account_service: Remove success body on 204 response

Currently, PATCH requests updating Password to
/redfish/v1/AccountService/Accounts/{username} will return non-empty
body despite the status code

account_service: Remove success body on 204 response

Currently, PATCH requests updating Password to
/redfish/v1/AccountService/Accounts/{username} will return non-empty
body despite the status code is 204 No Content:

```
curl -X PATCH --user root:0penBmc -H "Content-Type: application/json" --insecure https://${BMC_IP}/redfish/v1/AccountService/Accounts/user_test01 -d '{"Password": "0penBmc"}'
```

```
Sep 29 02:45:09 mtmitchell-dcscm bmcwebd[947]: [http_response.hpp:212] 0x1bce918 Response content provided but code was no-content or not_modified, which aren't allowed to have a body for url : "/redfish/v1/AccountService/Accounts/user_test01"
```

This fixes the issue by removing the success body.

Tested: PATCH requests now do not create the error log.

Signed-off-by: Khang D Nguyen <khangng@os.amperecomputing.com>
Change-Id: I6a6a6964eed4b9ef591f59b5223cc24b9b82680f

show more ...

AccountService: Use @Redfish.AllowableValues annotation

Correct AllowableValues annotation for HTTPBasicAuth property.

Tested: redfish-service-validator pass

Change-Id: I1faf683799622a3c4ba8f84c44

AccountService: Use @Redfish.AllowableValues annotation

Correct AllowableValues annotation for HTTPBasicAuth property.

Tested: redfish-service-validator pass

Change-Id: I1faf683799622a3c4ba8f84c44715c43bd28451b
Signed-off-by: John Chung <john.chung@arm.com>

show more ...

AccountService: Restrict self-configure privilege

Restrict the admin user's privileges to only self-configuration when
the session state is in self-configure mode. Currently, the admin can
modify ot

AccountService: Restrict self-configure privilege

Restrict the admin user's privileges to only self-configuration when
the session state is in self-configure mode. Currently, the admin can
modify other users' information even when the admin session is in
isConfigureSelfOnly mode, which appears to be incorrect.
Eg:
1) Expire the admin user password
2) Login bmc with admin credentials
3) Password change required error is generated for the user

Expected after step 3

Admin should not be able to change any user information belonging to
other users until they have changed their own password.

Observed after step 3

Admin was able to change other user's information before changing own
password

Tested By:

1) Expire the admin password using passwd --expire
2) Change user name of other user as below
```
patch /redfish/v1/AccountService/Accounts/newuser1 -d '{"UserName": "newuser2"}'
```
3) Observed response
```
{
"error": {
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "There are insufficient privileges for the account or credentials associated with the current session to perform the requested operation.",
"MessageArgs": [],
"MessageId": "Base.1.19.InsufficientPrivilege",
"MessageSeverity": "Critical",
"Resolution": "Either abandon the operation or change the associated access rights and resubmit the request if the operation failed."
}
],
"code": "Base.1.19.InsufficientPrivilege",
"message": "There are insufficient privileges for the account or credentials associated with the current session to perform the requested operation."
}
}
```
4) Change the admin password
5) Do the step 2 above
6) Operation Resonded with Ok

Change-Id: I8d486e7b77d1ee072e1a49c5d9f8649e694d9d82
Signed-off-by: Abhilash Raju <abhilash.kollam@gmail.com>

show more ...

Remove breaks to fix warnings

clang warns these can never be hit, which is true. Remove them.

Change-Id: I37b2bc4253e98257ec08f65e2c9de2ce2fd17706
Signed-off-by: Ed Tanous <ed@tanous.net>

Remove unused variables

In one of the migrations, these are no longer used. Remove them.

Change-Id: Id4f8f9129ff26b4e264b9ef6c526862081f67f0c
Signed-off-by: Ed Tanous <etanous@nvidia.com>

Make LDAP arrays empty if not configured

These arrays should not be populated if there are no handlers for these
configured.

Fixes https://github.com/openbmc/bmcweb/issues/105

Change-Id: Idbd04eb9

Make LDAP arrays empty if not configured

These arrays should not be populated if there are no handlers for these
configured.

Fixes https://github.com/openbmc/bmcweb/issues/105

Change-Id: Idbd04eb97ced75e44de6ed98aa1f0d410f0aebc7
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

remove meta mtls parse mode

as we have successfully merged patches that enable UserPrincipalName
parse mode, we can start removing Meta only parse mode. This commit
is intended to remove MTLSCommonN

remove meta mtls parse mode

as we have successfully merged patches that enable UserPrincipalName
parse mode, we can start removing Meta only parse mode. This commit
is intended to remove MTLSCommonNameParseMode::Meta from the upstream
code

Tested:
- build bmcweb
- deploy to a device that already use UPN
- check if it works fine by sending curl request /AccountService

Change-Id: Idcf4340a2a9940f035aea41cd30ef4df7bd95530
Signed-off-by: Malik Akbar Hashemi Rafsanjani <malikrafsan@meta.com>

show more ...

