if ($settings{'ACTION'} eq $Lang::tr{'add'}) {
 			# Open /var/ipfire/ddns/config for writing.
@@ -234,7 +253,8 @@ if (($settings{'ACTION'} eq $Lang::tr{'add'}) || ($settings{'ACTION'} eq $Lang::
 			# Write out notice to logfile.
 			&General::log($Lang::tr{'ddns hostname modified'});
 		}
-		undef $settings{'ID'};
+		# Clear settings hash.
+		%settings = '';
 
 		# Update ddns config file.
 		&GenerateDDNSConfigFile();
@@ -307,6 +327,7 @@ if ($settings{'ACTION'} eq $Lang::tr{'edit'}) {
 			$settings{'WILDCARDS'} = $temp[4];
 			$settings{'LOGIN'} = $temp[5];
 			$settings{'PASSWORD'} = $temp[6];
+			$settings{'TOKEN'} = $temp[6];
 			$settings{'ENABLED'} = $temp[7];
 		}
 
@@ -334,6 +355,58 @@ if (!$settings{'ACTION'}) {
 }
 
 &Header::openpage($Lang::tr{'dynamic dns'}, 1, '');
+
+### Java Script ###
+print"<script>\n";
+
+# Generate Java Script Array which contains the provider that support token.
+my $line = "";
+$line = join("', '", @token_provider);
+
+print "\t// Array which contains the providers that support token.\n";
+print "\ttoken_provider = ['$line']\;\n\n";
+
+print <<END
+	// Java Script function to swap the text input fields for
+	// username and password or token.
+	var update_auth = function() {
+		if(inArray(\$('#SERVICE').val(), token_provider)) {
+			\$('.username').hide();
+			\$('.password').hide();
+			\$('.token').show();
+		} else {
+			\$('.username').show();
+			\$('.password').show();
+			\$('.token').hide();
+		}
+	};
+
+	// Java Script function to check if a given value is part of
+	// an array.
+	function inArray(value,array) {
+		var count=array.length;
+
+		for(var i=0;i<count;i++) {
+			if(array[i]===value){
+				return true;
+			}
+		}
+
+		return false;
+	}
+
+	// JQuery function to call corresponding function when
+	// the service provider is changed or the page is loaded for showing/hiding
+	// the username/password or token area.
+	\$(document).ready(function() {
+		\$('#SERVICE').change(update_auth);
+			update_auth();
+	});
+
+</script>
+END
+;
+
 &Header::openbigbox('100%', 'left', '', $errormessage);
 
 # Read file for general ddns settings.
@@ -414,7 +487,7 @@ print <<END
 END
 ;
 		# Generate dropdown menu for service selection.
-		print"<select size='1' name='SERVICE'>\n";
+		print"<select size='1' name='SERVICE' id='SERVICE'>\n";
 
 		my $selected;
 
@@ -440,11 +513,15 @@ print <<END
 	<tr>
 		<td class='base'>$Lang::tr{'enabled'}</td>
 		<td><input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td>
-		<td class='base'>$Lang::tr{'username'}</td>
-		<td><input type='text' name='LOGIN' value='$settings{'LOGIN'}' /></td>
+
+		<td class='username'>$Lang::tr{'username'}</td>
+		<td class='username'><input type='text' name='LOGIN' value='$settings{'LOGIN'}' /></td>
+
+		<td class='token' style='display:none'>$Lang::tr{'token'}</td>
+		<td class='token' style='display:none'><input type='text' name='TOKEN' value='$settings{'TOKEN'}' /></td>
 	</tr>
 
-	<tr>
+	<tr class='password'>
 		<td class='base'></td>
 		<td></td>
 		<td class='base'>$Lang::tr{'password'}</td>
@@ -665,8 +742,8 @@ sub GenerateDDNSConfigFile {
 
 		my $use_token = 0;
 
-		# Check if token based auth is configured.
-		if ($username eq "token") {
+		# Handle token based auth for various providers.
+		if ($provider ~~ @token_provider) {
 			$use_token = 1;
 		}
 
@@ -707,9 +784,20 @@ sub GenerateDDNSConfigFile {
 }
 
 # Function which generates an array (@providers) which contains the supported providers.
-sub GetProviders {
-	# Get supported providers.
-	open(PROVIDERS, "/usr/bin/ddns list-providers |");
+sub GetProviders ($) {
+	my ($type) = @_;
+
+	# Set default type to get all providers
+	$type = $type ? $type : "all";
+
+	# Check if the requested type is "token-providers".
+	if ($type eq "token-providers") {
+		# Call ddns util to only get providers which supports token based auth.
+		open(PROVIDERS, "/usr/bin/ddns list-token-providers |");
+	} else {
+		# Get all supported providers.
+		open(PROVIDERS, "/usr/bin/ddns list-providers |");
+	}
 
 	# Create new array to store the providers.
 	my @providers = ();
diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index 87181c184..307b8a97c 100644
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -2374,6 +2374,8 @@
 'to warn email bad' => 'An E-Mail-Adresse ist nicht gültig',
 'toggle' => 'Pause/Resume',
 'toggle enable disable' => 'Aktivieren oder Deaktivieren',
+'token' => 'Token:',
+'token not set' => 'Kein Token angegeben.',
 'tone' => 'Ton',
 'tone dial' => 'Tonwahl:',
 'too long 80 char max' => ' ist zu lang, es sind maximal 80 Zeichen erlaubt',
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index 625c6899f..4d23f7aac 100644
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -2412,6 +2412,8 @@
 'to warn email bad' => 'To e-mail address is not valid',
 'toggle' => 'pause/resume',
 'toggle enable disable' => 'Enable or disable',
+'token' => 'Token:',
+'token not set' => 'No Token has been given.',
 'tone' => 'Tone',
 'tone dial' => 'Tone dial:',
 'too long 80 char max' => ' is too long, maximum allowed is 80 characters',