David Fletcher
TI's CC3100 websocket camera demo with Arducam mini ov5642 and freertos. Should work with other M3's. Work in progress test demo.
http/server/HttpAuth.h@1:e448e81c416f, 2015-09-11 (annotated)
- Committer:
- dflet
- Date:
- Fri Sep 11 15:38:33 2015 +0000
- Revision:
- 1:e448e81c416f
- Parent:
- 0:400d8e75a8d0
Removed some debud.
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| dflet | 0:400d8e75a8d0 | 1 | //***************************************************************************** |
| dflet | 0:400d8e75a8d0 | 2 | // Copyright (C) 2014 Texas Instruments Incorporated |
| dflet | 0:400d8e75a8d0 | 3 | // |
| dflet | 0:400d8e75a8d0 | 4 | // All rights reserved. Property of Texas Instruments Incorporated. |
| dflet | 0:400d8e75a8d0 | 5 | // Restricted rights to use, duplicate or disclose this code are |
| dflet | 0:400d8e75a8d0 | 6 | // granted through contract. |
| dflet | 0:400d8e75a8d0 | 7 | // The program may not be used without the written permission of |
| dflet | 0:400d8e75a8d0 | 8 | // Texas Instruments Incorporated or against the terms and conditions |
| dflet | 0:400d8e75a8d0 | 9 | // stipulated in the agreement under which this program has been supplied, |
| dflet | 0:400d8e75a8d0 | 10 | // and under no circumstances can it be used with non-TI connectivity device. |
| dflet | 0:400d8e75a8d0 | 11 | // |
| dflet | 0:400d8e75a8d0 | 12 | //***************************************************************************** |
| dflet | 0:400d8e75a8d0 | 13 | |
| dflet | 0:400d8e75a8d0 | 14 | /** |
| dflet | 0:400d8e75a8d0 | 15 | * @defgroup HttpAuth |
| dflet | 0:400d8e75a8d0 | 16 | * |
| dflet | 0:400d8e75a8d0 | 17 | * @{ |
| dflet | 0:400d8e75a8d0 | 18 | */ |
| dflet | 0:400d8e75a8d0 | 19 | |
| dflet | 0:400d8e75a8d0 | 20 | #ifndef _HTTP_AUTH_H_ |
| dflet | 0:400d8e75a8d0 | 21 | #define _HTTP_AUTH_H_ |
| dflet | 0:400d8e75a8d0 | 22 | |
| dflet | 0:400d8e75a8d0 | 23 | #include "HttpConfig.h" |
| dflet | 0:400d8e75a8d0 | 24 | #include "HttpString.h" |
| dflet | 0:400d8e75a8d0 | 25 | #include "HttpRequest.h" |
| dflet | 0:400d8e75a8d0 | 26 | #ifdef HTTP_CORE_ENABLE_AUTH |
| dflet | 0:400d8e75a8d0 | 27 | |
| dflet | 0:400d8e75a8d0 | 28 | #ifdef __cplusplus |
| dflet | 0:400d8e75a8d0 | 29 | extern "C" { |
| dflet | 0:400d8e75a8d0 | 30 | #endif |
| dflet | 0:400d8e75a8d0 | 31 | |
| dflet | 0:400d8e75a8d0 | 32 | /** |
| dflet | 0:400d8e75a8d0 | 33 | * @defgroup HttpAuth HTTP Authentication |
| dflet | 0:400d8e75a8d0 | 34 | * This module implements the HTTP digest access authentication routines. |
| dflet | 0:400d8e75a8d0 | 35 | * Note this module is only compiled if HTTP_CORE_ENABLE_AUTH is defined in HttpConfig.h |
| dflet | 0:400d8e75a8d0 | 36 | * |
| dflet | 0:400d8e75a8d0 | 37 | * When a "not authorized" response is sent to the client, the WWW-Authenticate header is built using HttpAuth_ResponseAuthenticate() |
| dflet | 0:400d8e75a8d0 | 38 | * This in turn generates new nonce and opaque values which will be used for authentication. |
| dflet | 0:400d8e75a8d0 | 39 | * Note that since only a single nonce is kept, only one client may ever be authenticated simultaneously. |
| dflet | 0:400d8e75a8d0 | 40 | * When another request with Authorization header is received, it is verified using HttpAuth_RequestAuthenticate() |
| dflet | 0:400d8e75a8d0 | 41 | * If all authentication tests pass, then the appropriate flag is set in the request to indicate that. |
| dflet | 0:400d8e75a8d0 | 42 | * |
| dflet | 0:400d8e75a8d0 | 43 | * @{ |
| dflet | 0:400d8e75a8d0 | 44 | */ |
| dflet | 0:400d8e75a8d0 | 45 | |
| dflet | 0:400d8e75a8d0 | 46 | /** |
| dflet | 0:400d8e75a8d0 | 47 | * Initialize the authentication module, so that it accepts the specified username and password |
