commit c2414ffc9adc80beb62b65a36349bb8de9741476
parent bb0addb5872b2fbfbcb8722305afb7c64f8cc501
Author: Evgeny Grin (Karlson2k) <k2k@narod.ru>
Date: Mon, 13 Jun 2022 12:15:50 +0300
Updated examples to use new API for Basic Authorization
Diffstat:
3 files changed, 65 insertions(+), 125 deletions(-)
diff --git a/doc/examples/basicauthentication.c b/doc/examples/basicauthentication.c
@@ -23,9 +23,7 @@ answer_to_connection (void *cls, struct MHD_Connection *connection,
const char *version, const char *upload_data,
size_t *upload_data_size, void **req_cls)
{
- char *user;
- char *pass;
- int fail;
+ struct MHD_BasicAuthInfo *auth_info;
enum MHD_Result ret;
struct MHD_Response *response;
(void) cls; /* Unused. Silent compiler warning. */
@@ -41,30 +39,43 @@ answer_to_connection (void *cls, struct MHD_Connection *connection,
*req_cls = connection;
return MHD_YES;
}
- pass = NULL;
- user = MHD_basic_auth_get_username_password (connection,
- &pass);
- fail = ( (NULL == user) ||
- (0 != strcmp (user, "root")) ||
- (0 != strcmp (pass, "pa$$w0rd") ) );
- if (NULL != user)
- MHD_free (user);
- if (NULL != pass)
- MHD_free (pass);
- if (fail)
+ auth_info = MHD_basic_auth_get_username_password3 (connection);
+ if (NULL == auth_info)
{
- const char *page = "<html><body>Go away.</body></html>";
+ static const char *page =
+ "<html><body>Authorization required</body></html>";
response = MHD_create_response_from_buffer_static (strlen (page), page);
- ret = MHD_queue_basic_auth_fail_response (connection,
- "my realm",
- response);
+ ret = MHD_queue_basic_auth_fail_response3 (connection,
+ "admins",
+ MHD_YES,
+ response);
+ }
+ else if ((strlen ("root") != auth_info->username_len) ||
+ (0 != memcmp (auth_info->username, "root",
+ auth_info->username_len)) ||
+ /* The next check against NULL is optional,
+ * if 'password' is NULL then 'password_len' is always zero. */
+ (NULL == auth_info->password) ||
+ (strlen ("pa$$w0rd") != auth_info->password_len) ||
+ (0 != memcmp (auth_info->password, "pa$$w0rd",
+ auth_info->password_len)))
+ {
+ static const char *page =
+ "<html><body>Wrong username or password</body></html>";
+ response = MHD_create_response_from_buffer_static (strlen (page), page);
+ ret = MHD_queue_basic_auth_fail_response3 (connection,
+ "admins",
+ MHD_YES,
+ response);
}
else
{
- const char *page = "<html><body>A secret.</body></html>";
+ static const char *page = "<html><body>A secret.</body></html>";
response = MHD_create_response_from_buffer_static (strlen (page), page);
ret = MHD_queue_response (connection, MHD_HTTP_OK, response);
}
+ if (NULL != auth_info)
+ MHD_free (auth_info);
MHD_destroy_response (response);
return ret;
}
diff --git a/doc/examples/tlsauthentication.c b/doc/examples/tlsauthentication.c
@@ -15,7 +15,7 @@
#define PORT 8888
-#define REALM "\"Maintenance\""
+#define REALM "Maintenance"
#define USER "a legitimate user"
#define PASSWORD "and his password"
@@ -23,48 +23,6 @@
#define SERVERCERTFILE "server.pem"
-static char *
-string_to_base64 (const char *message)
-{
- const char *lookup =
- "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
- unsigned long l;
- size_t i;
- size_t j;
- char *tmp;
- size_t length = strlen (message);
-
- tmp = malloc (length * 2 + 1);
- if (NULL == tmp)
- return NULL;
- j = 0;
- for (i = 0; i < length; i += 3)
- {
- l = (((unsigned long) message[i]) << 16)
- | (((i + 1) < length) ? (((unsigned long) message[i + 1]) << 8) : 0)
- | (((i + 2) < length) ? ((unsigned long) message[i + 2]) : 0);
-
-
- tmp [j++] = lookup[(l >> 18) & 0x3F];
- tmp [j++] = lookup[(l >> 12) & 0x3F];
-
- if (i + 1 < length)
- tmp [j++] = lookup[(l >> 6) & 0x3F];
- if (i + 2 < length)
- tmp [j++] = lookup[l & 0x3F];
- }
-
- if (0 != length % 3)
- tmp [j++] = '=';
- if (1 == length % 3)
- tmp [j++] = '=';
-
- tmp [j] = 0;
-
- return tmp;
-}
-
-
static size_t
get_file_size (const char *filename)
{
@@ -126,35 +84,15 @@ ask_for_authentication (struct MHD_Connection *connection, const char *realm)
{
enum MHD_Result ret;
