rest-server/htpasswd.go

package restserver

/*
Original version copied from: github.com/bitly/oauth2_proxy

MIT License

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
*/

import (
	"crypto/sha1"
	"encoding/base64"
	"encoding/csv"
	"log"
	"os"
	"regexp"
	"sync"
	"time"

	"golang.org/x/crypto/bcrypt"
)

// CheckInterval represents how often we check for changes in htpasswd file.
const CheckInterval = 30 * time.Second

// Lookup passwords in a htpasswd file.  The entries must have been created with -s for SHA encryption.

// HtpasswdFile is a map for usernames to passwords.
type HtpasswdFile struct {
	mutex    sync.Mutex
	path     string
	stat     os.FileInfo
	throttle chan struct{}
	Users    map[string]string
}

// NewHtpasswdFromFile reads the users and passwords from a htpasswd file and returns them.  If an error is encountered,
// it is returned, together with a nil-Pointer for the HtpasswdFile.
func NewHtpasswdFromFile(path string) (*HtpasswdFile, error) {
	stat, err := os.Stat(path)
	if err != nil {
		return nil, err
	}

	h := &HtpasswdFile{
		mutex:    sync.Mutex{},
		path:     path,
		stat:     stat,
		throttle: make(chan struct{}),
	}

	if err := h.Reload(); err != nil {
		return nil, err
	}

	// Start a goroutine that limits reload checks to once per CheckInterval
	go h.throttleTimer()

	return h, nil
}

// throttleTimer sends at most one message per CheckInterval to throttle file change checks.
func (h *HtpasswdFile) throttleTimer() {
	var check struct{}
	for {
		time.Sleep(CheckInterval)
		h.throttle <- check
	}
}

// Reload reloads the htpasswd file. If the reload fails, the Users map is not changed and the error is returned.
func (h *HtpasswdFile) Reload() error {
	r, err := os.Open(h.path)
	if err != nil {
		return err
	}

	cr := csv.NewReader(r)
	cr.Comma = ':'
	cr.Comment = '#'
	cr.TrimLeadingSpace = true

	records, err := cr.ReadAll()
	if err != nil {
		_ = r.Close()
		return err
	}
	users := make(map[string]string)
	for _, record := range records {
		users[record[0]] = record[1]
	}

	// Replace the Users map
	h.mutex.Lock()
	h.Users = users
	h.mutex.Unlock()

	_ = r.Close()
	return nil
}

// ReloadCheck checks at most once per CheckInterval if the file changed and will reload the file if it did.
// It logs errors and successful reloads, and returns an error if any was encountered.
func (h *HtpasswdFile) ReloadCheck() error {
	select {
	case <-h.throttle:
		stat, err := os.Stat(h.path)
		if err != nil {
			log.Printf("Could not stat htpasswd file: %v", err)
			return err
		}

		reload := false

		h.mutex.Lock()
		if stat.ModTime() != h.stat.ModTime() || stat.Size() != h.stat.Size() {
			reload = true
			h.stat = stat
		}
		h.mutex.Unlock()

		if reload {
			err := h.Reload()
			if err == nil {
				log.Printf("Reloaded htpasswd file")
			} else {
				log.Printf("Could not reload htpasswd file: %v", err)
				return err
			}
		}
	default:
		// No need to check
	}
	return nil
}

// Validate returns true if password matches the stored password for user.  If no password for user is stored, or the
// password is wrong, false is returned.
func (h *HtpasswdFile) Validate(user string, password string) bool {
	_ = h.ReloadCheck()

	h.mutex.Lock()
	realPassword, exists := h.Users[user]
	h.mutex.Unlock()

	if !exists {
		return false
	}

	var shaRe = regexp.MustCompile(`^{SHA}`)
	var bcrRe = regexp.MustCompile(`^\$2b\$`)

	switch {
	case shaRe.MatchString(realPassword):
		d := sha1.New()
		_, _ = d.Write([]byte(password))
		if realPassword[5:] == base64.StdEncoding.EncodeToString(d.Sum(nil)) {
			return true
		}
	case bcrRe.MatchString(realPassword):
		err := bcrypt.CompareHashAndPassword([]byte(realPassword), []byte(password))
		if err == nil {
			return true
		}
	}
	log.Printf("Invalid htpasswd entry for %s.", user)
	return false
}
Move main function into separate package (closes #12) 2017-06-21 15:23:33 -06:00			`package restserver`
added htpasswd 2015-09-19 14:28:43 +02:00
			`/*`
Automatically reload htpasswd If htpasswd was modified, it will be automatically reloaded. This check happens at most once per second and only on incoming requests. Note that this removes the public `NewHtpasswd()` function. 2017-10-24 17:35:51 +08:00			`Original version copied from: github.com/bitly/oauth2_proxy`
added htpasswd 2015-09-19 14:28:43 +02:00
			`MIT License`

