Updated examples to use new API for Basic Authorization

2 files changed, 47 insertions, 112 deletions

diff --git a/doc/examples/basicauthentication.c b/doc/examples/basicauthentication.c
index d75ba636..6e1493a3 100644
--- a/doc/examples/basicauthentication.c
+++ b/doc/examples/basicauthentication.c
@@ -23,9 +23,7 @@ answer_to_connection (void *cls, struct MHD_Connection *connection,
                       const char *version, const char *upload_data,
                       size_t *upload_data_size, void **req_cls)
 {
-  char *user;
-  char *pass;
-  int fail;
+  struct MHD_BasicAuthInfo *auth_info;
   enum MHD_Result ret;
   struct MHD_Response *response;
   (void) cls;               /* Unused. Silent compiler warning. */
@@ -41,30 +39,43 @@ answer_to_connection (void *cls, struct MHD_Connection *connection,
     *req_cls = connection;
     return MHD_YES;
   }
-  pass = NULL;
-  user = MHD_basic_auth_get_username_password (connection,
-                                               &pass);
-  fail = ( (NULL == user) ||
-           (0 != strcmp (user, "root")) ||
-           (0 != strcmp (pass, "pa$$w0rd") ) );
-  if (NULL != user)
-    MHD_free (user);
-  if (NULL != pass)
-    MHD_free (pass);
-  if (fail)
+  auth_info = MHD_basic_auth_get_username_password3 (connection);
+  if (NULL == auth_info)
   {
-    const char *page = "<html><body>Go away.</body></html>";
+    static const char *page =
+      "<html><body>Authorization required</body></html>";
     response = MHD_create_response_from_buffer_static (strlen (page), page);
-    ret = MHD_queue_basic_auth_fail_response (connection,
-                                              "my realm",
-                                              response);
+    ret = MHD_queue_basic_auth_fail_response3 (connection,
+                                               "admins",
+                                               MHD_YES,
+                                               response);
+  }
+  else if ((strlen ("root") != auth_info->username_len) ||
+           (0 != memcmp (auth_info->username, "root",
+                         auth_info->username_len)) ||
+           /* The next check against NULL is optional,
+            * if 'password' is NULL then 'password_len' is always zero. */
+           (NULL == auth_info->password) ||
+           (strlen ("pa$$w0rd") != auth_info->password_len) ||
+           (0 != memcmp (auth_info->password, "pa$$w0rd",
+                         auth_info->password_len)))
+  {
+    static const char *page =
+      "<html><body>Wrong username or password</body></html>";
+    response = MHD_create_response_from_buffer_static (strlen (page), page);
+    ret = MHD_queue_basic_auth_fail_response3 (connection,
+                                               "admins",
+                                               MHD_YES,
+                                               response);
   }
   else
   {
-    const char *page = "<html><body>A secret.</body></html>";
+    static const char *page = "<html><body>A secret.</body></html>";
     response = MHD_create_response_from_buffer_static (strlen (page), page);
     ret = MHD_queue_response (connection, MHD_HTTP_OK, response);
   }
+  if (NULL != auth_info)
+    MHD_free (auth_info);
   MHD_destroy_response (response);
   return ret;
 }
diff --git a/doc/examples/tlsauthentication.c b/doc/examples/tlsauthentication.c
index 65d9d8db..0cd6c4e6 100644
--- a/doc/examples/tlsauthentication.c
+++ b/doc/examples/tlsauthentication.c
@@ -15,7 +15,7 @@
 
 #define PORT 8888
 
-#define REALM     "\"Maintenance\""
+#define REALM     "Maintenance"
 #define USER      "a legitimate user"
 #define PASSWORD  "and his password"
 
@@ -23,48 +23,6 @@
 #define SERVERCERTFILE "server.pem"
 
