diff options
| author | Sadie Powell <sadie@witchery.services> | 2025-05-04 14:14:19 +0100 |
|---|---|---|
| committer | Sadie Powell <sadie@witchery.services> | 2025-05-04 14:14:19 +0100 |
| commit | 4b854d39357cbcfa43eb833949d48a49b0420ad6 (patch) | |
| tree | bdc625b02f2366a64c68ed33826250894e1fa9c0 /include/modules | |
| parent | 0b2b00b37dd2e713129a04bdae4c5b8aab858126 (diff) | |
Add support for bearer tokens for authorising with RPC.
Diffstat (limited to 'include/modules')
| -rw-r--r-- | include/modules/rpc.h | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/include/modules/rpc.h b/include/modules/rpc.h index 99be7c076..41a95fc14 100644 --- a/include/modules/rpc.h +++ b/include/modules/rpc.h @@ -193,11 +193,36 @@ class RPC::ServiceInterface : public Service { public: + Anope::map<std::vector<Anope::string>> tokens; + ServiceInterface(Module *creator) : Service(creator, "RPC::ServiceInterface", "rpc") { } + bool CanExecute(const Anope::string &header, const Anope::string &method) const + { + if (header.compare(0, 7, "Bearer ", 7) != 0) + return false; // No token provided. + + Anope::string token; + Anope::B64Decode(header.substr(7), token); + + auto it = tokens.find(token); + if (it == tokens.end()) + return false; // No valid token. + + for (const auto &glob : it->second) + { + if (glob[0] == '~' && Anope::Match(method, glob.substr(1))) + return false; // Negative match. + + if (Anope::Match(method, glob)) + return true; // Positive match. + } + return false; // No match. + } + virtual void Reply(Request &request) = 0; }; |