From patchwork Fri Jan  1 19:12:21 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Stefan Schantl <stefan.schantl@ipfire.org>
X-Patchwork-Id: 3778
Return-Path: <development-bounces@lists.ipfire.org>
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mail01.haj.ipfire.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
	by web04.haj.ipfire.org (Postfix) with ESMTPS id 4D6vmJ6dZ1z3wgM
	for <patchwork@web04.haj.ipfire.org>; Fri,  1 Jan 2021 19:12:32 +0000 (UTC)
Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384
	 client-signature ECDSA (P-384) client-digest SHA384)
	(Client CN "mail02.haj.ipfire.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
	by mail01.ipfire.org (Postfix) with ESMTPS id 4D6vmH6HDqz2cH;
	Fri,  1 Jan 2021 19:12:31 +0000 (UTC)
Received: from mail02.haj.ipfire.org (localhost [127.0.0.1])
	by mail02.haj.ipfire.org (Postfix) with ESMTP id 4D6vmH4YFVz2xmj;
	Fri,  1 Jan 2021 19:12:31 +0000 (UTC)
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mail01.haj.ipfire.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4D6vmF5LGnz2xPL
 for <development@lists.ipfire.org>; Fri,  1 Jan 2021 19:12:29 +0000 (UTC)
Received: from [127.0.0.1] (localhost [127.0.0.1])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384)
 (No client certificate requested)
 by mail01.ipfire.org (Postfix) with ESMTPSA id 4D6vmD4JNJz7W;
 Fri,  1 Jan 2021 19:12:28 +0000 (UTC)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org;
 s=202003ed25519; t=1609528348;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding;
 bh=TNTZK/7inQ99sdVf2YvzqGHC9GOag95zogO2te4aDm4=;
 b=PxIF3NliZwSec3RM9OULbhR9I7U2VCRe1o4I/S5s7YlmXZ1pYALOGjQxI8ssxZUySLaESj
 8QpO4B+fPkUeYdAg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org;
 s=202003rsa;
 t=1609528348;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding;
 bh=TNTZK/7inQ99sdVf2YvzqGHC9GOag95zogO2te4aDm4=;
 b=V4YSbDef9EAyP9Qli8s+irBfHB5Pb/+2tPht5UB+wCgVVd5kA+y2+napUTNVIrpy9dmq11
 dzqdaY1UxgXjA+wxgYTpqL1D72aTZKfH8ZBVwNW3LBUFhD78nvd41bVVO4K7Df7y5U78qQ
 rIaylxXbzFXnUHQQIp9mJypGuXXAcWaEiNiqkRlRYqaZG4CnW7BBJ2yDiTQWS2qR6p2uCt
 h8gWCnLNUHQ1C63nowhRVSHw3Y0qqKwww8OieuWE0HDM1d1hV612yFp4dltdYO5jXSgVnP
 MrB3u82fTS5dzIcRvBp29SI2qx8wPBfJyI/nCyWN7U8yRVFDRPrI/HPO/JMj+Q==
From: Stefan Schantl <stefan.schantl@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH] ddns.cgi: Make dealing with auth tokens more user-friendly.
Date: Fri,  1 Jan 2021 20:12:21 +0100
Message-Id: <20210101191221.2308-1-stefan.schantl@ipfire.org>
MIME-Version: 1.0
X-BeenThere: development@lists.ipfire.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IPFire development talk <development.lists.ipfire.org>
List-Unsubscribe: <https://lists.ipfire.org/mailman/options/development>,
 <mailto:development-request@lists.ipfire.org?subject=unsubscribe>
List-Archive: <http://lists.ipfire.org/pipermail/development/>
List-Post: <mailto:development@lists.ipfire.org>
List-Help: <mailto:development-request@lists.ipfire.org?subject=help>
List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/development>,
 <mailto:development-request@lists.ipfire.org?subject=subscribe>
Errors-To: development-bounces@lists.ipfire.org
Sender: "Development" <development-bounces@lists.ipfire.org>

If a provider supports authentication with a token, now
the username and password fileds will be swapped by some
Java Script code in favour of an input field for the token.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---
 html/cgi-bin/ddns.cgi | 103 +++++++++++++++++++++++++++++++++++++-----
 1 file changed, 91 insertions(+), 12 deletions(-)

diff --git a/html/cgi-bin/ddns.cgi b/html/cgi-bin/ddns.cgi
index 024eaf7f6..6eddb5124 100644
--- a/html/cgi-bin/ddns.cgi
+++ b/html/cgi-bin/ddns.cgi
@@ -59,14 +59,18 @@ $settings{'HOSTNAME'} = '';
 $settings{'DOMAIN'} = '';
 $settings{'LOGIN'} = '';
 $settings{'PASSWORD'} = '';
+$settings{'TOKEN'} = '';
 $settings{'ENABLED'} = '';
 $settings{'PROXY'} = '';
 $settings{'SERVICE'} = '';
 
 $settings{'ACTION'} = '';
 
-# Get supported ddns providers.
-my @providers = &GetProviders();
+# Get all supported ddns providers.
+my @providers = &GetProviders("all");
+
+# Get provider which support a token based authentication mechanism.
+my @token_provider = &GetProviders("token-providers");
 