			`Permission is hereby granted, free of charge, to any person obtaining a copy`
			`of this software and associated documentation files (the "Software"), to deal`
			`in the Software without restriction, including without limitation the rights`
			`to use, copy, modify, merge, publish, distribute, sublicense, and/or sell`
			`copies of the Software, and to permit persons to whom the Software is`
			`furnished to do so, subject to the following conditions:`

			`The above copyright notice and this permission notice shall be included in`
			`all copies or substantial portions of the Software.`

			`THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR`
			`IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,`
			`FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE`
			`AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER`
			`LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,`
			`OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN`
			`THE SOFTWARE.`
			`*/`

			`import (`
			`"crypto/sha1"`
			`"encoding/base64"`
			`"encoding/csv"`
			`"log"`
Remove fs package and dirty tricks it does The Linux kernel page cache ALWAYS knows better. Fighting it brings only worse performance. Usage of fadvise() is wrong 9 out of 10 times. Removing the whole fs package brings a nice 100% speedup when running costly prune command. And that is measured on localhost, the improvement could be much bigger when using network with higher latency. 2016-11-06 20:09:42 +01:00			`"os"`
Enable support for bcrypt'd password hashes in htpasswd 2018-02-11 14:54:25 -07:00			`"regexp"`
Automatically reload htpasswd If htpasswd was modified, it will be automatically reloaded. This check happens at most once per second and only on incoming requests. Note that this removes the public `NewHtpasswd()` function. 2017-10-24 17:35:51 +08:00			`"sync"`
			`"time"`
Enable support for bcrypt'd password hashes in htpasswd 2018-02-11 14:54:25 -07:00
			`"golang.org/x/crypto/bcrypt"`
added htpasswd 2015-09-19 14:28:43 +02:00			`)`

Comment global variables 2017-10-25 18:14:07 +02:00			`// CheckInterval represents how often we check for changes in htpasswd file.`
Limit htpasswd checks to once per 30s 2017-10-24 18:48:04 +08:00			`const CheckInterval = 30 * time.Second`

Reformat comments 2016-11-06 11:15:33 +01:00			`// Lookup passwords in a htpasswd file. The entries must have been created with -s for SHA encryption.`
added htpasswd 2015-09-19 14:28:43 +02:00
Update with changes from github.com/restic/restic tree Uncompilable right now, due to bad import paths. 2016-11-05 17:18:42 +01:00			`// HtpasswdFile is a map for usernames to passwords.`
added htpasswd 2015-09-19 14:28:43 +02:00			`type HtpasswdFile struct {`
Run goimports on htpasswd.go 2017-10-24 17:48:18 +08:00			`mutex sync.Mutex`
			`path string`
			`stat os.FileInfo`
Automatically reload htpasswd If htpasswd was modified, it will be automatically reloaded. This check happens at most once per second and only on incoming requests. Note that this removes the public `NewHtpasswd()` function. 2017-10-24 17:35:51 +08:00			`throttle chan struct{}`
Run goimports on htpasswd.go 2017-10-24 17:48:18 +08:00			`Users map[string]string`
added htpasswd 2015-09-19 14:28:43 +02:00			`}`

Reformat comments 2016-11-06 11:15:33 +01:00			`// NewHtpasswdFromFile reads the users and passwords from a htpasswd file and returns them. If an error is encountered,`
			`// it is returned, together with a nil-Pointer for the HtpasswdFile.`
added htpasswd 2015-09-19 14:28:43 +02:00			`func NewHtpasswdFromFile(path string) (*HtpasswdFile, error) {`
Automatically reload htpasswd If htpasswd was modified, it will be automatically reloaded. This check happens at most once per second and only on incoming requests. Note that this removes the public `NewHtpasswd()` function. 2017-10-24 17:35:51 +08:00			`stat, err := os.Stat(path)`
added htpasswd 2015-09-19 14:28:43 +02:00			`if err != nil {`
			`return nil, err`
			`}`
Automatically reload htpasswd If htpasswd was modified, it will be automatically reloaded. This check happens at most once per second and only on incoming requests. Note that this removes the public `NewHtpasswd()` function. 2017-10-24 17:35:51 +08:00
			`h := &HtpasswdFile{`
Run goimports on htpasswd.go 2017-10-24 17:48:18 +08:00			`mutex: sync.Mutex{},`
			`path: path,`
			`stat: stat,`
Automatically reload htpasswd If htpasswd was modified, it will be automatically reloaded. This check happens at most once per second and only on incoming requests. Note that this removes the public `NewHtpasswd()` function. 2017-10-24 17:35:51 +08:00			`throttle: make(chan struct{}),`
			`}`

