/*
- * Copyright (C) 2016, 2017, 2018 "IoT.bzh"
+ * Copyright (C) 2015-2020 "IoT.bzh"
* Author: José Bollo <jose.bollo@iot.bzh>
*
* Licensed under the Apache License, Version 2.0 (the "License");
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
+#include <ctype.h>
#include <assert.h>
#include <errno.h>
#include <fcntl.h>
#include <microhttpd.h>
#include <json-c/json.h>
+#if !defined(JSON_C_TO_STRING_NOSLASHESCAPE)
+#define JSON_C_TO_STRING_NOSLASHESCAPE 0
+#endif
#if defined(USE_MAGIC_MIME_TYPE)
#include <magic.h>
#include "afb-msg-json.h"
#include "afb-context.h"
#include "afb-hreq.h"
+#include "afb-hsrv.h"
#include "afb-session.h"
-#include "afb-cred.h"
+#include "afb-token.h"
+#include "afb-error-text.h"
#include "verbose.h"
#include "locale-root.h"
static const char long_key_for_reqid[] = "x-afb-reqid";
static const char short_key_for_reqid[] = "reqid";
+static const char key_for_bearer[] = "Bearer";
+static const char key_for_access_token[] = "access_token";
+
static char *cookie_name = NULL;
static char *cookie_setter = NULL;
static char *tmp_pattern = NULL;
MHD_add_response_header(response, k, v);
k = va_arg(args, const char *);
}
- v = afb_context_sent_uuid(&hreq->xreq.context);
+
+ v = afb_context_uuid(&hreq->xreq.context);
if (v != NULL && asprintf(&cookie, cookie_setter, v) > 0) {
MHD_add_response_header(response, MHD_HTTP_HEADER_SET_COOKIE, cookie);
free(cookie);
hreq->replied = 1;
if (hreq->suspended != 0) {
- extern void run_micro_httpd(struct afb_hsrv *hsrv);
MHD_resume_connection (hreq->connection);
hreq->suspended = 0;
- run_micro_httpd(hreq->hsrv);
+ afb_hsrv_run(hreq->hsrv);
}
}
if (hreq->postform != NULL)
MHD_destroy_post_processor(hreq->postform);
+ if (hreq->tokener != NULL)
+ json_tokener_free(hreq->tokener);
+
for (data = hreq->data; data; data = hreq->data) {
hreq->data = data->next;
if (data->path) {
json_object_put(hreq->json);
free((char*)hreq->xreq.request.called_api);
free((char*)hreq->xreq.request.called_verb);
- afb_cred_unref(hreq->xreq.cred);
free(hreq);
}
return MHD_lookup_connection_value(hreq->connection, MHD_HEADER_KIND, name);
}
+const char *afb_hreq_get_authorization_bearer(struct afb_hreq *hreq)
+{
+ const char *value = afb_hreq_get_header(hreq, MHD_HTTP_HEADER_AUTHORIZATION);
+ if (value) {
+ if (strncasecmp(value, key_for_bearer, sizeof key_for_bearer - 1) == 0) {
+ value += sizeof key_for_bearer - 1;
+ if (isblank(*value++)) {
+ while (isblank(*value))
+ value++;
+ if (*value)
+ return value;
+ }
+ }
+ }
+ return NULL;
+}
+
int afb_hreq_post_add(struct afb_hreq *hreq, const char *key, const char *data, size_t size)
{
void *p;
return obj;
}
+static inline const char *get_json_string(json_object *obj)
+{
+ return json_object_to_json_string_ext(obj, JSON_C_TO_STRING_PLAIN|JSON_C_TO_STRING_NOSLASHESCAPE);
+}
static ssize_t send_json_cb(json_object *obj, uint64_t pos, char *buf, size_t max)
{
- ssize_t len = stpncpy(buf, json_object_to_json_string_ext(obj, JSON_C_TO_STRING_PLAIN)+pos, max) - buf;
+ ssize_t len = stpncpy(buf, get_json_string(obj)+pos, max) - buf;
return len ? : (ssize_t)MHD_CONTENT_READER_END_OF_STREAM;
}
if (reqid != NULL && json_object_object_get_ex(reply, "request", &sub))
json_object_object_add(sub, "reqid", json_object_new_string(reqid));
- response = MHD_create_response_from_callback((uint64_t)strlen(json_object_to_json_string_ext(reply, JSON_C_TO_STRING_PLAIN)), SIZE_RESPONSE_BUFFER, (void*)send_json_cb, reply, (void*)json_object_put);
- afb_hreq_reply(hreq, MHD_HTTP_OK, response, NULL);
+ response = MHD_create_response_from_callback(
+ (uint64_t)strlen(get_json_string(reply)),
+ SIZE_RESPONSE_BUFFER,
+ (void*)send_json_cb,
+ reply,
+ (void*)json_object_put);
+
+ /* handle authorisation feedback */
+ if (error == afb_error_text_invalid_token)
+ afb_hreq_reply(hreq, MHD_HTTP_UNAUTHORIZED, response, MHD_HTTP_HEADER_WWW_AUTHENTICATE, "error=\"invalid_token\"", NULL);
+ else if (error == afb_error_text_insufficient_scope)
+ afb_hreq_reply(hreq, MHD_HTTP_FORBIDDEN, response, MHD_HTTP_HEADER_WWW_AUTHENTICATE, "error=\"insufficient_scope\"", NULL);
+ else
+ afb_hreq_reply(hreq, MHD_HTTP_OK, response, NULL);
}
void afb_hreq_call(struct afb_hreq *hreq, struct afb_apiset *apiset, const char *api, size_t lenapi, const char *verb, size_t lenverb)
{
const char *uuid;
const char *token;
+ struct afb_token *tok;
if (hreq->xreq.context.session != NULL)
return 0;
+ /* get the uuid of the session */
uuid = afb_hreq_get_header(hreq, long_key_for_uuid);
- if (uuid == NULL)
+ if (uuid == NULL) {
uuid = afb_hreq_get_argument(hreq, long_key_for_uuid);
- if (uuid == NULL)
- uuid = afb_hreq_get_cookie(hreq, cookie_name);
- if (uuid == NULL)
- uuid = afb_hreq_get_argument(hreq, short_key_for_uuid);
-
- token = afb_hreq_get_header(hreq, long_key_for_token);
- if (token == NULL)
- token = afb_hreq_get_argument(hreq, long_key_for_token);
- if (token == NULL)
- token = afb_hreq_get_argument(hreq, short_key_for_token);
-
- return afb_context_connect(&hreq->xreq.context, uuid, token);
+ if (uuid == NULL) {
+ uuid = afb_hreq_get_cookie(hreq, cookie_name);
+ if (uuid == NULL)
+ uuid = afb_hreq_get_argument(hreq, short_key_for_uuid);
+ }
+ }
+
+ /* get the authorisation token */
+ token = afb_hreq_get_authorization_bearer(hreq);
+ if (token == NULL) {
+ token = afb_hreq_get_argument(hreq, key_for_access_token);
+ if (token == NULL) {
+ token = afb_hreq_get_header(hreq, long_key_for_token);
+ if (token == NULL) {
+ token = afb_hreq_get_argument(hreq, long_key_for_token);
+ if (token == NULL)
+ token = afb_hreq_get_argument(hreq, short_key_for_token);
+ }
+ }
+ }
+ tok = NULL;
+ if (token)
+ afb_token_get(&tok, token);
+
+ return afb_context_connect(&hreq->xreq.context, uuid, tok, NULL);
}
int afb_hreq_init_cookie(int port, const char *path, int maxage)