summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJosé Bollo <jose.bollo@iot.bzh>2019-11-21 15:31:32 +0100
committerJose Bollo <jose.bollo@iot.bzh>2019-11-25 11:48:31 +0100
commite6908a2ee7b645517c062f2fd0419fcb3f4f976e (patch)
tree500c9660009adc9693137a3d3ad2e0bf62c98074
parent9a623c3aa32ec0fbf9682f37a990abd00f38da60 (diff)
afb-hreq: Handle access_token query parameter
As specified by OAuth2 protocols, the access token can be passed as a POST/GET parameter of name 'access_token'. Bug-AGL: SPEC-2968 Signed-off-by: José Bollo <jose.bollo@iot.bzh> Change-Id: I0e02e6fd0d53dad6de994d4482350fe42ecfce48
-rw-r--r--src/afb-hreq.c19
-rw-r--r--test/AFB.js5
-rw-r--r--test/monitoring/AFB.js13
3 files changed, 24 insertions, 13 deletions
diff --git a/src/afb-hreq.c b/src/afb-hreq.c
index 462f7ad5..6440a8cd 100644
--- a/src/afb-hreq.c
+++ b/src/afb-hreq.c
@@ -61,6 +61,9 @@ static const char short_key_for_token[] = "token";
static const char long_key_for_reqid[] = "x-afb-reqid";
static const char short_key_for_reqid[] = "reqid";
+static const char key_for_bearer[] = "Bearer";
+static const char key_for_access_token[] = "access_token";
+
static char *cookie_name = NULL;
static char *cookie_setter = NULL;
static char *tmp_pattern = NULL;
@@ -738,11 +741,10 @@ const char *afb_hreq_get_header(struct afb_hreq *hreq, const char *name)
const char *afb_hreq_get_authorization_bearer(struct afb_hreq *hreq)
{
- static const char bearer[] = "Bearer";
const char *value = afb_hreq_get_header(hreq, MHD_HTTP_HEADER_AUTHORIZATION);
if (value) {
- if (strncasecmp(value, bearer, sizeof bearer - 1) == 0) {
- value += sizeof bearer - 1;
+ if (strncasecmp(value, key_for_bearer, sizeof key_for_bearer - 1) == 0) {
+ value += sizeof key_for_bearer - 1;
if (isblank(*value++)) {
while (isblank(*value))
value++;
@@ -981,11 +983,14 @@ int afb_hreq_init_context(struct afb_hreq *hreq)
/* get the authorisation token */
token = afb_hreq_get_authorization_bearer(hreq);
if (token == NULL) {
- token = afb_hreq_get_header(hreq, long_key_for_token);
+ token = afb_hreq_get_argument(hreq, key_for_access_token);
if (token == NULL) {
- token = afb_hreq_get_argument(hreq, long_key_for_token);
- if (token == NULL)
- token = afb_hreq_get_argument(hreq, short_key_for_token);
+ token = afb_hreq_get_header(hreq, long_key_for_token);
+ if (token == NULL) {
+ token = afb_hreq_get_argument(hreq, long_key_for_token);
+ if (token == NULL)
+ token = afb_hreq_get_argument(hreq, short_key_for_token);
+ }
}
}
diff --git a/test/AFB.js b/test/AFB.js
index 4c500b99..953fe96a 100644
--- a/test/AFB.js
+++ b/test/AFB.js
@@ -21,7 +21,10 @@ if (typeof base != "object")
var initial = {
base: base.base || "api",
- token: initialtoken || base.token || URLSearchParams(window.location.search).get('token') || "HELLO",
+ token: initialtoken || base.token
+ || URLSearchParams(window.location.search).get('access_token')
+ || URLSearchParams(window.location.search).get('token')
+ || "HELLO",
host: base.host || window.location.host,
url: base.url || undefined
};
diff --git a/test/monitoring/AFB.js b/test/monitoring/AFB.js
index c80f6517..953fe96a 100644
--- a/test/monitoring/AFB.js
+++ b/test/monitoring/AFB.js
@@ -21,7 +21,10 @@ if (typeof base != "object")
var initial = {
base: base.base || "api",
- token: base.token || initialtoken || "HELLO",
+ token: initialtoken || base.token
+ || URLSearchParams(window.location.search).get('access_token')
+ || URLSearchParams(window.location.search).get('token')
+ || "HELLO",
host: base.host || window.location.host,
url: base.url || undefined
};
@@ -92,7 +95,7 @@ var AFB_websocket;
if (f) {
delete this.onopen;
delete this.onabort;
- f && f(this);
+ f(this);
}
this.onerror && this.onerror(this);
}
@@ -151,14 +154,14 @@ var AFB_websocket;
switch (code) {
case RETOK:
reply(this.pendings, id, ans, 0);
- break;
+ break;
case RETERR:
reply(this.pendings, id, ans, 1);
- break;
+ break;
case EVENT:
default:
fire(this.awaitens, id, ans);
- break;
+ break;
}
}