Mercurial > hg > orthanc
comparison Core/HttpServer/MongooseServer.cpp @ 25:dd1489098265
basic http authentication
| author | Sebastien Jodogne <s.jodogne@gmail.com> |
|---|---|
| date | Tue, 28 Aug 2012 11:20:49 +0200 |
| parents | 166664f0f860 |
| children | 96e57b863dd9 |
comparison
equal
deleted
inserted
replaced
| 24:166664f0f860 | 25:dd1489098265 |
|---|---|
| 34 #include "../PalantirException.h" | 34 #include "../PalantirException.h" |
| 35 #include "../ChunkedBuffer.h" | 35 #include "../ChunkedBuffer.h" |
| 36 #include "mongoose.h" | 36 #include "mongoose.h" |
| 37 | 37 |
| 38 | 38 |
| 39 #define PALANTIR_REALM "Palantir Secure Area" | |
| 40 | |
| 41 | |
| 39 namespace Palantir | 42 namespace Palantir |
| 40 { | 43 { |
| 41 static const char multipart[] = "multipart/form-data; boundary="; | 44 static const char multipart[] = "multipart/form-data; boundary="; |
| 42 static unsigned int multipartLength = sizeof(multipart) / sizeof(char) - 1; | 45 static unsigned int multipartLength = sizeof(multipart) / sizeof(char) - 1; |
| 43 | 46 |
| 392 | 395 |
| 393 return PostDataStatus_Pending; | 396 return PostDataStatus_Pending; |
| 394 } | 397 } |
| 395 | 398 |
| 396 | 399 |
| 397 static bool Authorize(MongooseServer& that, | 400 static bool Authorize(const MongooseServer& that, |
| 398 HttpOutput& output, | 401 const HttpHandler::Arguments& headers, |
| 399 struct mg_connection *connection, | 402 HttpOutput& output) |
| 400 const struct mg_request_info *request) | 403 { |
| 401 { | 404 bool granted = false; |
| 402 /*std::string s = "HTTP/1.0 401 Unauthorized\r\n" | 405 |
| 403 "WWW-Authenticate: Digest realm=\"www.palanthir.com\",qop=\"auth\",nonce=\"dcd98b7102dd2f0e8b11d0f600bfb0c093\"" | 406 HttpHandler::Arguments::const_iterator auth = headers.find("authorization"); |
| 404 "\r\n\r\n"; | 407 if (auth != headers.end()) |
| 405 output.Send(&s[0], s.size()); | 408 { |
| 406 | 409 std::string s = auth->second; |
| 407 return false;*/ | 410 if (s.substr(0, 6) == "Basic ") |
| 408 | 411 { |
| 409 return true; | 412 std::string b64 = s.substr(6); |
| 413 granted = that.IsValidBasicHttpAuthentication(b64); | |
| 414 } | |
| 415 } | |
| 416 | |
| 417 if (!granted) | |
| 418 { | |
| 419 std::string s = "HTTP/1.1 401 Unauthorized\r\n" | |
| 420 "WWW-Authenticate: Basic realm=\"" PALANTIR_REALM "\"" | |
| 421 "\r\n\r\n"; | |
| 422 output.Send(&s[0], s.size()); | |
| 423 return false; | |
| 424 } | |
| 425 else | |
| 426 { | |
| 427 return true; | |
| 428 } | |
| 410 } | 429 } |
| 411 | 430 |
| 412 | 431 |
| 413 | 432 |
| 414 static void* Callback(enum mg_event event, | 433 static void* Callback(enum mg_event event, |
| 427 std::string name = request->http_headers[i].name; | 446 std::string name = request->http_headers[i].name; |
| 428 std::transform(name.begin(), name.end(), name.begin(), ::tolower); | 447 std::transform(name.begin(), name.end(), name.begin(), ::tolower); |
| 429 headers.insert(std::make_pair(name, request->http_headers[i].value)); | 448 headers.insert(std::make_pair(name, request->http_headers[i].value)); |
| 430 } | 449 } |
| 431 | 450 |
| 432 printf("=========================\n"); | |
| 433 printf(" URI: [%s]\n", request->uri); | |
| 434 for (HttpHandler::Arguments::const_iterator i = headers.begin(); i != headers.end(); i++) | |
| 435 { | |
| 436 printf("[%s] = [%s]\n", i->first.c_str(), i->second.c_str()); | |
| 437 } | |
| 438 | |
| 439 // Authenticate this connection | 451 // Authenticate this connection |
| 440 if (!Authorize(*that, c, connection, request)) | 452 if (that->IsAuthenticationEnabled() && |
| 453 !Authorize(*that, headers, c)) | |
| 441 { | 454 { |
| 442 return (void*) ""; | 455 return (void*) ""; |
| 443 } | 456 } |
| 444 | 457 |
| 445 std::string postData; | 458 std::string postData; |
| 528 | 541 |
| 529 | 542 |
| 530 MongooseServer::MongooseServer() : pimpl_(new PImpl) | 543 MongooseServer::MongooseServer() : pimpl_(new PImpl) |
| 531 { | 544 { |
| 532 pimpl_->context_ = NULL; | 545 pimpl_->context_ = NULL; |
| 546 authentication_ = false; | |
| 533 ssl_ = false; | 547 ssl_ = false; |
| 534 port_ = 8000; | 548 port_ = 8000; |
| 535 } | 549 } |
| 536 | 550 |
| 537 | 551 |
| 602 delete *it; | 616 delete *it; |
| 603 } | 617 } |
| 604 } | 618 } |
| 605 | 619 |
| 606 | 620 |
| 621 void MongooseServer::ClearUsers() | |
| 622 { | |
| 623 Stop(); | |
| 624 registeredUsers_.clear(); | |
| 625 } | |
| 626 | |
| 627 | |
| 607 void MongooseServer::RegisterUser(const char* username, | 628 void MongooseServer::RegisterUser(const char* username, |
| 608 const char* password) | 629 const char* password) |
| 609 { | 630 { |
| 610 Stop(); | 631 Stop(); |
| 611 | 632 |
| 618 Stop(); | 639 Stop(); |
| 619 | 640 |
| 620 #if PALANTIR_SSL_ENABLED == 0 | 641 #if PALANTIR_SSL_ENABLED == 0 |
| 621 if (enabled) | 642 if (enabled) |
| 622 { | 643 { |
| 623 throw PalantirException("Palantir has been build without SSL support"); | 644 throw PalantirException("Palantir has been built without SSL support"); |
| 624 } | 645 } |
| 625 else | 646 else |
| 626 { | 647 { |
| 627 ssl_ = false; | 648 ssl_ = false; |
| 628 } | 649 } |
| 629 #else | 650 #else |
| 630 ssl_ = enabled; | 651 ssl_ = enabled; |
| 631 #endif | 652 #endif |
| 632 } | 653 } |
| 633 | 654 |
| 655 void MongooseServer::SetAuthenticationEnabled(bool enabled) | |
| 656 { | |
| 657 Stop(); | |
| 658 authentication_ = enabled; | |
| 659 } | |
| 660 | |
| 634 void MongooseServer::SetSslCertificate(const char* path) | 661 void MongooseServer::SetSslCertificate(const char* path) |
| 635 { | 662 { |
| 636 Stop(); | 663 Stop(); |
| 637 certificate_ = path; | 664 certificate_ = path; |
| 638 } | 665 } |
| 666 | |
| 667 bool MongooseServer::IsValidBasicHttpAuthentication(const std::string& basic) const | |
| 668 { | |
| 669 return registeredUsers_.find(basic) != registeredUsers_.end(); | |
| 670 } | |
| 639 } | 671 } |