Mercurial > hg > orthanc
comparison Core/HttpServer/MongooseServer.cpp @ 409:63f707278fc8 lua-scripting
lua filtering of incoming http requests
| author | Sebastien Jodogne <s.jodogne@gmail.com> |
|---|---|
| date | Fri, 03 May 2013 12:23:02 +0200 |
| parents | bdd72233b105 |
| children | 26290b46056b |
comparison
equal
deleted
inserted
replaced
| 408:5a3a4a25e568 | 409:63f707278fc8 |
|---|---|
| 452 return true; | 452 return true; |
| 453 } | 453 } |
| 454 } | 454 } |
| 455 | 455 |
| 456 | 456 |
| 457 static std::string GetAuthenticatedUsername(const HttpHandler::Arguments& headers) | |
| 458 { | |
| 459 HttpHandler::Arguments::const_iterator auth = headers.find("authorization"); | |
| 460 | |
| 461 if (auth == headers.end()) | |
| 462 { | |
| 463 return ""; | |
| 464 } | |
| 465 | |
| 466 std::string s = auth->second; | |
| 467 if (s.substr(0, 6) != "Basic ") | |
| 468 { | |
| 469 return ""; | |
| 470 } | |
| 471 | |
| 472 std::string b64 = s.substr(6); | |
| 473 std::string decoded = Toolbox::DecodeBase64(b64); | |
| 474 size_t semicolons = decoded.find(':'); | |
| 475 | |
| 476 if (semicolons == std::string::npos) | |
| 477 { | |
| 478 // Bad-formatted request | |
| 479 return ""; | |
| 480 } | |
| 481 else | |
| 482 { | |
| 483 return decoded.substr(0, semicolons); | |
| 484 } | |
| 485 } | |
| 486 | |
| 487 | |
| 457 | 488 |
| 458 static void* Callback(enum mg_event event, | 489 static void* Callback(enum mg_event event, |
| 459 struct mg_connection *connection, | 490 struct mg_connection *connection, |
| 460 const struct mg_request_info *request) | 491 const struct mg_request_info *request) |
| 461 { | 492 { |
| 508 if (that->IsAuthenticationEnabled() && | 539 if (that->IsAuthenticationEnabled() && |
| 509 !Authorize(*that, headers, output)) | 540 !Authorize(*that, headers, output)) |
| 510 { | 541 { |
| 511 return (void*) ""; | 542 return (void*) ""; |
| 512 } | 543 } |
| 544 | |
| 545 | |
| 546 // Apply the filter, if it is installed | |
| 547 const IIncomingHttpRequestFilter *filter = that->GetIncomingHttpRequestFilter(); | |
| 548 if (filter != NULL) | |
| 549 { | |
| 550 std::string username = GetAuthenticatedUsername(headers); | |
| 551 | |
| 552 char remoteIp[24]; | |
| 553 sprintf(remoteIp, "%d.%d.%d.%d", | |
| 554 reinterpret_cast<const uint8_t*>(&request->remote_ip) [3], | |
| 555 reinterpret_cast<const uint8_t*>(&request->remote_ip) [2], | |
| 556 reinterpret_cast<const uint8_t*>(&request->remote_ip) [1], | |
| 557 reinterpret_cast<const uint8_t*>(&request->remote_ip) [0]); | |
| 558 | |
| 559 if (!filter->IsAllowed(method, request->uri, remoteIp, username.c_str())) | |
| 560 { | |
| 561 SendUnauthorized(output); | |
| 562 return (void*) ""; | |
| 563 } | |
| 564 } | |
| 565 | |
| 513 | 566 |
| 514 std::string postData; | 567 std::string postData; |
| 515 | 568 |
| 516 if (method == Orthanc_HttpMethod_Get) | 569 if (method == Orthanc_HttpMethod_Get) |
| 517 { | 570 { |
| 735 { | 788 { |
| 736 Stop(); | 789 Stop(); |
| 737 remoteAllowed_ = allowed; | 790 remoteAllowed_ = allowed; |
| 738 } | 791 } |
| 739 | 792 |
| 793 void MongooseServer::SetIncomingHttpRequestFilter(IIncomingHttpRequestFilter& filter) | |
| 794 { | |
| 795 Stop(); | |
| 796 filter_ = &filter; | |
| 797 } | |
| 740 | 798 |
| 741 bool MongooseServer::IsValidBasicHttpAuthentication(const std::string& basic) const | 799 bool MongooseServer::IsValidBasicHttpAuthentication(const std::string& basic) const |
| 742 { | 800 { |
| 743 return registeredUsers_.find(basic) != registeredUsers_.end(); | 801 return registeredUsers_.find(basic) != registeredUsers_.end(); |
| 744 } | 802 } |