struct MHD_Response *response;
- char *headervalue;
- size_t slen;
- const char *strbase = "Basic realm=";
response = MHD_create_response_empty (MHD_RF_NONE);
if (! response)
return MHD_NO;
- slen = strlen (strbase) + strlen (realm) + 1;
- if (NULL == (headervalue = malloc (slen)))
- return MHD_NO;
- snprintf (headervalue,
- slen,
- "%s%s",
- strbase,
- realm);
- ret = MHD_add_response_header (response,
- "WWW-Authenticate",
- headervalue);
- free (headervalue);
- if (! ret)
- {
- MHD_destroy_response (response);
- return MHD_NO;
- }
-
- ret = MHD_queue_response (connection,
- MHD_HTTP_UNAUTHORIZED,
- response);
+ ret = MHD_queue_basic_auth_fail_response3 (connection,
+ realm,
+ MHD_YES,
+ response);
MHD_destroy_response (response);
return ret;
}
@@ -165,37 +103,23 @@ is_authenticated (struct MHD_Connection *connection,
const char *username,
const char *password)
{
- const char *headervalue;
- char *expected_b64;
- char *expected;
- const char *strbase = "Basic ";
+ struct MHD_BasicAuthInfo *auth_info;
int authenticated;
- size_t slen;
- headervalue =
- MHD_lookup_connection_value (connection, MHD_HEADER_KIND,
- "Authorization");
- if (NULL == headervalue)
- return 0;
- if (0 != strncmp (headervalue, strbase, strlen (strbase)))
+ auth_info = MHD_basic_auth_get_username_password3 (connection);
+ if (NULL == auth_info)
return 0;
+ authenticated =
+ ( (strlen (username) == auth_info->username_len) &&
+ (0 == memcmp (auth_info->username, username, auth_info->username_len)) &&
+ /* The next check against NULL is optional,
+ * if 'password' is NULL then 'password_len' is always zero. */
+ (NULL != auth_info->password) &&
+ (strlen (password) == auth_info->password_len) &&
+ (0 == memcmp (auth_info->password, password, auth_info->password_len)) );
- slen = strlen (username) + 1 + strlen (password) + 1;
- if (NULL == (expected = malloc (slen)))
- return 0;
- snprintf (expected,
- slen,
- "%s:%s",
- username,
- password);
- expected_b64 = string_to_base64 (expected);
- free (expected);
- if (NULL == expected_b64)
- return 0;
+ MHD_free (auth_info);
- authenticated =
- (strcmp (headervalue + strlen (strbase), expected_b64) == 0);
- free (expected_b64);
return authenticated;
}
diff --git a/src/examples/authorization_example.c b/src/examples/authorization_example.c
@@ -52,8 +52,7 @@ ahc_echo (void *cls,
static int aptr;
struct MHD_Response *response;
enum MHD_Result ret;
- char *user;
- char *pass;
+ struct MHD_BasicAuthInfo *auth_info;
int fail;
(void) cls; /* Unused. Silent compiler warning. */
(void) url; /* Unused. Silent compiler warning. */
@@ -72,18 +71,26 @@ ahc_echo (void *cls,
*req_cls = NULL; /* reset when done */
/* require: "Aladdin" with password "open sesame" */
- pass = NULL;
- user = MHD_basic_auth_get_username_password (connection,
- &pass);
- fail = ( (NULL == user) ||
- (0 != strcmp (user, "Aladdin")) ||
- (0 != strcmp (pass, "open sesame") ) );
+ auth_info = MHD_basic_auth_get_username_password3 (connection);
+ fail = ( (NULL == auth_info) ||
+ (strlen ("Aladdin") != auth_info->username_len) ||
+ (0 != memcmp (auth_info->username, "Aladdin",
+ auth_info->username_len)) ||
+ /* The next check against NULL is optional,
+ * if 'password' is NULL then 'password_len' is always zero. */
+ (NULL == auth_info->password) ||
+ (strlen ("open sesame") != auth_info->password_len) ||
+ (0 != memcmp (auth_info->password, "open sesame",
+ auth_info->password_len)) );
if (fail)
{
response =
MHD_create_response_from_buffer_static (strlen (DENIED),
(const void *) DENIED);
- ret = MHD_queue_basic_auth_fail_response (connection,"TestRealm",response);
+ ret = MHD_queue_basic_auth_fail_response3 (connection,
+ "TestRealm",
+ MHD_NO,
+ response);
}
else
{
@@ -92,10 +99,8 @@ ahc_echo (void *cls,
(const void *) PAGE);
ret = MHD_queue_response (connection, MHD_HTTP_OK, response);
}
- if (NULL != user)
- MHD_free (user);
- if (NULL != pass)
- MHD_free (pass);
+ if (NULL != auth_info)
+ MHD_free (auth_info);
MHD_destroy_response (response);
return ret;
}
