我试图根据我发现的Objective-C示例,使用授权服务API(通过Swift 5)验证本地macOS用户的密码。
我尝试了我能想到的对AuthoricationCreate的所有调用排列,但是它们始终失败,并且它们的OOStatus代码为-60005或-60007
我简单的Swift 5测试代码如下:
import Cocoa
import CoreFoundation
class log {
static func debug(_ msg: String) {
Swift.print(msg)
fflush(stdout)
}
static func error(_ msg: String) {
Swift.print(msg)
fflush(stdout)
}
}
struct MacAPIRequest_Authenticate {
public var user: String = String()
public var password: String = String()
public init() {}
}
var auth: MacAPIRequest_Authenticate = MacAPIRequest_Authenticate()
auth.user=CommandLine.arguments[1]
auth.password=CommandLine.arguments[2]
log.debug("auth=\(auth)")
let authPassword = UnsafeMutablePointer<Int8>(mutating: (auth.password as NSString).utf8String)
log.debug("authPassword=\(String(cString: authPassword!))")
let authUser = UnsafeMutablePointer<Int8>(mutating: (auth.user as NSString).utf8String)
log.debug("authUser=\(String(cString: authUser!))")
var authEnvItems = [
AuthorizationItem(name: kAuthorizationEnvironmentUsername,
valueLength: (auth.user as NSString).length, value: authUser, flags: UInt32(0)),
AuthorizationItem(name: kAuthorizationEnvironmentPassword,
valueLength: (auth.password as NSString).length, value: authPassword, flags: UInt32(0))
]
log.debug("authEnvItems=\(authEnvItems)")
var authEnv = AuthorizationEnvironment(count: UInt32(authEnvItems.count), items: &authEnvItems)
var authRightsItems = [
AuthorizationItem(name: "allow", valueLength: 0, value: nil, flags: 0)
]
var authRights = AuthorizationRights(count: UInt32(authRightsItems.count), items: &authRightsItems)
log.debug("authRights=\(authRights)")
var authRef: AuthorizationRef? = nil
var authStatus: OSStatus
var authFlags = AuthorizationFlags(rawValue: 0)
// First try permutation without using AuthorizationCopyRights:
authStatus = AuthorizationCreate(&authRights, &authEnv, authFlags, nil)
log.debug("0 authStatus=\(authStatus)")
// Using AuthorizationCopyRights:
authStatus = AuthorizationCreate(nil, &authEnv, authFlags, &authRef)
log.debug("1 authStatus=\(authStatus)")
authFlags = AuthorizationFlags([.extendRights, .preAuthorize])
authStatus = AuthorizationCopyRights(authRef!, &authRights, &authEnv, authFlags, nil)
log.debug("2 authStatus=\(authStatus)")
if (authStatus == errAuthorizationSuccess) {
log.debug("auth(\(auth)) authorized")
} else {
log.debug("auth(\(auth)) denied")
}
以上内容基于我在这里找到的内容-How verify account's password
这是输出的内容:
auth=MacAPIRequest_Authenticate(user: "username", password: "password")
authPassword=W0rks0ft
authUser=dtheobald
authEnvItems=[__C.AuthorizationItem(name: 0x00007fa52a4df030, valueLength: 8, value: Optional(0x00007fa52a4e9258), flags: 0), __C.AuthorizationItem(name: 0x00007fa52a4df030, valueLength: 8, value: Optional(0x00007fa52a4321d8), flags: 0)]
authRights=AuthorizationItemSet(count: 1, items: Optional(0x00007fa52a4c32a0))
0 authStatus=-60005
1 authStatus=0
2 authStatus=-60007
auth(MacAPIRequest_Authenticate(user: "username", password: "password")) denied
在提供正确的用户名/密码组合时,我希望OSStatus为0(零)。