Add async_method_call to utility

Adding async_method_call in dbus utility gives us a place where we can
intercept method call requests from dbus to potentially add
logging/caching.

An example of lo

Add async_method_call to utility

Adding async_method_call in dbus utility gives us a place where we can
intercept method call requests from dbus to potentially add
logging/caching.

An example of logging is in the later commit:
https://gerrit.openbmc.org/c/openbmc/bmcweb/+/78265/

We already do this for setProperty, this moves the method calls to
follow a similar pattern.

Tested: Redfish service validator passes.

Change-Id: I6d2c96e2b6b6a023ed2138106a55faebca161592
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

Make Request copy explicit

It is currently too easy to accidentally make copies of the Request
object. Ideally code would parse out the Request in the first handler,
then no longer require an async

Make Request copy explicit

It is currently too easy to accidentally make copies of the Request
object. Ideally code would parse out the Request in the first handler,
then no longer require an async copy. There is one case in the redfish
query things where we actually need a copy of the request object, so we
need these constructors, but we should make them explicit.

This commit moves the Request constructor to be private, and adds a new
method called copy() for explicitly making a copy. Ironcially, this
finds one place where we were actually making a copy of the request
object unintentionally, so fix that to only capture the value
required,the user session.

Tested:
- Compiles
- Run GET/PATCH related curl or If-Match like PATCH Account
- Redfish Service Validator runs and passes

Change-Id: I19255981f42757ed736112c003201e3f758735ac
Signed-off-by: Ed Tanous <ed@tanous.net>
Signed-off-by: Myung Bae <myungbae@us.ibm.com>

show more ...

Add odata.type for ClientCertificate/Certificates

This Certificate URI does not give the odata.type.

```
curl -k -X GET https://${bmc}/redfish/v1/AccountService/MultiFactorAuth/ClientCertificate/Ce

Add odata.type for ClientCertificate/Certificates

This Certificate URI does not give the odata.type.

```
curl -k -X GET https://${bmc}/redfish/v1/AccountService/MultiFactorAuth/ClientCertificate/Certificates
{
"Members": [],
"Members@odata.count": 0
}
```
As a result, Redfish Service Validator may fail if this URI is
triggered.

This adds the type like
```
curl -k -X GET https://${bmc}/redfish/v1/AccountService/MultiFactorAuth/ClientCertificate/Certificates

