msteinert-go-pam/example/example.go

// This is a fake login implementation. It uses whatever default
// PAM service configuration is available on the system, and tries
// to authenticate any user. This should cause PAM to ask its
// conversation handler for a username and password, in sequence.
//
// This application will handle those requests by displaying the
// PAM-provided prompt and sending back the first line of stdin input
// it can read for each.
//
// Keep in mind that unless run as root (or setuid root), the only
// user's authentication that can succeed is that of the process owner.
//
// It's not a real login for several reasons:
//
// It doesn't switch users.
// It's not a real login.
//
// It does however demonstrate a simple but powerful use of PAM.

package main

import (
	"bufio"
	"errors"
	"fmt"
	"log"
	"os"

	"github.com/bgentry/speakeasy"
	"github.com/msteinert/pam"
)

func main() {
	t, err := pam.StartFunc("", "", func(s pam.Style, msg string) (string, error) {
		switch s {
		case pam.PromptEchoOff:
			return speakeasy.Ask(msg)
		case pam.PromptEchoOn:
			fmt.Print(msg + " ")
			input, err := bufio.NewReader(os.Stdin).ReadString('\n')
			if err != nil {
				return "", err
			}
			return input[:len(input)-1], nil
		case pam.ErrorMsg:
			log.Print(msg)
			return "", nil
		case pam.TextInfo:
			fmt.Println(msg)
			return "", nil
		}
		return "", errors.New("Unrecognized message style")
	})
	if err != nil {
		log.Fatalf("Start: %s", err.Error())
	}
	err = t.Authenticate(0)
	if err != nil {
		log.Fatalf("Authenticate: %s", err.Error())
	}
	log.Print("Authentication succeeded!")
}
Update interface 2015-03-27 18:59:29 -05:00			`// This is a fake login implementation. It uses whatever default`
			`// PAM service configuration is available on the system, and tries`
			`// to authenticate any user. This should cause PAM to ask its`
			`// conversation handler for a username and password, in sequence.`
			`//`
			`// This application will handle those requests by displaying the`
			`// PAM-provided prompt and sending back the first line of stdin input`
			`// it can read for each.`
			`//`
			`// Keep in mind that unless run as root (or setuid root), the only`
			`// user's authentication that can succeed is that of the process owner.`
			`//`
			`// It's not a real login for several reasons:`
			`//`
			`// It doesn't switch users.`
			`// It's not a real login.`
			`//`
			`// It does however demonstrate a simple but powerful use of PAM.`

			`package main`

			`import (`
			`"bufio"`
			`"errors"`
			`"fmt"`
			`"log"`
			`"os"`
Update example 2015-04-10 23:36:35 -05:00
Update example code 2015-12-04 09:21:17 -06:00			`"github.com/bgentry/speakeasy"`
Update example 2015-04-10 23:36:35 -05:00			`"github.com/msteinert/pam"`
Update interface 2015-03-27 18:59:29 -05:00			`)`

			`func main() {`
			`t, err := pam.StartFunc("", "", func(s pam.Style, msg string) (string, error) {`
			`switch s {`
			`case pam.PromptEchoOff:`
Update example code 2015-12-04 09:21:17 -06:00			`return speakeasy.Ask(msg)`
Update interface 2015-03-27 18:59:29 -05:00			`case pam.PromptEchoOn:`
Update example 2015-04-10 23:36:35 -05:00			`fmt.Print(msg + " ")`
			`input, err := bufio.NewReader(os.Stdin).ReadString('\n')`
Update interface 2015-03-27 18:59:29 -05:00			`if err != nil {`
			`return "", err`
			`}`
			`return input[:len(input)-1], nil`
			`case pam.ErrorMsg:`
			`log.Print(msg)`
			`return "", nil`
			`case pam.TextInfo:`
			`fmt.Println(msg)`
			`return "", nil`
			`}`
			`return "", errors.New("Unrecognized message style")`
			`})`
			`if err != nil {`
			`log.Fatalf("Start: %s", err.Error())`
			`}`
			`err = t.Authenticate(0)`
			`if err != nil {`
			`log.Fatalf("Authenticate: %s", err.Error())`
			`}`
			`log.Print("Authentication succeeded!")`
			`}`