mirror of
https://github.com/pocoproject/poco.git
synced 2025-01-19 00:46:03 +01:00
261 lines
6.2 KiB
C++
261 lines
6.2 KiB
C++
//
|
|
// HTTPCredentials.cpp
|
|
//
|
|
// Library: Net
|
|
// Package: HTTP
|
|
// Module: HTTPCredentials
|
|
//
|
|
// Copyright (c) 2011, Anton V. Yabchinskiy (arn at bestmx dot ru).
|
|
// Copyright (c) 2012, Applied Informatics Software Engineering GmbH.
|
|
// and Contributors.
|
|
//
|
|
// SPDX-License-Identifier: BSL-1.0
|
|
//
|
|
|
|
|
|
#include "Poco/Net/HTTPAuthenticationParams.h"
|
|
#include "Poco/Net/HTTPBasicCredentials.h"
|
|
#include "Poco/Net/HTTPCredentials.h"
|
|
#include "Poco/Net/HTTPRequest.h"
|
|
#include "Poco/Net/HTTPResponse.h"
|
|
#include "Poco/Net/NetException.h"
|
|
#include "Poco/String.h"
|
|
#include "Poco/Ascii.h"
|
|
#include "Poco/URI.h"
|
|
|
|
|
|
using Poco::icompare;
|
|
|
|
|
|
namespace Poco {
|
|
namespace Net {
|
|
|
|
|
|
HTTPCredentials::HTTPCredentials()
|
|
{
|
|
}
|
|
|
|
|
|
HTTPCredentials::HTTPCredentials(const std::string& username, const std::string& password):
|
|
_digest(username, password)
|
|
{
|
|
}
|
|
|
|
|
|
HTTPCredentials::~HTTPCredentials()
|
|
{
|
|
}
|
|
|
|
|
|
void HTTPCredentials::clear()
|
|
{
|
|
_digest.clear();
|
|
_ntlm.clear();
|
|
}
|
|
|
|
|
|
void HTTPCredentials::fromUserInfo(const std::string& userInfo)
|
|
{
|
|
std::string username;
|
|
std::string password;
|
|
|
|
extractCredentials(userInfo, username, password);
|
|
setUsername(username);
|
|
setPassword(password);
|
|
_digest.reset();
|
|
}
|
|
|
|
|
|
void HTTPCredentials::fromURI(const URI& uri)
|
|
{
|
|
std::string username;
|
|
std::string password;
|
|
|
|
extractCredentials(uri, username, password);
|
|
setUsername(username);
|
|
setPassword(password);
|
|
setHost(uri.getHost());
|
|
_digest.reset();
|
|
}
|
|
|
|
|
|
void HTTPCredentials::authenticate(HTTPRequest& request, const HTTPResponse& response)
|
|
{
|
|
for (HTTPResponse::ConstIterator iter = response.find(HTTPAuthenticationParams::WWW_AUTHENTICATE); iter != response.end(); ++iter)
|
|
{
|
|
if (isBasicCredentials(iter->second))
|
|
{
|
|
HTTPBasicCredentials(_digest.getUsername(), _digest.getPassword()).authenticate(request);
|
|
return;
|
|
}
|
|
else if (isDigestCredentials(iter->second))
|
|
{
|
|
_digest.authenticate(request, HTTPAuthenticationParams(iter->second.substr(7)));
|
|
return;
|
|
}
|
|
else if (isNTLMCredentials(iter->second))
|
|
{
|
|
_ntlm.setUsername(_digest.getUsername());
|
|
_ntlm.setPassword(_digest.getPassword());
|
|
if (_ntlm.getHost().empty())
|
|
{
|
|
_ntlm.setHost(request.getHost());
|
|
}
|
|
_ntlm.authenticate(request, iter->second.substr(5));
|
|
return;
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
void HTTPCredentials::updateAuthInfo(HTTPRequest& request)
|
|
{
|
|
if (request.has(HTTPRequest::AUTHORIZATION))
|
|
{
|
|
const std::string& authorization = request.get(HTTPRequest::AUTHORIZATION);
|
|
|
|
if (isBasicCredentials(authorization))
|
|
{
|
|
HTTPBasicCredentials(_digest.getUsername(), _digest.getPassword()).authenticate(request);
|
|
}
|
|
else if (isDigestCredentials(authorization))
|
|
{
|
|
_digest.updateAuthInfo(request);
|
|
}
|
|
else if (isNTLMCredentials(authorization))
|
|
{
|
|
_ntlm.updateAuthInfo(request);
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
void HTTPCredentials::proxyAuthenticate(HTTPRequest& request, const HTTPResponse& response)
|
|
{
|
|
for (HTTPResponse::ConstIterator iter = response.find(HTTPAuthenticationParams::PROXY_AUTHENTICATE); iter != response.end(); ++iter)
|
|
{
|
|
if (isBasicCredentials(iter->second))
|
|
{
|
|
HTTPBasicCredentials(_digest.getUsername(), _digest.getPassword()).proxyAuthenticate(request);
