Mercurial > hg > orthanc
comparison Core/HttpServer/MongooseServer.cpp @ 410:b2c6cc90288c
reintegration from lua-scripting
author | Sebastien Jodogne <s.jodogne@gmail.com> |
---|---|
date | Fri, 03 May 2013 12:23:32 +0200 |
parents | 63f707278fc8 |
children | 26290b46056b |
comparison
equal
deleted
inserted
replaced
407:2d269089078f | 410:b2c6cc90288c |
---|---|
452 return true; | 452 return true; |
453 } | 453 } |
454 } | 454 } |
455 | 455 |
456 | 456 |
457 static std::string GetAuthenticatedUsername(const HttpHandler::Arguments& headers) | |
458 { | |
459 HttpHandler::Arguments::const_iterator auth = headers.find("authorization"); | |
460 | |
461 if (auth == headers.end()) | |
462 { | |
463 return ""; | |
464 } | |
465 | |
466 std::string s = auth->second; | |
467 if (s.substr(0, 6) != "Basic ") | |
468 { | |
469 return ""; | |
470 } | |
471 | |
472 std::string b64 = s.substr(6); | |
473 std::string decoded = Toolbox::DecodeBase64(b64); | |
474 size_t semicolons = decoded.find(':'); | |
475 | |
476 if (semicolons == std::string::npos) | |
477 { | |
478 // Bad-formatted request | |
479 return ""; | |
480 } | |
481 else | |
482 { | |
483 return decoded.substr(0, semicolons); | |
484 } | |
485 } | |
486 | |
487 | |
457 | 488 |
458 static void* Callback(enum mg_event event, | 489 static void* Callback(enum mg_event event, |
459 struct mg_connection *connection, | 490 struct mg_connection *connection, |
460 const struct mg_request_info *request) | 491 const struct mg_request_info *request) |
461 { | 492 { |
508 if (that->IsAuthenticationEnabled() && | 539 if (that->IsAuthenticationEnabled() && |
509 !Authorize(*that, headers, output)) | 540 !Authorize(*that, headers, output)) |
510 { | 541 { |
511 return (void*) ""; | 542 return (void*) ""; |
512 } | 543 } |
544 | |
545 | |
546 // Apply the filter, if it is installed | |
547 const IIncomingHttpRequestFilter *filter = that->GetIncomingHttpRequestFilter(); | |
548 if (filter != NULL) | |
549 { | |
550 std::string username = GetAuthenticatedUsername(headers); | |
551 | |
552 char remoteIp[24]; | |
553 sprintf(remoteIp, "%d.%d.%d.%d", | |
554 reinterpret_cast<const uint8_t*>(&request->remote_ip) [3], | |
555 reinterpret_cast<const uint8_t*>(&request->remote_ip) [2], | |
556 reinterpret_cast<const uint8_t*>(&request->remote_ip) [1], | |
557 reinterpret_cast<const uint8_t*>(&request->remote_ip) [0]); | |
558 | |
559 if (!filter->IsAllowed(method, request->uri, remoteIp, username.c_str())) | |
560 { | |
561 SendUnauthorized(output); | |
562 return (void*) ""; | |
563 } | |
564 } | |
565 | |
513 | 566 |
514 std::string postData; | 567 std::string postData; |
515 | 568 |
516 if (method == Orthanc_HttpMethod_Get) | 569 if (method == Orthanc_HttpMethod_Get) |
517 { | 570 { |
735 { | 788 { |
736 Stop(); | 789 Stop(); |
737 remoteAllowed_ = allowed; | 790 remoteAllowed_ = allowed; |
738 } | 791 } |
739 | 792 |
793 void MongooseServer::SetIncomingHttpRequestFilter(IIncomingHttpRequestFilter& filter) | |
794 { | |
795 Stop(); | |
796 filter_ = &filter; | |
797 } | |
740 | 798 |
741 bool MongooseServer::IsValidBasicHttpAuthentication(const std::string& basic) const | 799 bool MongooseServer::IsValidBasicHttpAuthentication(const std::string& basic) const |
742 { | 800 { |
743 return registeredUsers_.find(basic) != registeredUsers_.end(); | 801 return registeredUsers_.find(basic) != registeredUsers_.end(); |
744 } | 802 } |