diff --git a/Net/include/Poco/Net/HTTPBasicCredentials.h b/Net/include/Poco/Net/HTTPBasicCredentials.h index 17be938e3..56894db8c 100644 --- a/Net/include/Poco/Net/HTTPBasicCredentials.h +++ b/Net/include/Poco/Net/HTTPBasicCredentials.h @@ -36,7 +36,7 @@ class Net_API HTTPBasicCredentials public: HTTPBasicCredentials(); /// Creates an empty HTTPBasicCredentials object. - + HTTPBasicCredentials(const std::string& username, const std::string& password); /// Creates a HTTPBasicCredentials object with the given username and password. @@ -55,18 +55,24 @@ public: ~HTTPBasicCredentials(); /// Destroys the HTTPBasicCredentials. + void clear(); + /// Clears both username and password. + void setUsername(const std::string& username); /// Sets the username. - + const std::string& getUsername() const; /// Returns the username. - + void setPassword(const std::string& password); /// Sets the password. - + const std::string& getPassword() const; /// Returns the password. - + + bool empty() const; + /// Returns true if both username and password are empty, otherwise false. + void authenticate(HTTPRequest& request) const; /// Adds authentication information to the given HTTPRequest. @@ -84,7 +90,7 @@ protected: private: HTTPBasicCredentials(const HTTPBasicCredentials&); HTTPBasicCredentials& operator = (const HTTPBasicCredentials&); - + std::string _username; std::string _password; }; @@ -105,6 +111,12 @@ inline const std::string& HTTPBasicCredentials::getPassword() const } +inline bool HTTPBasicCredentials::empty() const +{ + return _username.empty() && _password.empty(); +} + + } } // namespace Poco::Net diff --git a/Net/include/Poco/Net/HTTPCredentials.h b/Net/include/Poco/Net/HTTPCredentials.h index 8708493ce..e62b8c246 100644 --- a/Net/include/Poco/Net/HTTPCredentials.h +++ b/Net/include/Poco/Net/HTTPCredentials.h @@ -37,7 +37,7 @@ class HTTPResponse; class Net_API HTTPCredentials /// This is a utility class for working with HTTP - /// authentication (basic or digest) in HTTPRequest objects. + /// authentication (Basic or Digest) in HTTPRequest objects. /// /// Usage is as follows: /// First, create a HTTPCredentials object containing @@ -90,6 +90,9 @@ public: /// and password of the credentials object. /// Does nothing if URI has no user info part. + void clear(); + /// Clears username, password and host. + void setUsername(const std::string& username); /// Sets the username. @@ -102,6 +105,9 @@ public: const std::string& getPassword() const; /// Returns the password. + bool empty() const; + /// Returns true if both username and password are empty, otherwise false. + void authenticate(HTTPRequest& request, const HTTPResponse& response); /// Inspects WWW-Authenticate header of the response, initializes /// the internal state (in case of digest authentication) and @@ -133,16 +139,19 @@ public: /// Returns true if authentication header is for Digest authentication. static bool hasBasicCredentials(const HTTPRequest& request); - /// Returns true if Authorization with Basic credentials header is present in the request. + /// Returns true if an Authorization header with Basic credentials is present in the request. static bool hasDigestCredentials(const HTTPRequest& request); - /// Returns true if Authorization with Digest credentials header is present in the request. + /// Returns true if an Authorization header with Digest credentials is present in the request. + + static bool hasNTLMCredentials(const HTTPRequest& request); + /// Returns true if an Authorization header with NTLM credentials is present in the request. static bool hasProxyBasicCredentials(const HTTPRequest& request); - /// Returns true if Authorization with Basic credentials header is