1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
|
From 22956921a228f6f1cbbbd3045a3cc3969732dca3 Mon Sep 17 00:00:00 2001
From: Arun Lal K M <arun.lal@intel.com>
Date: Fri, 8 Oct 2021 20:56:00 +0000
Subject: [PATCH] Add support to ChangePassword action
Tested:
Passed Redfish validator.
Bios change password:
root@intel-obmc:~# cat /var/lib/bios-settings-manager/seedData
{
"UserPwdHash": "08D91157785366CDC3AA64D87E5E3C621EDAB13E26B6E484397EBA5E459E54C567BF5B1FFB36A43B6142B18F8D642E9D",
"AdminPwdHash": "08D91157785366CDC3AA64D87E5E3C621EDAB13E26B6E484397EBA5E459E54C567BF5B1FFB36A43B6142B18F8D642E9D",
"Seed": "123456",
"HashAlgo": "SHA384"
}
POST https://IP_ADDR/redfish/v1/Systems/system/Bios/Actions/Bios.ChangePassword
{
"NewPassword": "12345678",
"OldPassword": "1234567890",
"PasswordName": "Administrator"
}
root@intel-obmc:~# cat /var/lib/bios-settings-manager/passwordData
{
"CurrentPassword": "1234567890",
"IsAdminPwdChanged": 1,
"IsUserPwdChanged": 0,
"NewPassword": "2DD65D57EB60B1D92C5F3D2DC84724FCEE7BC02E57AA75E834712266ED94CAC704047B2FF7CEC1C36BED280B36BB5AC6",
"UserName": "Administrator"
}
Signed-off-by: Arun Lal K M <arun.lal@intel.com>
Signed-off-by: Kuiying Wang <kuiying.wang@intel.com>
---
redfish-core/lib/bios.hpp | 59 +++++++++++++++++++++++++++++++++++++++
1 file changed, 59 insertions(+)
diff --git a/redfish-core/lib/bios.hpp b/redfish-core/lib/bios.hpp
index f613613..b06a904 100644
--- a/redfish-core/lib/bios.hpp
+++ b/redfish-core/lib/bios.hpp
@@ -175,6 +175,10 @@ inline void
asyncResp->res.jsonValue["Actions"]["#Bios.ResetBios"] = {
{"target", "/redfish/v1/Systems/system/Bios/Actions/Bios.ResetBios"}};
+ asyncResp->res.jsonValue["Actions"]["#Bios.ChangePassword"] = {
+ {"target", "/redfish/v1/Systems/system/Bios/Actions/"
+ "Bios.ChangePassword"}};
+
// Get the ActiveSoftwareImage and SoftwareImages
fw_util::populateFirmwareInformation(asyncResp, fw_util::biosPurpose, "",
true);
@@ -265,6 +269,61 @@ inline void requestRoutesBiosService(App& app)
.methods(boost::beast::http::verb::get)(handleBiosServiceGet);
}
+/**
+ * BiosChangePassword class supports handle POST method for change bios
+ * password. The class retrieves and sends data directly to D-Bus.
+ */
+inline void requestRoutesBiosChangePassword(App& app)
+{
+ BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/Bios/")
+ .privileges({{"ConfigureComponents"}})
+ .methods(boost::beast::http::verb::post)(
+ [](const crow::Request& req,
+ const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
+ std::string currentPassword, newPassword, userName;
+ if (!json_util::readJson(req, asyncResp->res, "NewPassword",
+ newPassword, "OldPassword",
+ currentPassword, "PasswordName",
+ userName))
+ {
+ return;
+ }
+ if (currentPassword.empty())
+ {
+ messages::actionParameterUnknown(
+ asyncResp->res, "ChangePassword", "OldPassword");
+ return;
+ }
+ if (newPassword.empty())
+ {
+ messages::actionParameterUnknown(
+ asyncResp->res, "ChangePassword", "NewPassword");
+ return;
+ }
+ if (userName.empty())
+ {
+ messages::actionParameterUnknown(
+ asyncResp->res, "ChangePassword", "PasswordName");
+ return;
+ }
+ crow::connections::systemBus->async_method_call(
+ [asyncResp](const boost::system::error_code ec) {
+ if (ec)
+ {
+ BMCWEB_LOG_CRITICAL
+ << "Failed in doPost(BiosChangePassword) "
+ << ec;
+ messages::internalError(asyncResp->res);
+ return;
+ }
+ },
+ "xyz.openbmc_project.BIOSConfigPassword",
+ "/xyz/openbmc_project/bios_config/password",
+ "xyz.openbmc_project.BIOSConfig.Password", "ChangePassword",
+ userName, currentPassword, newPassword);
+ });
+}
+
/**
* BiosSettings class supports handle GET/PATCH method for
* BIOS configuration pending settings.
--
2.17.1
|