			`if err := h.Reload(); err != nil {`
			`return nil, err`
			`}`

Limit htpasswd checks to once per 30s 2017-10-24 18:48:04 +08:00			`// Start a goroutine that limits reload checks to once per CheckInterval`
Automatically reload htpasswd If htpasswd was modified, it will be automatically reloaded. This check happens at most once per second and only on incoming requests. Note that this removes the public `NewHtpasswd()` function. 2017-10-24 17:35:51 +08:00			`go h.throttleTimer()`

			`return h, nil`
			`}`

Limit htpasswd checks to once per 30s 2017-10-24 18:48:04 +08:00			`// throttleTimer sends at most one message per CheckInterval to throttle file change checks.`
Automatically reload htpasswd If htpasswd was modified, it will be automatically reloaded. This check happens at most once per second and only on incoming requests. Note that this removes the public `NewHtpasswd()` function. 2017-10-24 17:35:51 +08:00			`func (h *HtpasswdFile) throttleTimer() {`
			`var check struct{}`
			`for {`
Limit htpasswd checks to once per 30s 2017-10-24 18:48:04 +08:00			`time.Sleep(CheckInterval)`
Automatically reload htpasswd If htpasswd was modified, it will be automatically reloaded. This check happens at most once per second and only on incoming requests. Note that this removes the public `NewHtpasswd()` function. 2017-10-24 17:35:51 +08:00			`h.throttle <- check`
			`}`
added htpasswd 2015-09-19 14:28:43 +02:00			`}`

Automatically reload htpasswd If htpasswd was modified, it will be automatically reloaded. This check happens at most once per second and only on incoming requests. Note that this removes the public `NewHtpasswd()` function. 2017-10-24 17:35:51 +08:00			`// Reload reloads the htpasswd file. If the reload fails, the Users map is not changed and the error is returned.`
			`func (h *HtpasswdFile) Reload() error {`
			`r, err := os.Open(h.path)`
			`if err != nil {`
			`return err`
			`}`

			`cr := csv.NewReader(r)`
Update with changes from github.com/restic/restic tree Uncompilable right now, due to bad import paths. 2016-11-05 17:18:42 +01:00			`cr.Comma = ':'`
			`cr.Comment = '#'`
			`cr.TrimLeadingSpace = true`
added htpasswd 2015-09-19 14:28:43 +02:00
Update with changes from github.com/restic/restic tree Uncompilable right now, due to bad import paths. 2016-11-05 17:18:42 +01:00			`records, err := cr.ReadAll()`
added htpasswd 2015-09-19 14:28:43 +02:00			`if err != nil {`
Check errors in many places Admittedly, in some places just document the fact that we ignore error return values, 'cause we don't know what to do with it. At least, the linter is happy. 2017-10-25 18:31:34 +02:00			`_ = r.Close()`
Automatically reload htpasswd If htpasswd was modified, it will be automatically reloaded. This check happens at most once per second and only on incoming requests. Note that this removes the public `NewHtpasswd()` function. 2017-10-24 17:35:51 +08:00			`return err`
added htpasswd 2015-09-19 14:28:43 +02:00			`}`
Automatically reload htpasswd If htpasswd was modified, it will be automatically reloaded. This check happens at most once per second and only on incoming requests. Note that this removes the public `NewHtpasswd()` function. 2017-10-24 17:35:51 +08:00			`users := make(map[string]string)`
added htpasswd 2015-09-19 14:28:43 +02:00			`for _, record := range records {`
Automatically reload htpasswd If htpasswd was modified, it will be automatically reloaded. This check happens at most once per second and only on incoming requests. Note that this removes the public `NewHtpasswd()` function. 2017-10-24 17:35:51 +08:00			`users[record[0]] = record[1]`
added htpasswd 2015-09-19 14:28:43 +02:00			`}`
Automatically reload htpasswd If htpasswd was modified, it will be automatically reloaded. This check happens at most once per second and only on incoming requests. Note that this removes the public `NewHtpasswd()` function. 2017-10-24 17:35:51 +08:00
			`// Replace the Users map`
			`h.mutex.Lock()`
			`h.Users = users`
			`h.mutex.Unlock()`
Check errors in many places Admittedly, in some places just document the fact that we ignore error return values, 'cause we don't know what to do with it. At least, the linter is happy. 2017-10-25 18:31:34 +02:00
			`_ = r.Close()`
Automatically reload htpasswd If htpasswd was modified, it will be automatically reloaded. This check happens at most once per second and only on incoming requests. Note that this removes the public `NewHtpasswd()` function. 2017-10-24 17:35:51 +08:00			`return nil`
			`}`

