// Creates a new IniRealm, reading from a Reader.
func NewIni(name string, in io.Reader) (*IniRealm, error) {
realm := IniRealm{SimpleAccountRealm{name: name}}
realm.users = make(map[string]authc.SimpleAccount)
realm.roles = make(map[string]authz.SimpleRole)
realm.credentialsMatcher = &credential.PlainText{}
ini, err := ini.Load(in)
if err != nil {
return nil, err
}
// Users
for username, val := range ini.Section("users") {
vals := strings.Split(val, ",")
if len(vals) == 0 {
return nil, errors.New("Invalid property in the INI file; assumed at least a password for user " + username)
}
// User account
acct := authc.NewAccount(stringer(username), strings.TrimSpace(vals[0]), name)
for _, role := range vals[1:] {
acct.AddRole(strings.TrimSpace(role))
}
realm.users[username] = *acct
}
// Roles
for role, permlist := range ini.Section("roles") {
perms := strings.Split(permlist, ",")
if len(perms) == 0 {
return nil, errors.New("Role does not have any permissions")
}
r := authz.NewRole(role)
for _, p := range perms {
perm, err := authz.NewWildcardPermission(p)
if err != nil {
return nil, err
}
r.AddPermission(perm)
}
realm.roles[role] = *r
}
return &realm, nil
}
func (r *MockRealm) AuthorizationInfo(p []interface{}) (authz.AuthorizationInfo, error) {
return authc.NewAccount(p[0], "", r.Name()), nil
}
func (r *MockRealm) AuthenticationInfo(token authc.AuthenticationToken) (authc.AuthenticationInfo, error) {
sa := authc.NewAccount(token.Principal(), token.Credentials(), r.Name())
r.authinfocalled++
return sa, nil
}
