diff options
author | José Bollo <jose.bollo@iot.bzh> | 2019-11-21 15:31:32 +0100 |
---|---|---|
committer | Jose Bollo <jose.bollo@iot.bzh> | 2019-11-25 11:48:31 +0100 |
commit | e6908a2ee7b645517c062f2fd0419fcb3f4f976e (patch) | |
tree | 500c9660009adc9693137a3d3ad2e0bf62c98074 /src/afb-hreq.c | |
parent | 9a623c3aa32ec0fbf9682f37a990abd00f38da60 (diff) |
afb-hreq: Handle access_token query parameter
As specified by OAuth2 protocols, the access token can be
passed as a POST/GET parameter of name 'access_token'.
Bug-AGL: SPEC-2968
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Change-Id: I0e02e6fd0d53dad6de994d4482350fe42ecfce48
Diffstat (limited to 'src/afb-hreq.c')
-rw-r--r-- | src/afb-hreq.c | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/src/afb-hreq.c b/src/afb-hreq.c index 462f7ad5..6440a8cd 100644 --- a/src/afb-hreq.c +++ b/src/afb-hreq.c @@ -61,6 +61,9 @@ static const char short_key_for_token[] = "token"; static const char long_key_for_reqid[] = "x-afb-reqid"; static const char short_key_for_reqid[] = "reqid"; +static const char key_for_bearer[] = "Bearer"; +static const char key_for_access_token[] = "access_token"; + static char *cookie_name = NULL; static char *cookie_setter = NULL; static char *tmp_pattern = NULL; @@ -738,11 +741,10 @@ const char *afb_hreq_get_header(struct afb_hreq *hreq, const char *name) const char *afb_hreq_get_authorization_bearer(struct afb_hreq *hreq) { - static const char bearer[] = "Bearer"; const char *value = afb_hreq_get_header(hreq, MHD_HTTP_HEADER_AUTHORIZATION); if (value) { - if (strncasecmp(value, bearer, sizeof bearer - 1) == 0) { - value += sizeof bearer - 1; + if (strncasecmp(value, key_for_bearer, sizeof key_for_bearer - 1) == 0) { + value += sizeof key_for_bearer - 1; if (isblank(*value++)) { while (isblank(*value)) value++; @@ -981,11 +983,14 @@ int afb_hreq_init_context(struct afb_hreq *hreq) /* get the authorisation token */ token = afb_hreq_get_authorization_bearer(hreq); if (token == NULL) { - token = afb_hreq_get_header(hreq, long_key_for_token); + token = afb_hreq_get_argument(hreq, key_for_access_token); if (token == NULL) { - token = afb_hreq_get_argument(hreq, long_key_for_token); - if (token == NULL) - token = afb_hreq_get_argument(hreq, short_key_for_token); + token = afb_hreq_get_header(hreq, long_key_for_token); + if (token == NULL) { + token = afb_hreq_get_argument(hreq, long_key_for_token); + if (token == NULL) + token = afb_hreq_get_argument(hreq, short_key_for_token); + } } } |