Limit htpasswd checks to once per 30s 2017-10-24 18:48:04 +08:00			`// ReloadCheck checks at most once per CheckInterval if the file changed and will reload the file if it did.`
Automatically reload htpasswd If htpasswd was modified, it will be automatically reloaded. This check happens at most once per second and only on incoming requests. Note that this removes the public `NewHtpasswd()` function. 2017-10-24 17:35:51 +08:00			`// It logs errors and successful reloads, and returns an error if any was encountered.`
			`func (h *HtpasswdFile) ReloadCheck() error {`
			`select {`
			`case <-h.throttle:`
			`stat, err := os.Stat(h.path)`
			`if err != nil {`
			`log.Printf("Could not stat htpasswd file: %v", err)`
			`return err`
			`}`

			`reload := false`

			`h.mutex.Lock()`
			`if stat.ModTime() != h.stat.ModTime() \|\| stat.Size() != h.stat.Size() {`
			`reload = true`
			`h.stat = stat`
			`}`
			`h.mutex.Unlock()`

			`if reload {`
			`err := h.Reload()`
			`if err == nil {`
			`log.Printf("Reloaded htpasswd file")`
			`} else {`
			`log.Printf("Could not reload htpasswd file: %v", err)`
			`return err`
			`}`
			`}`
			`default:`
			`// No need to check`
			`}`
			`return nil`
added htpasswd 2015-09-19 14:28:43 +02:00			`}`

Reformat comments 2016-11-06 11:15:33 +01:00			`// Validate returns true if password matches the stored password for user. If no password for user is stored, or the`
			`// password is wrong, false is returned.`
added htpasswd 2015-09-19 14:28:43 +02:00			`func (h *HtpasswdFile) Validate(user string, password string) bool {`
Automatically reload htpasswd If htpasswd was modified, it will be automatically reloaded. This check happens at most once per second and only on incoming requests. Note that this removes the public `NewHtpasswd()` function. 2017-10-24 17:35:51 +08:00			`_ = h.ReloadCheck()`

			`h.mutex.Lock()`
added htpasswd 2015-09-19 14:28:43 +02:00			`realPassword, exists := h.Users[user]`
Automatically reload htpasswd If htpasswd was modified, it will be automatically reloaded. This check happens at most once per second and only on incoming requests. Note that this removes the public `NewHtpasswd()` function. 2017-10-24 17:35:51 +08:00			`h.mutex.Unlock()`

added htpasswd 2015-09-19 14:28:43 +02:00			`if !exists {`
			`return false`
			`}`
Enable support for bcrypt'd password hashes in htpasswd 2018-02-11 14:54:25 -07:00
			var shaRe = regexp.MustCompile(`^{SHA}`)
			var bcrRe = regexp.MustCompile(`^\$2b\$`)

			`switch {`
			`case shaRe.MatchString(realPassword):`
added htpasswd 2015-09-19 14:28:43 +02:00			`d := sha1.New()`
Check errors in many places Admittedly, in some places just document the fact that we ignore error return values, 'cause we don't know what to do with it. At least, the linter is happy. 2017-10-25 18:31:34 +02:00			`_, _ = d.Write([]byte(password))`
added htpasswd 2015-09-19 14:28:43 +02:00			`if realPassword[5:] == base64.StdEncoding.EncodeToString(d.Sum(nil)) {`
			`return true`
			`}`
Enable support for bcrypt'd password hashes in htpasswd 2018-02-11 14:54:25 -07:00			`case bcrRe.MatchString(realPassword):`
			`err := bcrypt.CompareHashAndPassword([]byte(realPassword), []byte(password))`
			`if err == nil {`
			`return true`
			`}`
added htpasswd 2015-09-19 14:28:43 +02:00			`}`
Enable support for bcrypt'd password hashes in htpasswd 2018-02-11 14:54:25 -07:00			`log.Printf("Invalid htpasswd entry for %s.", user)`
added htpasswd 2015-09-19 14:28:43 +02:00			`return false`
			`}`