diff --git a/src/etc/inc/auth.inc b/src/etc/inc/auth.inc index 4d190e6be..5966ef05f 100644 --- a/src/etc/inc/auth.inc +++ b/src/etc/inc/auth.inc @@ -815,14 +815,3 @@ function get_authenticator($authcfg = null) $authFactory = new OPNsense\Auth\AuthenticationFactory(); return $authFactory->get($authName); } - -function authenticate_user($username, $password, $authcfg = null) -{ - $authenticator = get_authenticator($authcfg); - if ($authenticator != null) { - return $authenticator->authenticate($username, $password); - } else { - log_error('Unable to retrieve authenticator for ' . $username); - return false; - } -} diff --git a/src/www/xmlrpc.php b/src/www/xmlrpc.php index 2da4f8410..1149e306f 100644 --- a/src/www/xmlrpc.php +++ b/src/www/xmlrpc.php @@ -1,7 +1,7 @@ = 2) { $userinfo= explode(':', base64_decode($tags[1]), 2); if (count($userinfo) == 2) { - if (authenticate_user($userinfo[0], $userinfo[1])) { + $username = authenticate_user($userinfo[0], $userinfo[1]); + if ($username !== false) { $aclObj = new \OPNsense\Core\ACL(); - return $aclObj->isPageAccessible($userinfo[0], '/xmlrpc.php'); + return $aclObj->isPageAccessible($username, '/xmlrpc.php'); } } } - // not authenticated + /* not authenticated */ return false; } +function authenticate_user($username, $password) +{ + $authFactory = new OPNsense\Auth\AuthenticationFactory(); + + foreach(['Local Database', 'Local API'] as $authName) { + $authenticator = $authFactory->get($authName); + if ($authenticator != null && $authenticator->authenticate($username, $password)) { + $authResult = $authenticator->getLastAuthProperties(); + if (array_key_exists('username', $authResult)) { + $username = $authResult['username']; + } + return $username; + } + } + + log_error('Unable to retrieve authenticator for ' . $username); + + return false; +} /** * Simple XML-RPC server using IXR_Library