David Fletcher / Mbed 2 deprecated CC3000WebServer

Important changes to repositories hosted on mbed.com

Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.

To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.

It is also possible to export all your personal repositories from the account settings page.

Dependencies:   mbed

WebServer/HttpAuth.h@0:6ad60d78b315, 2013-09-14 (annotated)

Committer:
dflet
Date:
Sat Sep 14 17:38:41 2013 +0000
Revision:
0:6ad60d78b315
Mostly working will serve the default pages index.html and config.html, but config.html is not woring at present.

Who changed what in which revision?

UserRevisionLine numberNew contents of line
dflet 0:6ad60d78b315 1 /*****************************************************************************
dflet 0:6ad60d78b315 2 *
dflet 0:6ad60d78b315 3 * HttpAuth.h
dflet 0:6ad60d78b315 4 * Copyright (C) 2011 Texas Instruments Incorporated - http://www.ti.com/
dflet 0:6ad60d78b315 5 *
dflet 0:6ad60d78b315 6 * Redistribution and use in source and binary forms, with or without
dflet 0:6ad60d78b315 7 * modification, are permitted provided that the following conditions
dflet 0:6ad60d78b315 8 * are met:
dflet 0:6ad60d78b315 9 *
dflet 0:6ad60d78b315 10 * Redistributions of source code must retain the above copyright
dflet 0:6ad60d78b315 11 * notice, this list of conditions and the following disclaimer.
dflet 0:6ad60d78b315 12 *
dflet 0:6ad60d78b315 13 * Redistributions in binary form must reproduce the above copyright
dflet 0:6ad60d78b315 14 * notice, this list of conditions and the following disclaimer in the
dflet 0:6ad60d78b315 15 * documentation and/or other materials provided with the
dflet 0:6ad60d78b315 16 * distribution.
dflet 0:6ad60d78b315 17 *
dflet 0:6ad60d78b315 18 * Neither the name of Texas Instruments Incorporated nor the names of
dflet 0:6ad60d78b315 19 * its contributors may be used to endorse or promote products derived
dflet 0:6ad60d78b315 20 * from this software without specific prior written permission.
dflet 0:6ad60d78b315 21 *
dflet 0:6ad60d78b315 22 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
dflet 0:6ad60d78b315 23 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
dflet 0:6ad60d78b315 24 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
dflet 0:6ad60d78b315 25 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
dflet 0:6ad60d78b315 26 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
dflet 0:6ad60d78b315 27 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
dflet 0:6ad60d78b315 28 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
dflet 0:6ad60d78b315 29 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
dflet 0:6ad60d78b315 30 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
dflet 0:6ad60d78b315 31 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
dflet 0:6ad60d78b315 32 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
dflet 0:6ad60d78b315 33 *
dflet 0:6ad60d78b315 34 *****************************************************************************/
dflet 0:6ad60d78b315 35 #ifndef _HTTP_AUTH_H_
dflet 0:6ad60d78b315 36 #define _HTTP_AUTH_H_
dflet 0:6ad60d78b315 37
dflet 0:6ad60d78b315 38 #include "HttpConfig.h"
dflet 0:6ad60d78b315 39 #include "HttpString.h"
dflet 0:6ad60d78b315 40 #include "HttpRequest.h"
dflet 0:6ad60d78b315 41 #ifdef HTTP_CORE_ENABLE_AUTH
dflet 0:6ad60d78b315 42
dflet 0:6ad60d78b315 43 /**
dflet 0:6ad60d78b315 44 * @defgroup HttpAuth HTTP Authentication
dflet 0:6ad60d78b315 45 * This module implements the HTTP digest access authentication routines.
dflet 0:6ad60d78b315 46 * Note this module is only compiled if HTTP_CORE_ENABLE_AUTH is defined in HttpConfig.h