 # Hook to regenerate the configuration files, if cgi got called from command line.
 if ($ENV{"REMOTE_ADDR"} eq "") {
@@ -189,6 +193,12 @@ if (($settings{'ACTION'} eq $Lang::tr{'add'}) || ($settings{'ACTION'} eq $Lang::
 			$settings{'ENABLED'} = 'off';
 		}
 
+		# Check if a token has been provided.
+		if($settings{'TOKEN'}) {
+			# Assign the token as a password for saving.
+			$settings{'PASSWORD'} = $settings{'TOKEN'};
+		}
+
 		# Handle adding new accounts.
 		if ($settings{'ACTION'} eq $Lang::tr{'add'}) {
 			# Open /var/ipfire/ddns/config for writing.
@@ -234,7 +244,8 @@ if (($settings{'ACTION'} eq $Lang::tr{'add'}) || ($settings{'ACTION'} eq $Lang::
 			# Write out notice to logfile.
 			&General::log($Lang::tr{'ddns hostname modified'});
 		}
-		undef $settings{'ID'};
+		# Clear settings hash.
+		%settings = '';
 
 		# Update ddns config file.
 		&GenerateDDNSConfigFile();
@@ -307,6 +318,7 @@ if ($settings{'ACTION'} eq $Lang::tr{'edit'}) {
 			$settings{'WILDCARDS'} = $temp[4];
 			$settings{'LOGIN'} = $temp[5];
 			$settings{'PASSWORD'} = $temp[6];
+			$settings{'TOKEN'} = $temp[6];
 			$settings{'ENABLED'} = $temp[7];
 		}
 
@@ -334,6 +346,58 @@ if (!$settings{'ACTION'}) {
 }
 
 &Header::openpage($Lang::tr{'dynamic dns'}, 1, '');
+
+### Java Script ###
+print"<script>\n";
+
+# Generate Java Script Array which contains the provider that support token.
+my $line = "";
+$line = join("', '", @token_provider);
+
+print "\t// Array which contains the providers that support token.\n";
+print "\ttoken_provider = ['$line']\;\n\n";
+
+print <<END
+	// Java Script function to swap the text input fields for
+	// username and password or token.
+	var update_auth = function() {
+		if(inArray(\$('#SERVICE').val(), token_provider)) {
+			\$('.username').hide();
+			\$('.password').hide();
+			\$('.token').show();
+		} else {
+			\$('.username').show();
+			\$('.password').show();
+			\$('.token').hide();
+		}
+	};
+
+	// Java Script function to check if a given value is part of
+	// an array.
+	function inArray(value,array) {
+		var count=array.length;
+
+		for(var i=0;i<count;i++) {
+			if(array[i]===value){
+				return true;
+			}
+		}
+
+		return false;
+	}
+
+	// JQuery function to call corresponding function when
+	// the service provider is changed or the page is loaded for showing/hiding
+	// the username/password or token area.
+	\$(document).ready(function() {
+		\$('#SERVICE').change(update_auth);
+			update_auth();
+	});
+
+</script>
+END
+;
+
 &Header::openbigbox('100%', 'left', '', $errormessage);
 
 # Read file for general ddns settings.
@@ -414,7 +478,7 @@ print <<END
 END
 ;
 		# Generate dropdown menu for service selection.
-		print"<select size='1' name='SERVICE'>\n";
+		print"<select size='1' name='SERVICE' id='SERVICE'>\n";
 
 		my $selected;
 
@@ -440,11 +504,15 @@ print <<END
 	<tr>
 		<td class='base'>$Lang::tr{'enabled'}</td>
 		<td><input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td>
-		<td class='base'>$Lang::tr{'username'}</td>
-		<td><input type='text' name='LOGIN' value='$settings{'LOGIN'}' /></td>
+
+		<td class='username'>$Lang::tr{'username'}</td>
+		<td class='username'><input type='text' name='LOGIN' value='$settings{'LOGIN'}' /></td>
+
+		<td class='token' style='display:none'>Token:</td>
+		<td class='token' style='display:none'><input type='text' name='TOKEN' value='$settings{'TOKEN'}' /></td>
 	</tr>
 
-	<tr>
+	<tr class='password'>
 		<td class='base'></td>
 		<td></td>
 		<td class='base'>$Lang::tr{'password'}</td>
@@ -665,8 +733,8 @@ sub GenerateDDNSConfigFile {
 
 		my $use_token = 0;
 
-		# Check if token based auth is configured.
-		if ($username eq "token") {
+		# Handle token based auth for various providers.
+		if ($provider ~~ @token_provider) {
 			$use_token = 1;
 		}
 
@@ -707,9 +775,20 @@ sub GenerateDDNSConfigFile {
 }
 
 # Function which generates an array (@providers) which contains the supported providers.
-sub GetProviders {
-	# Get supported providers.
-	open(PROVIDERS, "/usr/bin/ddns list-providers |");
+sub GetProviders ($) {
+	my ($type) = @_;
+
+	# Set default type to get all providers
+	$type = $type ? $type : "all";
+
+	# Check if the requested type is "token-providers".
+	if ($type eq "token-providers") {
+		# Call ddns util to only get providers which supports token based auth.
+		open(PROVIDERS, "/usr/bin/ddns list-token-providers |");
+	} else {
+		# Get all supported providers.
+		open(PROVIDERS, "/usr/bin/ddns list-providers |");
+	}
 
 	# Create new array to store the providers.
 	my @providers = ();