 
-static char *
-string_to_base64 (const char *message)
-{
-  const char *lookup =
-    "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
-  unsigned long l;
-  size_t i;
-  size_t j;
-  char *tmp;
-  size_t length = strlen (message);
-
-  tmp = malloc (length * 2 + 1);
-  if (NULL == tmp)
-    return NULL;
-  j = 0;
-  for (i = 0; i < length; i += 3)
-  {
-    l = (((unsigned long) message[i]) << 16)
-        | (((i + 1) < length) ? (((unsigned long) message[i + 1]) << 8) : 0)
-        | (((i + 2) < length) ? ((unsigned long) message[i + 2]) : 0);
-
-
-    tmp [j++] = lookup[(l >> 18) & 0x3F];
-    tmp [j++] = lookup[(l >> 12) & 0x3F];
-
-    if (i + 1 < length)
-      tmp [j++] = lookup[(l >> 6) & 0x3F];
-    if (i + 2 < length)
-      tmp [j++] = lookup[l & 0x3F];
-  }
-
-  if (0 != length % 3)
-    tmp [j++] = '=';
-  if (1 == length % 3)
-    tmp [j++] = '=';
-
-  tmp [j] = 0;
-
-  return tmp;
-}
-
-
 static size_t
 get_file_size (const char *filename)
 {
@@ -126,35 +84,15 @@ ask_for_authentication (struct MHD_Connection *connection, const char *realm)
 {
   enum MHD_Result ret;
   struct MHD_Response *response;
-  char *headervalue;
-  size_t slen;
-  const char *strbase = "Basic realm=";
 
   response = MHD_create_response_empty (MHD_RF_NONE);
   if (! response)
     return MHD_NO;
 
-  slen = strlen (strbase) + strlen (realm) + 1;
-  if (NULL == (headervalue = malloc (slen)))
-    return MHD_NO;
-  snprintf (headervalue,
-            slen,
-            "%s%s",
-            strbase,
-            realm);
-  ret = MHD_add_response_header (response,
-                                 "WWW-Authenticate",
-                                 headervalue);
-  free (headervalue);
-  if (! ret)
-  {
-    MHD_destroy_response (response);
-    return MHD_NO;
-  }
-
-  ret = MHD_queue_response (connection,
-                            MHD_HTTP_UNAUTHORIZED,
-                            response);
+  ret = MHD_queue_basic_auth_fail_response3 (connection,
+                                             realm,
+                                             MHD_YES,
+                                             response);
   MHD_destroy_response (response);
   return ret;
 }
@@ -165,37 +103,23 @@ is_authenticated (struct MHD_Connection *connection,
                   const char *username,
                   const char *password)
 {
-  const char *headervalue;
-  char *expected_b64;
-  char *expected;
-  const char *strbase = "Basic ";
+  struct MHD_BasicAuthInfo *auth_info;
   int authenticated;
-  size_t slen;
 
-  headervalue =
-    MHD_lookup_connection_value (connection, MHD_HEADER_KIND,
-                                 "Authorization");
-  if (NULL == headervalue)
-    return 0;
-  if (0 != strncmp (headervalue, strbase, strlen (strbase)))
+  auth_info = MHD_basic_auth_get_username_password3 (connection);
+  if (NULL == auth_info)
     return 0;
+  authenticated =
+    ( (strlen (username) == auth_info->username_len) &&
+      (0 == memcmp (auth_info->username, username, auth_info->username_len)) &&
+      /* The next check against NULL is optional,
+       * if 'password' is NULL then 'password_len' is always zero. */
+      (NULL != auth_info->password) &&
+      (strlen (password) == auth_info->password_len) &&
+      (0 == memcmp (auth_info->password, password, auth_info->password_len)) );
 
-  slen = strlen (username) + 1 + strlen (password) + 1;
-  if (NULL == (expected = malloc (slen)))
-    return 0;
-  snprintf (expected,
-            slen,
-            "%s:%s",
-            username,
-            password);
-  expected_b64 = string_to_base64 (expected);
-  free (expected);
-  if (NULL == expected_b64)
-    return 0;
+  MHD_free (auth_info);
 
-  authenticated =
-    (strcmp (headervalue + strlen (strbase), expected_b64) == 0);
-  free (expected_b64);
   return authenticated;
 }