{
"@odata.id": "/redfish/v1/AccountService/MultiFactorAuth/ClientCertificate/Certificates",
"@odata.type": "#CertificateCollection.CertificateCollection"
"Members": [],
"Members@odata.count": 0
"Name": "Certificates Collection"
}%
```

Change-Id: I9c453c6c5ba093a6a3a0530e99d2bf8766a98ed3
Signed-off-by: Myung Bae <myungbae@us.ibm.com>

show more ...

clang-format: update latest spec and reformat

Copy the latest format file from the docs repository and apply.

Change-Id: I2f0b9d0fb6e01ed36a2f34c750ba52de3b6d15d1
Signed-off-by: Patrick Williams <p

clang-format: update latest spec and reformat

Copy the latest format file from the docs repository and apply.

Change-Id: I2f0b9d0fb6e01ed36a2f34c750ba52de3b6d15d1
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>

show more ...

Fix includes

Clang-tidy misc-include-cleaner appears to now be enforcing
significantly more headers than previously. That is overall a good
thing, but forces us to fix some issues. This commit is

Fix includes

Clang-tidy misc-include-cleaner appears to now be enforcing
significantly more headers than previously. That is overall a good
thing, but forces us to fix some issues. This commit is largely just
taking the clang-recommended fixes and checking them in. Subsequent
patches will fix the more unique issues.

Note, that a number of new ignores are added into the .clang-tidy file.
These can be cleaned up over time as they're understood. The majority
are places where boost includes a impl/x.hpp and x.hpp, but expects you
to use the later. include-cleaner opts for the impl, but it isn't clear
why.

Change-Id: Id3fdd7ee6df6c33b2fd35626898523048dd51bfb
Signed-off-by: Ed Tanous <etanous@nvidia.com>
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>

show more ...

Use SPDX identifiers

SPDX identifiers are simpler, and reduce the amount of cruft we have in
code files. They are recommended by linux foundation, and therefore we
should do as they allow.

This pa

Use SPDX identifiers

SPDX identifiers are simpler, and reduce the amount of cruft we have in
code files. They are recommended by linux foundation, and therefore we
should do as they allow.

This patchset does not intend to modify any intent on any existing
copyrights or licenses, only to standardize their inclusion.

[1] https://www.linuxfoundation.org/blog/blog/copyright-notices-in-open-source-software-projects

Change-Id: I935c7c0156caa78fc368c929cebd0f068031e830
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

Refactor large lambda

Similar to other patches, refactor this large lambda into a normal
function.

Tested: Redfish service validator passes

Change-Id: I45e0b421f04ad8351de367bfdc7b8512bf10ca45
Sig

Refactor large lambda

Similar to other patches, refactor this large lambda into a normal
function.

Tested: Redfish service validator passes

Change-Id: I45e0b421f04ad8351de367bfdc7b8512bf10ca45
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

account_service: Move to unpackproperty method

Change-Id: If677e2b4e9bd03b359913670d120f15d4a5f29b9
Signed-off-by: Asmitha Karunanithi <asmitk01@in.ibm.com>

Move getProperty calls to utility

Having all dbus calls run through the same utility reduces the amount of
generated code, and more importantly, gives us a place where we can log
the requests and re

Move getProperty calls to utility

Having all dbus calls run through the same utility reduces the amount of
generated code, and more importantly, gives us a place where we can log
the requests and responses to help with debugging.

Tested: Redfish service validator passes.

Change-Id: Ic1bf45130b5069cd57f7af26e12c8d3159c87c67
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

Format readjson

clang-format may potentially reformat the readJson calls if they may
have more keys or key names are longer. This makes formatting in a way
that's readable by forcing to break a line

Format readjson

clang-format may potentially reformat the readJson calls if they may
have more keys or key names are longer. This makes formatting in a way
that's readable by forcing to break a line for each key using an
empty-comment (`//`) each line.

It also allows trivially alphabetizing the list such that new additions
are less likely to have merge conflicts.

Tested:
- Check whitespace only.
- Code compiles.
- Redfish Service Validator with the same results before this

Change-Id: I3824a8c4faa9fa7c820d5d2fab6b565404926e2c
Signed-off-by: Ed Tanous <etanous@nvidia.com>
Signed-off-by: Myung Bae <myungbae@us.ibm.com>

show more ...

Add unit test for trailing slashes

Common error #9 requires that most urls end in a trailing slash. Given
the redfish standard, we know that all redfish routes need to end in a
trailing slash, so w

Add unit test for trailing slashes

Common error #9 requires that most urls end in a trailing slash. Given
the redfish standard, we know that all redfish routes need to end in a
trailing slash, so write a unit test that verifies that is true.

Despite code review, this appears to have snuck into the codebase in 4
different handlers. Fix those at the same time so the tests pass.

Tested: Unit tests pass.

Change-Id: I0299a7231662725a7100d5308b3977a549b49253
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

Remove duplicated block comments

Static analysis flags that these two comments are redundant[1], which
seem to be duplicated a lot in copyright headers. Although there is a
larger discussion that c

Remove duplicated block comments

Static analysis flags that these two comments are redundant[1], which
seem to be duplicated a lot in copyright headers. Although there is a
larger discussion that can likely be had.

[1] https://sonarcloud.io/project/issues?issueStatuses=OPEN%2CCONFIRMED&id=edtanous_bmcweb&open=AY9_HYjgKXKyw1ZFwgVP

Tested: Comment change only. Code compiles.

Change-Id: Ia960317761f558a87842347ca0b5f3da63f8e730
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

User creation: Add EC to Log

On an internal error, having the error code from D-Bus is really
helpful to debug. A trace before an internal error without the ec, is
pretty pointless so make this trac

User creation: Add EC to Log

On an internal error, having the error code from D-Bus is really
helpful to debug. A trace before an internal error without the ec, is
pretty pointless so make this trace useful.

Tested: None. Inspection only.

Change-Id: I953e5bcbbba197b158beabdb55f57b4fd3d73125
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>

show more ...

clang-format: re-format for clang-18

clang-format-18 isn't compatible with the clang-format-17 output, so we
need to reformat the code with the latest version. The way clang-18
handles lambda forma

clang-format: re-format for clang-18

clang-format-18 isn't compatible with the clang-format-17 output, so we
need to reformat the code with the latest version. The way clang-18
handles lambda formatting also changed, so we have made changes to the
organization default style format to better handle lambda formatting.

See I5e08687e696dd240402a2780158664b7113def0e for updated style.
See Iea0776aaa7edd483fa395e23de25ebf5a6288f71 for clang-18 enablement.

Change-Id: Iceec1dc95b6c908ec6c21fb40093de9dd18bf11a
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>

show more ...

Fix RemoteRoleMap PATCH operation

RemoteRoleMap "LocalRole" property update fails since there was
conversion missing from redfish privilege to D-bus values

Looks like this commit dropped this chang

Fix RemoteRoleMap PATCH operation

RemoteRoleMap "LocalRole" property update fails since there was
conversion missing from redfish privilege to D-bus values

Looks like this commit dropped this change
https://gerrit.openbmc.org/c/openbmc/bmcweb/+/64325/

This commit fixes this issue

Tested by:
Verified patch operation on RemoteRoleMap

Change-Id: Ic05aa3457a45e98ea5dc8e9dd83e0f1a42772070
Signed-off-by: Ravi Teja <raviteja28031990@gmail.com>

show more ...

Support RespondToUnauthenticatedClients PATCH

RespondToUnauthenticatedClients allows users to explicitly select mTLS
as their only authentication mechanism, thus significantly reducing
their code ex

Support RespondToUnauthenticatedClients PATCH

RespondToUnauthenticatedClients allows users to explicitly select mTLS
as their only authentication mechanism, thus significantly reducing
their code exposure to unauthenticated clients.

From the Redfish specification