present in the request. + /// Returns true if a Proxy-Authorization header with Basic credentials is present in the request. static bool hasProxyDigestCredentials(const HTTPRequest& request); - /// Returns true if Authorization with Digest credentials header is present in the request. + /// Returns true if a Proxy-Authorization header with Digest credentials is present in the request. static void extractCredentials(const std::string& userInfo, std::string& username, std::string& password); /// Extracts username and password from user:password information string. @@ -185,6 +194,12 @@ inline const std::string& HTTPCredentials::getPassword() const } +inline bool HTTPCredentials::empty() const +{ + return _digest.empty(); +} + + } } // namespace Poco::Net diff --git a/Net/include/Poco/Net/HTTPDigestCredentials.h b/Net/include/Poco/Net/HTTPDigestCredentials.h index 0c262f02b..c321c9fc8 100644 --- a/Net/include/Poco/Net/HTTPDigestCredentials.h +++ b/Net/include/Poco/Net/HTTPDigestCredentials.h @@ -52,6 +52,10 @@ public: void reset(); /// Resets the HTTPDigestCredentials object to a clean state. + /// Does not clear username and password. + + void clear(); + /// Clears both username and password. void setUsername(const std::string& username); /// Sets the username. @@ -65,6 +69,9 @@ public: const std::string& getPassword() const; /// Returns the password. + bool empty() const; + /// Returns true if both username and password are empty, otherwise false. + void authenticate(HTTPRequest& request, const HTTPResponse& response); /// Parses WWW-Authenticate header of the HTTPResponse, initializes /// internal state, and adds authentication information to the given HTTPRequest. @@ -110,7 +117,7 @@ public: bool verifyAuthParams(const HTTPRequest& request, const HTTPAuthenticationParams& params) const; /// Verifies the digest authentication information in the given HTTPRequest - /// and HTTPAuthenticationParams by recomputing the response and comparing + /// and HTTPAuthenticationParams by recomputing the response and comparing /// it with what's in the request. static std::string createNonce(); @@ -125,7 +132,7 @@ private: void createAuthParams(const HTTPRequest& request, const HTTPAuthenticationParams& responseAuthParams); void updateAuthParams(const HTTPRequest& request); int updateNonceCounter(const std::string& nonce); - + static const std::string DEFAULT_ALGORITHM; static const std::string DEFAULT_QOP; static const std::string NONCE_PARAM; @@ -146,7 +153,7 @@ private: std::string _password; HTTPAuthenticationParams _requestAuthParams; NonceCounterMap _nc; - + static int _nonceCounter; static Poco::FastMutex _nonceMutex; }; @@ -167,6 +174,12 @@ inline const std::string& HTTPDigestCredentials::getPassword() const } +inline bool HTTPDigestCredentials::empty() const +{ + return _username.empty() && _password.empty(); +} + + } } // namespace Poco::Net diff --git a/Net/src/HTTPBasicCredentials.cpp b/Net/src/HTTPBasicCredentials.cpp index 9e3fdf0f3..5b5e89897 100644 --- a/Net/src/HTTPBasicCredentials.cpp +++ b/Net/src/HTTPBasicCredentials.cpp @@ -37,7 +37,7 @@ HTTPBasicCredentials::HTTPBasicCredentials() { } - + HTTPBasicCredentials::HTTPBasicCredentials(const std::string& username, const std::string& password): _username(username), _password(password) @@ -69,18 +69,25 @@ HTTPBasicCredentials::~HTTPBasicCredentials() } +void HTTPBasicCredentials::clear() +{ + _username.clear(); + _password.clear(); +} + + void HTTPBasicCredentials::setUsername(const std::string& username) { _username = username; } - - + + void HTTPBasicCredentials::setPassword(const std::string& password) { _password = password; } - - + + void HTTPBasicCredentials::authenticate(HTTPRequest& request) const { std::ostringstream ostr; diff --git a/Net/src/HTTPDigestCredentials.cpp b/Net/src/HTTPDigestCredentials.cpp index 0bdfa625a..0d3deb514 100644 --- a/Net/src/HTTPDigestCredentials.cpp +++ b/Net/src/HTTPDigestCredentials.cpp @@ -39,11 +39,11 @@ namespace engine.update(a); engine.update(':'); engine.update(b); - if (!c.empty()) + if (!c.empty()) { engine.update(':'); engine.update(c); - if (!d.empty()) + if (!d.empty()) { engine.update(':'); engine.update(d); @@ -55,7 +55,7 @@ namespace } return Poco::DigestEngine::digestToHex(engine.digest()); } - + std::string formatNonceCounter(int counter) { return Poco::NumberFormatter::formatHex(counter, 8); @@ -89,7 +89,7 @@ HTTPDigestCredentials::HTTPDigestCredentials() { } - + HTTPDigestCredentials::HTTPDigestCredentials(const std::string& username, const std::string& password): _username(username), _password(password) @@ -113,7 +113,7 @@ void HTTPDigestCredentials::setUsername(const std::string& username) { _username = username; } - + void HTTPDigestCredentials::setPassword(const std::string& password) { @@ -121,6 +121,13 @@ void HTTPDigestCredentials::setPassword(const std::string& password) } +void HTTPDigestCredentials::clear() +{ + _username.clear(); + _password.clear(); +} + + void HTTPDigestCredentials::authenticate(HTTPRequest& request, const HTTPResponse& response) { authenticate(request, HTTPAuthenticationParams(response)); @@ -186,7 +193,7 @@ void HTTPDigestCredentials::createAuthParams(const HTTPRequest& request, const H const std::string& algorithm = responseAuthParams.get(ALGORITHM_PARAM, DEFAULT_ALGORITHM); - if (icompare(algorithm, DEFAULT_ALGORITHM) != 0) + if (icompare(algorithm, DEFAULT_ALGORITHM) != 0) throw NotImplementedException("Unsupported digest algorithm", algorithm); const std::string& nonce = responseAuthParams.get(NONCE_PARAM); @@ -197,7 +204,7 @@ void HTTPDigestCredentials::createAuthParams(const HTTPRequest& request, const H _requestAuthParams.set(USERNAME_PARAM, _username); _requestAuthParams.set(NONCE_PARAM, nonce); _requestAuthParams.setRealm(realm); - if (responseAuthParams.has(OPAQUE_PARAM)) + if (responseAuthParams.has(OPAQUE_PARAM)) { _requestAuthParams.set(OPAQUE_PARAM, responseAuthParams.get(OPAQUE_PARAM)); } @@ -205,7 +212,7 @@ void HTTPDigestCredentials::createAuthParams(const HTTPRequest& request, const H if (qop.empty()) { updateAuthParams(request); - } + } else { Poco::StringTokenizer tok(qop, ",", Poco::StringTokenizer::TOK_TRIM); @@ -221,9 +228,9 @@ void HTTPDigestCredentials::createAuthParams(const HTTPRequest& request, const H break; } } - if (!qopSupported) + if (!qopSupported) throw NotImplementedException("Unsupported QoP requested", qop); - } + } } @@ -243,7 +250,7 @@ void HTTPDigestCredentials::updateAuthParams(const HTTPRequest& request) _requestAuthParams.set(RESPONSE_PARAM, digest(engine, ha1, nonce, ha2)); } - else if (icompare(qop, AUTH_PARAM) == 0) + else if (icompare(qop, AUTH_PARAM) == 0) { const std::string& cnonce = _requestAuthParams.get(CNONCE_PARAM); @@ -277,7 +284,7 @@ bool HTTPDigestCredentials::verifyAuthParams(const HTTPRequest& request, const H const std::string ha2 = digest(engine, request.getMethod(), request.getURI()); response = digest(engine, ha1, nonce, ha2); } - else if (icompare(qop, AUTH_PARAM) == 0) + else if (icompare(qop, AUTH_PARAM) == 0) { const std::string& cnonce = params.get(CNONCE_PARAM); const std::string& nc = params.get(NC_PARAM); @@ -293,7 +300,7 @@ int HTTPDigestCredentials::updateNonceCounter(const std::string& nonce) { NonceCounterMap::iterator iter = _nc.find(nonce); - if (iter == _nc.end()) + if (iter == _nc.end()) { iter = _nc.insert(NonceCounterMap::value_type(nonce, 0)).first; }