Move tokens from sessions to requests

[src/app-framework-binder.git] / src / afb-hreq.c
diff --git a/src/afb-hreq.c b/src/afb-hreq.c

index 462f7ad..4d5f659 100644 (file)
--- a/src/afb-hreq.c
+++ b/src/afb-hreq.c
@@ -43,6 +43,7 @@
  #include "afb-hsrv.h"
  #include "afb-session.h"
  #include "afb-cred.h"
+#include "afb-token.h"
  #include "verbose.h"
  #include "locale-root.h"
  
@@ -61,6 +62,9 @@ static const char short_key_for_token[] = "token";
  static const char long_key_for_reqid[] = "x-afb-reqid";
  static const char short_key_for_reqid[] = "reqid";
  
+static const char key_for_bearer[] = "Bearer";
+static const char key_for_access_token[] = "access_token";
+
  static char *cookie_name = NULL;
  static char *cookie_setter = NULL;
  static char *tmp_pattern = NULL;
@@ -163,7 +167,8 @@ static void afb_hreq_reply_v(struct afb_hreq *hreq, unsigned status, struct MHD_
                 MHD_add_response_header(response, k, v);
                 k = va_arg(args, const char *);
         }
-       v = afb_context_sent_uuid(&hreq->xreq.context);
+
+       v = afb_context_uuid(&hreq->xreq.context);
         if (v != NULL && asprintf(&cookie, cookie_setter, v) > 0) {
                 MHD_add_response_header(response, MHD_HTTP_HEADER_SET_COOKIE, cookie);
                 free(cookie);
@@ -738,11 +743,10 @@ const char *afb_hreq_get_header(struct afb_hreq *hreq, const char *name)
  
  const char *afb_hreq_get_authorization_bearer(struct afb_hreq *hreq)
  {
-       static const char bearer[] = "Bearer";
         const char *value = afb_hreq_get_header(hreq, MHD_HTTP_HEADER_AUTHORIZATION);
         if (value) {
-               if (strncasecmp(value, bearer, sizeof bearer - 1) == 0) {
-                       value += sizeof bearer - 1;
+               if (strncasecmp(value, key_for_bearer, sizeof key_for_bearer - 1) == 0) {
+                       value += sizeof key_for_bearer - 1;
                         if (isblank(*value++)) {
                                 while (isblank(*value))
                                         value++;
@@ -963,6 +967,7 @@ int afb_hreq_init_context(struct afb_hreq *hreq)
  {
         const char *uuid;
         const char *token;
+       struct afb_token *tok;
  
         if (hreq->xreq.context.session != NULL)
                 return 0;
@@ -981,15 +986,21 @@ int afb_hreq_init_context(struct afb_hreq *hreq)
         /* get the authorisation token */
         token = afb_hreq_get_authorization_bearer(hreq);
         if (token == NULL) {
-               token = afb_hreq_get_header(hreq, long_key_for_token);
+               token = afb_hreq_get_argument(hreq, key_for_access_token);
                 if (token == NULL) {
-                       token = afb_hreq_get_argument(hreq, long_key_for_token);
-                       if (token == NULL)
-                               token = afb_hreq_get_argument(hreq, short_key_for_token);
+                       token = afb_hreq_get_header(hreq, long_key_for_token);
+                       if (token == NULL) {
+                               token = afb_hreq_get_argument(hreq, long_key_for_token);
+                               if (token == NULL)
+                                       token = afb_hreq_get_argument(hreq, short_key_for_token);
+                       }
                 }
         }
+       tok = NULL;
+       if (token)
+               afb_token_get(&tok, token);
  
-       return afb_context_connect(&hreq->xreq.context, uuid, token);
+       return afb_context_connect(&hreq->xreq.context, uuid, tok);
  }
  
  int afb_hreq_init_cookie(int port, const char *path, int maxage)