```
The RespondToUnauthenticatedClients property within the
ClientCertificate property within the MFA property of the AccountService
resource controls the response behavior when an invalid certificate is
provided by the client.
• If the property contains true or is not
supported by the service, the service shall not fail the TLS handshake.
This is to allow the service to send error messages or unauthenticated
resources to the client.
• If the property contains false , the service
shall fail the TLS handshake.
```

This commit implements that behavior.

This also has some added benefits in that we no longer have to check the
filesystem for every connection, as TLS is controlled explicitly, and
not whether or not a root cert is in place.

Note, this also implements a TODO to disable cookie auth when using
mTLS. Clients can still use IsAuthenticated to determine if they are
authenticated on request.

Tested:
Run scripts/generate_auth_certs.py to set up a root certificate and
client certificate. This verifies that mTLS as optional has not been
broken. Script succeeds.

```
PATCH /redfish/v1/AccountService
{"MultiFactorAuth": {"ClientCertificate": {"RespondToUnauthenticatedClients": false}}}
```

GET /redfish/v1
without a client certificate now fails with an ssl verification error

GET /redfish/v1
with a client certificate returns the result

```
PATCH /redfish/v1/AccountService
{"MultiFactorAuth": {"ClientCertificate": {"RespondToUnauthenticatedClients": false}}}
With certificate returns non mTLS functionality.
```

Change-Id: I5a9d6d6b1698bff83ab62b1f760afed6555849c9
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Mutual TLS parsing change at runtime

Redfish AccountService[1] defines methods for selecting how to map a
certificate CommonName attribute to a user. These are intended to be a
patch parameter.

Th

Mutual TLS parsing change at runtime

Redfish AccountService[1] defines methods for selecting how to map a
certificate CommonName attribute to a user. These are intended to be a
patch parameter.

This commit implements the Redfish defined schemas; The parsing mode is
stored in the bmcweb persistent configuration file as an integer enum,
with Mapping to the Redfish schema.

To handle OEM specific parsing modes, an enum value of 100+ is defined
to allow the additional OEM parameters. Unfortunately, Redfish doesn't
have a way to represent these today, so those modes are currently not
selectable at runtime.

Now that things are runtime selectable, this obsoletes the option
mutual-tls-common-name-parsing, as it is not longer required at compile
time.

Tested:
GET /redfish/v1/AccountService

returns MultiFactorAuth/ClientCertificate/CertificateMappingAttribute

PATCH /redfish/v1/AccountService
```
{"MultiFactorAuth": {"ClientCertificate": {"CertificateMappingAttribute":"CommonName"}}}
```

Returns 200

[1] https://github.com/DMTF/Redfish-Publications/blob/5b217908b5378b24e4f390c063427d7a707cd308/csdl/AccountService_v1.xml#L1631

Change-Id: I67db0dfa5245a9da973320aab666d12dbd9229e4
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Pass redfishPropertyName earlier argument

It was pointed out that the setDbusProperty method should have an end
that approximately matches dbus-send and busctl set-property in its
arguments, to aid

Pass redfishPropertyName earlier argument

It was pointed out that the setDbusProperty method should have an end
that approximately matches dbus-send and busctl set-property in its
arguments, to aid with debug. This seems reasonable.

Tested: Redfish service validator passes.

Change-Id: Ic20295d93c71c957e3e76704e1eda9da187861b1
Signed-off-by: Ginu George <ginugeorge@ami.com>
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...