github.com/cloud-green/juju@v0.0.0-20151002100041-a00291338d3d/apiserver/authentication/agent.go (about) 1 // Copyright 2014 Canonical Ltd. All rights reserved. 2 // Licensed under the AGPLv3, see LICENCE file for details. 3 4 package authentication 5 6 import ( 7 "github.com/juju/errors" 8 9 "github.com/juju/juju/apiserver/common" 10 "github.com/juju/juju/state" 11 ) 12 13 // AgentIdentityProvider performs authentication for machine and unit agents. 14 type AgentAuthenticator struct{} 15 16 var _ EntityAuthenticator = (*AgentAuthenticator)(nil) 17 18 type taggedAuthenticator interface { 19 state.Entity 20 state.Authenticator 21 } 22 23 // Authenticate authenticates the provided entity and returns an error on authentication failure. 24 func (*AgentAuthenticator) Authenticate(entity state.Entity, password, nonce string) error { 25 authenticator, ok := entity.(taggedAuthenticator) 26 if !ok { 27 return common.ErrBadRequest 28 } 29 if !authenticator.PasswordValid(password) { 30 return common.ErrBadCreds 31 } 32 33 // If this is a machine agent connecting, we need to check the 34 // nonce matches, otherwise the wrong agent might be trying to 35 // connect. 36 if machine, ok := authenticator.(*state.Machine); ok { 37 if !machine.CheckProvisioned(nonce) { 38 return errors.NotProvisionedf("machine %v", machine.Id()) 39 } 40 } 41 42 return nil 43 }