|
|
return;
|
|
}
|
|
else if (isDigestCredentials(iter->second))
|
|
{
|
|
_digest.proxyAuthenticate(request, HTTPAuthenticationParams(iter->second.substr(7)));
|
|
return;
|
|
}
|
|
else if (isNTLMCredentials(iter->second))
|
|
{
|
|
_ntlm.setUsername(_digest.getUsername());
|
|
_ntlm.setPassword(_digest.getPassword());
|
|
_ntlm.proxyAuthenticate(request, iter->second.substr(5));
|
|
return;
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
void HTTPCredentials::updateProxyAuthInfo(HTTPRequest& request)
|
|
{
|
|
if (request.has(HTTPRequest::PROXY_AUTHORIZATION))
|
|
{
|
|
const std::string& authorization = request.get(HTTPRequest::PROXY_AUTHORIZATION);
|
|
|
|
if (isBasicCredentials(authorization))
|
|
{
|
|
HTTPBasicCredentials(_digest.getUsername(), _digest.getPassword()).proxyAuthenticate(request);
|
|
}
|
|
else if (isDigestCredentials(authorization))
|
|
{
|
|
_digest.updateProxyAuthInfo(request);
|
|
}
|
|
else if (isNTLMCredentials(authorization))
|
|
{
|
|
_ntlm.updateProxyAuthInfo(request);
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
bool HTTPCredentials::isBasicCredentials(const std::string& header)
|
|
{
|
|
return icompare(header, 0, 5, "Basic") == 0 && (header.size() > 5 ? Poco::Ascii::isSpace(header[5]) : true);
|
|
}
|
|
|
|
|
|
bool HTTPCredentials::isDigestCredentials(const std::string& header)
|
|
{
|
|
return icompare(header, 0, 6, "Digest") == 0 && (header.size() > 6 ? Poco::Ascii::isSpace(header[6]) : true);
|
|
}
|
|
|
|
|
|
bool HTTPCredentials::isNTLMCredentials(const std::string& header)
|
|
{
|
|
return icompare(header, 0, 4, "NTLM") == 0 && (header.size() > 4 ? Poco::Ascii::isSpace(header[4]) : true);
|
|
}
|
|
|
|
|
|
bool HTTPCredentials::hasBasicCredentials(const HTTPRequest& request)
|
|
{
|
|
return request.has(HTTPRequest::AUTHORIZATION) && isBasicCredentials(request.get(HTTPRequest::AUTHORIZATION));
|
|
}
|
|
|
|
|
|
bool HTTPCredentials::hasDigestCredentials(const HTTPRequest& request)
|
|
{
|
|
return request.has(HTTPRequest::AUTHORIZATION) && isDigestCredentials(request.get(HTTPRequest::AUTHORIZATION));
|
|
}
|
|
|
|
|
|
bool HTTPCredentials::hasNTLMCredentials(const HTTPRequest& request)
|
|
{
|
|
return request.has(HTTPRequest::AUTHORIZATION) && isNTLMCredentials(request.get(HTTPRequest::AUTHORIZATION));
|
|
}
|
|
|
|
|
|
bool HTTPCredentials::hasProxyBasicCredentials(const HTTPRequest& request)
|
|
{
|
|
return request.has(HTTPRequest::PROXY_AUTHORIZATION) && isBasicCredentials(request.get(HTTPRequest::PROXY_AUTHORIZATION));
|
|
}
|
|
|
|
|
|
bool HTTPCredentials::hasProxyDigestCredentials(const HTTPRequest& request)
|
|
{
|
|
return request.has(HTTPRequest::PROXY_AUTHORIZATION) && isDigestCredentials(request.get(HTTPRequest::PROXY_AUTHORIZATION));
|
|
}
|
|
|
|
|
|
bool HTTPCredentials::hasProxyNTLMCredentials(const HTTPRequest& request)
|
|
{
|
|
return request.has(HTTPRequest::PROXY_AUTHORIZATION) && isNTLMCredentials(request.get(HTTPRequest::PROXY_AUTHORIZATION));
|
|
}
|
|
|
|
|
|
void HTTPCredentials::extractCredentials(const std::string& userInfo, std::string& username, std::string& password)
|
|
{
|
|
const std::string::size_type p = userInfo.find(':');
|
|
|
|
if (p != std::string::npos)
|
|
{
|
|
username.assign(userInfo, 0, p);
|
|
password.assign(userInfo, p + 1, std::string::npos);
|
|
}
|
|
else
|
|
{
|
|
username.assign(userInfo);
|
|
password.clear();
|
|
}
|
|
}
|
|
|
|
|
|
void HTTPCredentials::extractCredentials(const Poco::URI& uri, std::string& username, std::string& password)
|
|
{
|
|
if (!uri.getUserInfo().empty())
|
|
{
|
|
extractCredentials(uri.getUserInfo(), username, password);
|
|
}
|
|
}
|
|
|
|
|
|
} } // namespace Poco::Net
|