summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJose Bollo <jose.bollo@iot.bzh>2019-10-23 14:08:12 +0200
committerJose Bollo <jose.bollo@iot.bzh>2019-11-20 09:30:07 +0100
commit1b240e6b92eb3762594312cc603180ae5ce77f72 (patch)
tree721a04a7b312551ab8401ccaeddf08b17673fa85
parentff5446ec917b5f50333f2bee17ccfdf20eb99fac (diff)
afb-hreq: Handle HTTP header Authorization
Allows the client to pass its authorization token using the standard RFC 6750 method. Bug-AGL: SPEC-2968 Change-Id: Ie9428f4b63554af121b091282ae2c126b4d0c020 Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
-rw-r--r--src/afb-hreq.c49
1 files changed, 38 insertions, 11 deletions
diff --git a/src/afb-hreq.c b/src/afb-hreq.c
index a2df4b13..462f7ad5 100644
--- a/src/afb-hreq.c
+++ b/src/afb-hreq.c
@@ -20,6 +20,7 @@
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
+#include <ctype.h>
#include <assert.h>
#include <errno.h>
#include <fcntl.h>
@@ -735,6 +736,24 @@ const char *afb_hreq_get_header(struct afb_hreq *hreq, const char *name)
return MHD_lookup_connection_value(hreq->connection, MHD_HEADER_KIND, name);
}
+const char *afb_hreq_get_authorization_bearer(struct afb_hreq *hreq)
+{
+ static const char bearer[] = "Bearer";
+ const char *value = afb_hreq_get_header(hreq, MHD_HTTP_HEADER_AUTHORIZATION);
+ if (value) {
+ if (strncasecmp(value, bearer, sizeof bearer - 1) == 0) {
+ value += sizeof bearer - 1;
+ if (isblank(*value++)) {
+ while (isblank(*value))
+ value++;
+ if (*value)
+ return value;
+ }
+ }
+ }
+ return NULL;
+}
+
int afb_hreq_post_add(struct afb_hreq *hreq, const char *key, const char *data, size_t size)
{
void *p;
@@ -948,19 +967,27 @@ int afb_hreq_init_context(struct afb_hreq *hreq)
if (hreq->xreq.context.session != NULL)
return 0;
+ /* get the uuid of the session */
uuid = afb_hreq_get_header(hreq, long_key_for_uuid);
- if (uuid == NULL)
+ if (uuid == NULL) {
uuid = afb_hreq_get_argument(hreq, long_key_for_uuid);
- if (uuid == NULL)
- uuid = afb_hreq_get_cookie(hreq, cookie_name);
- if (uuid == NULL)
- uuid = afb_hreq_get_argument(hreq, short_key_for_uuid);
-
- token = afb_hreq_get_header(hreq, long_key_for_token);
- if (token == NULL)
- token = afb_hreq_get_argument(hreq, long_key_for_token);
- if (token == NULL)
- token = afb_hreq_get_argument(hreq, short_key_for_token);
+ if (uuid == NULL) {
+ uuid = afb_hreq_get_cookie(hreq, cookie_name);
+ if (uuid == NULL)
+ uuid = afb_hreq_get_argument(hreq, short_key_for_uuid);
+ }
+ }
+
+ /* get the authorisation token */
+ token = afb_hreq_get_authorization_bearer(hreq);
+ if (token == NULL) {
+ token = afb_hreq_get_header(hreq, long_key_for_token);
+ if (token == NULL) {
+ token = afb_hreq_get_argument(hreq, long_key_for_token);
+ if (token == NULL)
+ token = afb_hreq_get_argument(hreq, short_key_for_token);
+ }
+ }
return afb_context_connect(&hreq->xreq.context, uuid, token);
}