dflet 0:6ad60d78b315 47 *
dflet 0:6ad60d78b315 48 * When a "not authorized" response is sent to the client, the WWW-Authenticate header is built using HttpAuth_ResponseAuthenticate()
dflet 0:6ad60d78b315 49 * This in turn generates new nonce and opaque values which will be used for authentication.
dflet 0:6ad60d78b315 50 * Note that since only a single nonce is kept, only one client may ever be authenticated simultaneously.
dflet 0:6ad60d78b315 51 * When another request with Authorization header is received, it is verified using HttpAuth_RequestAuthenticate()
dflet 0:6ad60d78b315 52 * If all authentication tests pass, then the appropriate flag is set in the request to indicate that.
dflet 0:6ad60d78b315 53 *
dflet 0:6ad60d78b315 54 * @{
dflet 0:6ad60d78b315 55 */
dflet 0:6ad60d78b315 56
dflet 0:6ad60d78b315 57 /**
dflet 0:6ad60d78b315 58 * Initialize the authentication module, so that it accepts the specified username and password
dflet 0:6ad60d78b315 59 * This function should be called during server initialization in order to set initial user credentials
dflet 0:6ad60d78b315 60 * This function may then be called at any time during the operation of the server in order to set different user credentials
dflet 0:6ad60d78b315 61 * @param username The authorized user's username
dflet 0:6ad60d78b315 62 * @param password The authorized user's password
dflet 0:6ad60d78b315 63 */
dflet 0:6ad60d78b315 64 void HttpAuth_Init(struct HttpBlob username, struct HttpBlob password);
dflet 0:6ad60d78b315 65
dflet 0:6ad60d78b315 66 /**
dflet 0:6ad60d78b315 67 * Builds and returns the WWW-Authenticate response header.
dflet 0:6ad60d78b315 68 * This implies generating a new nonce, etc.
dflet 0:6ad60d78b315 69 * Notes about return value:
dflet 0:6ad60d78b315 70 * Upon entry, pWWWAuthenticate should point to the place in the packet-send buffer where the header needs to be generated, and also specify the maximum amount of bytes available for the header at that place
dflet 0:6ad60d78b315 71 * Upon return, pWWWAuthenticate points to the same location, but specifies the actual length of the header.
dflet 0:6ad60d78b315 72 * If the returned length is 0, this means that there was not enough room in the buffer for the header.
dflet 0:6ad60d78b315 73 * In such a case, the core may try again with a larger buffer
dflet 0:6ad60d78b315 74 * @param pRequest All data about the request
dflet 0:6ad60d78b315 75 * @param[in,out] pWWWAuthenticate On entry specifies the memory location to build the header at, and the maximum size. On return, specifies the same location and the actual size of the header line
dflet 0:6ad60d78b315 76 */
dflet 0:6ad60d78b315 77 void HttpAuth_ResponseAuthenticate(struct HttpRequest* pRequest, struct HttpBlob* pWWWAuthenticate);
dflet 0:6ad60d78b315 78
dflet 0:6ad60d78b315 79 /**
dflet 0:6ad60d78b315 80 * Check the authentication header in a request, and either authorize the request or deny it
dflet 0:6ad60d78b315 81 * If the authorization succeeds, then HTTP_REQUEST_FLAG_AUTHENTICATED is added to the request flags
dflet 0:6ad60d78b315 82 * @param pRequest All data about the request to authorize
dflet 0:6ad60d78b315 83 * @param authorization The full string of the Authorization header
dflet 0:6ad60d78b315 84 */
dflet 0:6ad60d78b315 85 void HttpAuth_RequestAuthenticate(struct HttpRequest* pRequest, struct HttpBlob authorization);
dflet 0:6ad60d78b315 86
dflet 0:6ad60d78b315 87 /// @}
dflet 0:6ad60d78b315 88
dflet 0:6ad60d78b315 89 #endif // HTTP_CORE_ENABLE_AUTH
dflet 0:6ad60d78b315 90
dflet 0:6ad60d78b315 91 #endif // _HTTP_AUTH_H_
dflet 0:6ad60d78b315 92