From 1d871b000a79d0d65d247c5db41cd6885ccbf9ce Mon Sep 17 00:00:00 2001
From: Conrad Hoffmann <ch@bitfehler.net>
Date: Thu, 1 Feb 2024 14:21:43 +0100
Subject: [PATCH] Add a "null" auth backend

Not built by default, but can be added with `go build -tags nullauth`.
Enabled by running tokidoki with `-auth.url null://`. Very useful for
simpler debugging when you don't want manage test accounts with actual
passwords.
---
 auth/null.go      | 37 +++++++++++++++++++++++++++++++++++++
 auth/null_stub.go | 11 +++++++++++
 auth/url.go       |  2 ++
 3 files changed, 50 insertions(+)
 create mode 100644 auth/null.go
 create mode 100644 auth/null_stub.go

diff --git a/auth/null.go b/auth/null.go
new file mode 100644
index 0000000..fe6f8a4
--- /dev/null
+++ b/auth/null.go
@@ -0,0 +1,37 @@
+//go:build nullauth
+
+package auth
+
+import (
+	"net/http"
+)
+
+type nullProvider struct{}
+
+func NewNull() (AuthProvider, error) {
+	return nullProvider{}, nil
+}
+
+func (nullProvider) Middleware() func(http.Handler) http.Handler {
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			nullAuth(next, w, r)
+		})
+	}
+}
+
+func nullAuth(next http.Handler, w http.ResponseWriter, r *http.Request) {
+	user, _, ok := r.BasicAuth()
+	if !ok {
+		w.Header().Add("WWW-Authenticate", `Basic realm="Please provide your system credentials", charset="UTF-8"`)
+		http.Error(w, "HTTP Basic auth is required", http.StatusUnauthorized)
+		return
+	}
+	authCtx := AuthContext{
+		AuthMethod: "null",
+		UserName:   user,
+	}
+	ctx := NewContext(r.Context(), &authCtx)
+	r = r.WithContext(ctx)
+	next.ServeHTTP(w, r)
+}
diff --git a/auth/null_stub.go b/auth/null_stub.go
new file mode 100644
index 0000000..4396e14
--- /dev/null
+++ b/auth/null_stub.go
@@ -0,0 +1,11 @@
+//go:build !nullauth
+
+package auth
+
+import (
+	"errors"
+)
+
+func NewNull() (AuthProvider, error) {
+	return nil, errors.New("NullAuth is disabled")
+}
diff --git a/auth/url.go b/auth/url.go
index 6c1a99f..4c2ce3a 100644
--- a/auth/url.go
+++ b/auth/url.go
@@ -18,6 +18,8 @@ func NewFromURL(authURL string) (AuthProvider, error) {
 		return NewIMAP(u.Host, true), nil
 	case "pam":
 		return NewPAM()
+	case "null":
+		return NewNull()
 	default:
 		return nil, fmt.Errorf("no auth provider found for %s:// URL", u.Scheme)
 	}