Mercurial > hg > orthanc
comparison Core/HttpServer/MongooseServer.cpp @ 25:dd1489098265
basic http authentication
author | Sebastien Jodogne <s.jodogne@gmail.com> |
---|---|
date | Tue, 28 Aug 2012 11:20:49 +0200 |
parents | 166664f0f860 |
children | 96e57b863dd9 |
comparison
equal
deleted
inserted
replaced
24:166664f0f860 | 25:dd1489098265 |
---|---|
34 #include "../PalantirException.h" | 34 #include "../PalantirException.h" |
35 #include "../ChunkedBuffer.h" | 35 #include "../ChunkedBuffer.h" |
36 #include "mongoose.h" | 36 #include "mongoose.h" |
37 | 37 |
38 | 38 |
39 #define PALANTIR_REALM "Palantir Secure Area" | |
40 | |
41 | |
39 namespace Palantir | 42 namespace Palantir |
40 { | 43 { |
41 static const char multipart[] = "multipart/form-data; boundary="; | 44 static const char multipart[] = "multipart/form-data; boundary="; |
42 static unsigned int multipartLength = sizeof(multipart) / sizeof(char) - 1; | 45 static unsigned int multipartLength = sizeof(multipart) / sizeof(char) - 1; |
43 | 46 |
392 | 395 |
393 return PostDataStatus_Pending; | 396 return PostDataStatus_Pending; |
394 } | 397 } |
395 | 398 |
396 | 399 |
397 static bool Authorize(MongooseServer& that, | 400 static bool Authorize(const MongooseServer& that, |
398 HttpOutput& output, | 401 const HttpHandler::Arguments& headers, |
399 struct mg_connection *connection, | 402 HttpOutput& output) |
400 const struct mg_request_info *request) | 403 { |
401 { | 404 bool granted = false; |
402 /*std::string s = "HTTP/1.0 401 Unauthorized\r\n" | 405 |
403 "WWW-Authenticate: Digest realm=\"www.palanthir.com\",qop=\"auth\",nonce=\"dcd98b7102dd2f0e8b11d0f600bfb0c093\"" | 406 HttpHandler::Arguments::const_iterator auth = headers.find("authorization"); |
404 "\r\n\r\n"; | 407 if (auth != headers.end()) |
405 output.Send(&s[0], s.size()); | 408 { |
406 | 409 std::string s = auth->second; |
407 return false;*/ | 410 if (s.substr(0, 6) == "Basic ") |
408 | 411 { |
409 return true; | 412 std::string b64 = s.substr(6); |
413 granted = that.IsValidBasicHttpAuthentication(b64); | |
414 } | |
415 } | |
416 | |
417 if (!granted) | |
418 { | |
419 std::string s = "HTTP/1.1 401 Unauthorized\r\n" | |
420 "WWW-Authenticate: Basic realm=\"" PALANTIR_REALM "\"" | |
421 "\r\n\r\n"; | |
422 output.Send(&s[0], s.size()); | |
423 return false; | |
424 } | |
425 else | |
426 { | |
427 return true; | |
428 } | |
410 } | 429 } |
411 | 430 |
412 | 431 |
413 | 432 |
414 static void* Callback(enum mg_event event, | 433 static void* Callback(enum mg_event event, |
427 std::string name = request->http_headers[i].name; | 446 std::string name = request->http_headers[i].name; |
428 std::transform(name.begin(), name.end(), name.begin(), ::tolower); | 447 std::transform(name.begin(), name.end(), name.begin(), ::tolower); |
429 headers.insert(std::make_pair(name, request->http_headers[i].value)); | 448 headers.insert(std::make_pair(name, request->http_headers[i].value)); |
430 } | 449 } |
431 | 450 |
432 printf("=========================\n"); | |
433 printf(" URI: [%s]\n", request->uri); | |
434 for (HttpHandler::Arguments::const_iterator i = headers.begin(); i != headers.end(); i++) | |
435 { | |
436 printf("[%s] = [%s]\n", i->first.c_str(), i->second.c_str()); | |
437 } | |
438 | |
439 // Authenticate this connection | 451 // Authenticate this connection |
440 if (!Authorize(*that, c, connection, request)) | 452 if (that->IsAuthenticationEnabled() && |
453 !Authorize(*that, headers, c)) | |
441 { | 454 { |
442 return (void*) ""; | 455 return (void*) ""; |
443 } | 456 } |
444 | 457 |
445 std::string postData; | 458 std::string postData; |
528 | 541 |
529 | 542 |
530 MongooseServer::MongooseServer() : pimpl_(new PImpl) | 543 MongooseServer::MongooseServer() : pimpl_(new PImpl) |
531 { | 544 { |
532 pimpl_->context_ = NULL; | 545 pimpl_->context_ = NULL; |
546 authentication_ = false; | |
533 ssl_ = false; | 547 ssl_ = false; |
534 port_ = 8000; | 548 port_ = 8000; |
535 } | 549 } |
536 | 550 |
537 | 551 |
602 delete *it; | 616 delete *it; |
603 } | 617 } |
604 } | 618 } |
605 | 619 |
606 | 620 |
621 void MongooseServer::ClearUsers() | |
622 { | |
623 Stop(); | |
624 registeredUsers_.clear(); | |
625 } | |
626 | |
627 | |
607 void MongooseServer::RegisterUser(const char* username, | 628 void MongooseServer::RegisterUser(const char* username, |
608 const char* password) | 629 const char* password) |
609 { | 630 { |
610 Stop(); | 631 Stop(); |
611 | 632 |
618 Stop(); | 639 Stop(); |
619 | 640 |
620 #if PALANTIR_SSL_ENABLED == 0 | 641 #if PALANTIR_SSL_ENABLED == 0 |
621 if (enabled) | 642 if (enabled) |
622 { | 643 { |
623 throw PalantirException("Palantir has been build without SSL support"); | 644 throw PalantirException("Palantir has been built without SSL support"); |
624 } | 645 } |
625 else | 646 else |
626 { | 647 { |
627 ssl_ = false; | 648 ssl_ = false; |
628 } | 649 } |
629 #else | 650 #else |
630 ssl_ = enabled; | 651 ssl_ = enabled; |
631 #endif | 652 #endif |
632 } | 653 } |
633 | 654 |
655 void MongooseServer::SetAuthenticationEnabled(bool enabled) | |
656 { | |
657 Stop(); | |
658 authentication_ = enabled; | |
659 } | |
660 | |
634 void MongooseServer::SetSslCertificate(const char* path) | 661 void MongooseServer::SetSslCertificate(const char* path) |
635 { | 662 { |
636 Stop(); | 663 Stop(); |
637 certificate_ = path; | 664 certificate_ = path; |
638 } | 665 } |
666 | |
667 bool MongooseServer::IsValidBasicHttpAuthentication(const std::string& basic) const | |
668 { | |
669 return registeredUsers_.find(basic) != registeredUsers_.end(); | |
670 } | |
639 } | 671 } |