poco/Net/src/HTTPCredentials.cpp

261 lines
6.2 KiB
C++

//
// HTTPCredentials.cpp
//
// Library: Net
// Package: HTTP
// Module: HTTPCredentials
//
// Copyright (c) 2011, Anton V. Yabchinskiy (arn at bestmx dot ru).
// Copyright (c) 2012, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#include "Poco/Net/HTTPAuthenticationParams.h"
#include "Poco/Net/HTTPBasicCredentials.h"
#include "Poco/Net/HTTPCredentials.h"
#include "Poco/Net/HTTPRequest.h"
#include "Poco/Net/HTTPResponse.h"
#include "Poco/Net/NetException.h"
#include "Poco/String.h"
#include "Poco/Ascii.h"
#include "Poco/URI.h"
using Poco::icompare;
namespace Poco {
namespace Net {
HTTPCredentials::HTTPCredentials()
{
}
HTTPCredentials::HTTPCredentials(const std::string& username, const std::string& password):
_digest(username, password)
{
}
HTTPCredentials::~HTTPCredentials()
{
}
void HTTPCredentials::clear()
{
_digest.clear();
_ntlm.clear();
}
void HTTPCredentials::fromUserInfo(const std::string& userInfo)
{
std::string username;
std::string password;
extractCredentials(userInfo, username, password);
setUsername(username);
setPassword(password);
_digest.reset();
}
void HTTPCredentials::fromURI(const URI& uri)
{
std::string username;
std::string password;
extractCredentials(uri, username, password);
setUsername(username);
setPassword(password);
setHost(uri.getHost());
_digest.reset();
}
void HTTPCredentials::authenticate(HTTPRequest& request, const HTTPResponse& response)
{
for (HTTPResponse::ConstIterator iter = response.find(HTTPAuthenticationParams::WWW_AUTHENTICATE); iter != response.end(); ++iter)
{
if (isBasicCredentials(iter->second))
{
HTTPBasicCredentials(_digest.getUsername(), _digest.getPassword()).authenticate(request);
return;
}
else if (isDigestCredentials(iter->second))
{
_digest.authenticate(request, HTTPAuthenticationParams(iter->second.substr(7)));
return;
}
else if (isNTLMCredentials(iter->second))
{
_ntlm.setUsername(_digest.getUsername());
_ntlm.setPassword(_digest.getPassword());
if (_ntlm.getHost().empty())
{
_ntlm.setHost(request.getHost());
}
_ntlm.authenticate(request, iter->second.substr(5));
return;
}
}
}
void HTTPCredentials::updateAuthInfo(HTTPRequest& request)
{
if (request.has(HTTPRequest::AUTHORIZATION))
{
const std::string& authorization = request.get(HTTPRequest::AUTHORIZATION);
if (isBasicCredentials(authorization))
{
HTTPBasicCredentials(_digest.getUsername(), _digest.getPassword()).authenticate(request);
}
else if (isDigestCredentials(authorization))
{
_digest.updateAuthInfo(request);
}
else if (isNTLMCredentials(authorization))
{
_ntlm.updateAuthInfo(request);
}
}
}
void HTTPCredentials::proxyAuthenticate(HTTPRequest& request, const HTTPResponse& response)
{
for (HTTPResponse::ConstIterator iter = response.find(HTTPAuthenticationParams::PROXY_AUTHENTICATE); iter != response.end(); ++iter)
{
if (isBasicCredentials(iter->second))
{
HTTPBasicCredentials(_digest.getUsername(), _digest.getPassword()).proxyAuthenticate(request);
return;
}
else if (isDigestCredentials(iter->second))
{
_digest.proxyAuthenticate(request, HTTPAuthenticationParams(iter->second.substr(7)));
return;
}
else if (isNTLMCredentials(iter->second))
{
_ntlm.setUsername(_digest.getUsername());
_ntlm.setPassword(_digest.getPassword());
_ntlm.proxyAuthenticate(request, iter->second.substr(5));
return;
}
}
}
void HTTPCredentials::updateProxyAuthInfo(HTTPRequest& request)
{
if (request.has(HTTPRequest::PROXY_AUTHORIZATION))
{
const std::string& authorization = request.get(HTTPRequest::PROXY_AUTHORIZATION);
if (isBasicCredentials(authorization))
{
HTTPBasicCredentials(_digest.getUsername(), _digest.getPassword()).proxyAuthenticate(request);
}
else if (isDigestCredentials(authorization))
{
_digest.updateProxyAuthInfo(request);
}
else if (isNTLMCredentials(authorization))
{
_ntlm.updateProxyAuthInfo(request);
}
}
}
bool HTTPCredentials::isBasicCredentials(const std::string& header)
{
return icompare(header, 0, 5, "Basic") == 0 && (header.size() > 5 ? Poco::Ascii::isSpace(header[5]) : true);
}
bool HTTPCredentials::isDigestCredentials(const std::string& header)
{
return icompare(header, 0, 6, "Digest") == 0 && (header.size() > 6 ? Poco::Ascii::isSpace(header[6]) : true);
}
bool HTTPCredentials::isNTLMCredentials(const std::string& header)
{
return icompare(header, 0, 4, "NTLM") == 0 && (header.size() > 4 ? Poco::Ascii::isSpace(header[4]) : true);
}
bool HTTPCredentials::hasBasicCredentials(const HTTPRequest& request)
{
return request.has(HTTPRequest::AUTHORIZATION) && isBasicCredentials(request.get(HTTPRequest::AUTHORIZATION));
}
bool HTTPCredentials::hasDigestCredentials(const HTTPRequest& request)
{
return request.has(HTTPRequest::AUTHORIZATION) && isDigestCredentials(request.get(HTTPRequest::AUTHORIZATION));
}
bool HTTPCredentials::hasNTLMCredentials(const HTTPRequest& request)
{
return request.has(HTTPRequest::AUTHORIZATION) && isNTLMCredentials(request.get(HTTPRequest::AUTHORIZATION));
}
bool HTTPCredentials::hasProxyBasicCredentials(const HTTPRequest& request)
{
return request.has(HTTPRequest::PROXY_AUTHORIZATION) && isBasicCredentials(request.get(HTTPRequest::PROXY_AUTHORIZATION));
}
bool HTTPCredentials::hasProxyDigestCredentials(const HTTPRequest& request)
{
return request.has(HTTPRequest::PROXY_AUTHORIZATION) && isDigestCredentials(request.get(HTTPRequest::PROXY_AUTHORIZATION));
}
bool HTTPCredentials::hasProxyNTLMCredentials(const HTTPRequest& request)
{
return request.has(HTTPRequest::PROXY_AUTHORIZATION) && isNTLMCredentials(request.get(HTTPRequest::PROXY_AUTHORIZATION));
}
void HTTPCredentials::extractCredentials(const std::string& userInfo, std::string& username, std::string& password)
{
const std::string::size_type p = userInfo.find(':');
if (p != std::string::npos)
{
username.assign(userInfo, 0, p);
password.assign(userInfo, p + 1, std::string::npos);
}
else
{
username.assign(userInfo);
password.clear();
}
}
void HTTPCredentials::extractCredentials(const Poco::URI& uri, std::string& username, std::string& password)
{
if (!uri.getUserInfo().empty())
{
extractCredentials(uri.getUserInfo(), username, password);
}
}
} } // namespace Poco::Net