forked from npgsql/npgsql
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathKerberosUsernameProvider.cs
More file actions
111 lines (101 loc) · 3.95 KB
/
KerberosUsernameProvider.cs
File metadata and controls
111 lines (101 loc) · 3.95 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
#region License
// The PostgreSQL License
//
// Copyright (C) 2017 The Npgsql Development Team
//
// Permission to use, copy, modify, and distribute this software and its
// documentation for any purpose, without fee, and without a written
// agreement is hereby granted, provided that the above copyright notice
// and this paragraph and the following two paragraphs appear in all copies.
//
// IN NO EVENT SHALL THE NPGSQL DEVELOPMENT TEAM BE LIABLE TO ANY PARTY
// FOR DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES,
// INCLUDING LOST PROFITS, ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS
// DOCUMENTATION, EVEN IF THE NPGSQL DEVELOPMENT TEAM HAS BEEN ADVISED OF
// THE POSSIBILITY OF SUCH DAMAGE.
//
// THE NPGSQL DEVELOPMENT TEAM SPECIFICALLY DISCLAIMS ANY WARRANTIES,
// INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
// AND FITNESS FOR A PARTICULAR PURPOSE. THE SOFTWARE PROVIDED HEREUNDER IS
// ON AN "AS IS" BASIS, AND THE NPGSQL DEVELOPMENT TEAM HAS NO OBLIGATIONS
// TO PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
#endregion
using System;
using System.Diagnostics;
using System.IO;
using System.Linq;
using JetBrains.Annotations;
using Microsoft.Extensions.Logging;
using Npgsql.Logging;
namespace Npgsql
{
/// <summary>
/// Launches MIT Kerberos klist and parses out the default principal from it.
/// Caches the result.
/// </summary>
class KerberosUsernameProvider
{
static bool _performedDetection;
static string _principalWithRealm;
static string _principalWithoutRealm;
[CanBeNull]
internal static string GetUsername(bool includeRealm)
{
if (!_performedDetection)
{
DetectUsername();
_performedDetection = true;
}
return includeRealm ? _principalWithRealm : _principalWithoutRealm;
}
static void DetectUsername()
{
var klistPath = FindInPath("klist");
if (klistPath == null)
{
Log.Logger.LogDebug("klist not found in PATH, skipping Kerberos username detection");
return;
}
var processStartInfo = new ProcessStartInfo
{
FileName = klistPath,
RedirectStandardOutput = true,
RedirectStandardError = true,
UseShellExecute = false
};
var process = Process.Start(processStartInfo);
process.WaitForExit();
if (process.ExitCode != 0)
{
Log.Logger.LogDebug($"klist exited with code {process.ExitCode}: {process.StandardError.ReadToEnd()}");
return;
}
var line = "";
for (var i = 0; i < 2; i++)
if ((line = process.StandardOutput.ReadLine()) == null)
{
Log.Logger.LogDebug("Unexpected output from klist, aborting Kerberos username detection");
return;
}
var components = line.Split(':');
if (components.Length != 2)
{
Log.Logger.LogDebug("Unexpected output from klist, aborting Kerberos username detection");
return;
}
var principalWithRealm = components[1].Trim();
components = principalWithRealm.Split('@');
if (components.Length != 2)
{
Log.Logger.LogDebug($"Badly-formed default principal {principalWithRealm} from klist, aborting Kerberos username detection");
return;
}
_principalWithRealm = principalWithRealm;
_principalWithoutRealm = components[0];
}
static string FindInPath(string name) => Environment.GetEnvironmentVariable("PATH")
.Split(Path.PathSeparator)
.Select(p => Path.Combine(p, name))
.FirstOrDefault(File.Exists);
}
}