| dflet | 0:400d8e75a8d0 | 48 | * This function should be called during server initialization in order to set initial user credentials |
| dflet | 0:400d8e75a8d0 | 49 | * This function may then be called at any time during the operation of the server in order to set different user credentials |
| dflet | 0:400d8e75a8d0 | 50 | * @param username The authorized user's username |
| dflet | 0:400d8e75a8d0 | 51 | * @param password The authorized user's password |
| dflet | 0:400d8e75a8d0 | 52 | */ |
| dflet | 0:400d8e75a8d0 | 53 | void HttpAuth_Init(struct HttpBlob username, struct HttpBlob password); |
| dflet | 0:400d8e75a8d0 | 54 | |
| dflet | 0:400d8e75a8d0 | 55 | /** |
| dflet | 0:400d8e75a8d0 | 56 | * Builds and returns the WWW-Authenticate response header. |
| dflet | 0:400d8e75a8d0 | 57 | * This implies generating a new nonce, etc. |
| dflet | 0:400d8e75a8d0 | 58 | * Notes about return value: |
| dflet | 0:400d8e75a8d0 | 59 | * Upon entry, pWWWAuthenticate should point to the place in the packet-send buffer where the header needs to be generated, and also specify the maximum amount of bytes available for the header at that place |
| dflet | 0:400d8e75a8d0 | 60 | * Upon return, pWWWAuthenticate points to the same location, but specifies the actual length of the header. |
| dflet | 0:400d8e75a8d0 | 61 | * If the returned length is 0, this means that there was not enough room in the buffer for the header. |
| dflet | 0:400d8e75a8d0 | 62 | * In such a case, the core may try again with a larger buffer |
| dflet | 0:400d8e75a8d0 | 63 | * @param pRequest All data about the request |
| dflet | 0:400d8e75a8d0 | 64 | * @param[in,out] pWWWAuthenticate On entry specifies the memory location to build the header at, and the maximum size. On return, specifies the same location and the actual size of the header line |
| dflet | 0:400d8e75a8d0 | 65 | */ |
| dflet | 0:400d8e75a8d0 | 66 | void HttpAuth_ResponseAuthenticate(struct HttpRequest* pRequest, struct HttpBlob* pWWWAuthenticate); |
| dflet | 0:400d8e75a8d0 | 67 | |
| dflet | 0:400d8e75a8d0 | 68 | /** |
| dflet | 0:400d8e75a8d0 | 69 | * Check the authentication header in a request, and either authorize the request or deny it |
| dflet | 0:400d8e75a8d0 | 70 | * If the authorization succeeds, then HTTP_REQUEST_FLAG_AUTHENTICATED is added to the request flags |
| dflet | 0:400d8e75a8d0 | 71 | * @param pRequest All data about the request to authorize |
| dflet | 0:400d8e75a8d0 | 72 | * @param authorization The full string of the Authorization header |
| dflet | 0:400d8e75a8d0 | 73 | */ |
| dflet | 0:400d8e75a8d0 | 74 | void HttpAuth_RequestAuthenticate(struct HttpRequest* pRequest, struct HttpBlob authorization); |
| dflet | 0:400d8e75a8d0 | 75 | |
| dflet | 0:400d8e75a8d0 | 76 | static UINT16 HttpAuth_VerifyHeaderNameValue(struct HttpBlob *location, char* nameToken, UINT8 tokenlenLen, char *value, UINT8 valuelen, char** outValue); |
| dflet | 0:400d8e75a8d0 | 77 | static void AddStringToBlob(struct HttpBlob * trgt, char *str, UINT16 length); |
| dflet | 0:400d8e75a8d0 | 78 | static void Generate32BytesRandomString(UINT8 *str); |
| dflet | 0:400d8e75a8d0 | 79 | static void MD5_FinalToString(UINT8* str, MD5_CTX *md5stat); |
| dflet | 0:400d8e75a8d0 | 80 | static UINT32 GetRandomUint(void); |
| dflet | 0:400d8e75a8d0 | 81 | |
| dflet | 0:400d8e75a8d0 | 82 | |
| dflet | 0:400d8e75a8d0 | 83 | /// @} |
| dflet | 0:400d8e75a8d0 | 84 | #ifdef __cplusplus |
| dflet | 0:400d8e75a8d0 | 85 | } |
| dflet | 0:400d8e75a8d0 | 86 | #endif /* __cplusplus */ |
| dflet | 0:400d8e75a8d0 | 87 | |
| dflet | 0:400d8e75a8d0 | 88 | #endif // HTTP_CORE_ENABLE_AUTH |
| dflet | 0:400d8e75a8d0 | 89 | |
| dflet | 0:400d8e75a8d0 | 90 | #endif // _HTTP_AUTH_H_ |
| dflet | 0:400d8e75a8d0 | 91 |