diff options
Diffstat (limited to 'src/microhttpd/basicauth.c')
-rw-r--r-- | src/microhttpd/basicauth.c | 136 |
1 files changed, 136 insertions, 0 deletions
diff --git a/src/microhttpd/basicauth.c b/src/microhttpd/basicauth.c new file mode 100644 index 00000000..e8a69e7d --- /dev/null +++ b/src/microhttpd/basicauth.c | |||
@@ -0,0 +1,136 @@ | |||
1 | /* | ||
2 | This file is part of libmicrohttpd | ||
3 | (C) 2010, 2011, 2012 Daniel Pittman and Christian Grothoff | ||
4 | |||
5 | This library is free software; you can redistribute it and/or | ||
6 | modify it under the terms of the GNU Lesser General Public | ||
7 | License as published by the Free Software Foundation; either | ||
8 | version 2.1 of the License, or (at your option) any later version. | ||
9 | |||
10 | This library is distributed in the hope that it will be useful, | ||
11 | but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
13 | Lesser General Public License for more details. | ||
14 | |||
15 | You should have received a copy of the GNU Lesser General Public | ||
16 | License along with this library; if not, write to the Free Software | ||
17 | Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA | ||
18 | */ | ||
19 | /** | ||
20 | * @file basicauth.c | ||
21 | * @brief Implements HTTP basic authentication methods | ||
22 | * @author Amr Ali | ||
23 | * @author Matthieu Speder | ||
24 | */ | ||
25 | #include "platform.h" | ||
26 | #include <limits.h> | ||
27 | #include "internal.h" | ||
28 | #include "base64.h" | ||
29 | |||
30 | /** | ||
31 | * Beginning string for any valid Basic authentication header. | ||
32 | */ | ||
33 | #define _BASIC_BASE "Basic " | ||
34 | |||
35 | |||
36 | /** | ||
37 | * Get the username and password from the basic authorization header sent by the client | ||
38 | * | ||
39 | * @param connection The MHD connection structure | ||
40 | * @param password a pointer for the password | ||
41 | * @return NULL if no username could be found, a pointer | ||
42 | * to the username if found | ||
43 | */ | ||
44 | char * | ||
45 | MHD_basic_auth_get_username_password(struct MHD_Connection *connection, | ||
46 | char** password) | ||
47 | { | ||
48 | const char *header; | ||
49 | char *decode; | ||
50 | const char *separator; | ||
51 | char *user; | ||
52 | |||
53 | if ( (NULL == (header = MHD_lookup_connection_value (connection, | ||
54 | MHD_HEADER_KIND, | ||
55 | MHD_HTTP_HEADER_AUTHORIZATION))) || | ||
56 | (0 != strncmp (header, _BASIC_BASE, strlen(_BASIC_BASE))) ) | ||
57 | return NULL; | ||
58 | header += strlen (_BASIC_BASE); | ||
59 | if (NULL == (decode = BASE64Decode (header))) | ||
60 | { | ||
61 | #if HAVE_MESSAGES | ||
62 | MHD_DLOG (connection->daemon, | ||
63 | "Error decoding basic authentication\n"); | ||
64 | #endif | ||
65 | return NULL; | ||
66 | } | ||
67 | /* Find user:password pattern */ | ||
68 | if (NULL == (separator = strchr (decode, ':'))) | ||
69 | { | ||
70 | #if HAVE_MESSAGES | ||
71 | MHD_DLOG(connection->daemon, | ||
72 | "Basic authentication doesn't contain ':' separator\n"); | ||
73 | #endif | ||
74 | free (decode); | ||
75 | return NULL; | ||
76 | } | ||
77 | if (NULL == (user = strdup (decode))) | ||
78 | { | ||
79 | free (decode); | ||
80 | return NULL; | ||
81 | } | ||
82 | user[separator - decode] = '\0'; /* cut off at ':' */ | ||
83 | if (NULL != password) | ||
84 | { | ||
85 | *password = strdup (separator + 1); | ||
86 | if (NULL == *password) | ||
87 | { | ||
88 | #if HAVE_MESSAGES | ||
89 | MHD_DLOG(connection->daemon, | ||
90 | "Failed to allocate memory for password\n"); | ||
91 | #endif | ||
92 | free (decode); | ||
93 | free (user); | ||
94 | return NULL; | ||
95 | } | ||
96 | } | ||
97 | free (decode); | ||
98 | return user; | ||
99 | } | ||
100 | |||
101 | |||
102 | /** | ||
103 | * Queues a response to request basic authentication from the client. | ||
104 | * The given response object is expected to include the payload for | ||
105 | * the response; the "WWW-Authenticate" header will be added and the | ||
106 | * response queued with the 'UNAUTHORIZED' status code. | ||
107 | * | ||
108 | * @param connection The MHD connection structure | ||
109 | * @param realm the realm presented to the client | ||
110 | * @param response response object to modify and queue | ||
111 | * @return MHD_YES on success, MHD_NO otherwise | ||
112 | */ | ||
113 | int | ||
114 | MHD_queue_basic_auth_fail_response (struct MHD_Connection *connection, | ||
115 | const char *realm, | ||
116 | struct MHD_Response *response) | ||
117 | { | ||
118 | int ret; | ||
119 | size_t hlen = strlen(realm) + strlen("Basic realm=\"\"") + 1; | ||
120 | char header[hlen]; | ||
121 | |||
122 | snprintf (header, | ||
123 | sizeof (header), | ||
124 | "Basic realm=\"%s\"", | ||
125 | realm); | ||
126 | ret = MHD_add_response_header (response, | ||
127 | MHD_HTTP_HEADER_WWW_AUTHENTICATE, | ||
128 | header); | ||
129 | if (MHD_YES == ret) | ||
130 | ret = MHD_queue_response (connection, | ||
131 | MHD_HTTP_UNAUTHORIZED, | ||
132 | response); | ||
133 | return ret; | ||
134 | } | ||
135 | |||
136 | /* end of basicauth.c */ | ||