Don't return the uuid

[src/app-framework-binder.git] / src / afb-hreq.c

diff --git a/src/afb-hreq.c b/src/afb-hreq.c
index a2df4b1..a9010b8 100644 (file)
--- a/src/afb-hreq.c
+++ b/src/afb-hreq.c
@@ -20,6 +20,7 @@
 #include <stdlib.h>
 #include <stdio.h>
 #include <string.h>
+#include <ctype.h>
 #include <assert.h>
 #include <errno.h>
 #include <fcntl.h>
@@ -60,6 +61,9 @@ static const char short_key_for_token[] = "token";
 static const char long_key_for_reqid[] = "x-afb-reqid";
 static const char short_key_for_reqid[] = "reqid";
 
+static const char key_for_bearer[] = "Bearer";
+static const char key_for_access_token[] = "access_token";
+
 static char *cookie_name = NULL;
 static char *cookie_setter = NULL;
 static char *tmp_pattern = NULL;
@@ -162,7 +166,8 @@ static void afb_hreq_reply_v(struct afb_hreq *hreq, unsigned status, struct MHD_
                MHD_add_response_header(response, k, v);
                k = va_arg(args, const char *);
        }
-       v = afb_context_sent_uuid(&hreq->xreq.context);
+
+       v = afb_context_uuid(&hreq->xreq.context);
        if (v != NULL && asprintf(&cookie, cookie_setter, v) > 0) {
                MHD_add_response_header(response, MHD_HTTP_HEADER_SET_COOKIE, cookie);
                free(cookie);
@@ -735,6 +740,23 @@ const char *afb_hreq_get_header(struct afb_hreq *hreq, const char *name)
        return MHD_lookup_connection_value(hreq->connection, MHD_HEADER_KIND, name);
 }
 
+const char *afb_hreq_get_authorization_bearer(struct afb_hreq *hreq)
+{
+       const char *value = afb_hreq_get_header(hreq, MHD_HTTP_HEADER_AUTHORIZATION);
+       if (value) {
+               if (strncasecmp(value, key_for_bearer, sizeof key_for_bearer - 1) == 0) {
+                       value += sizeof key_for_bearer - 1;
+                       if (isblank(*value++)) {
+                               while (isblank(*value))
+                                       value++;
+                               if (*value)
+                                       return value;
+                       }
+               }
+       }
+       return NULL;
+}
+
 int afb_hreq_post_add(struct afb_hreq *hreq, const char *key, const char *data, size_t size)
 {
        void *p;
@@ -948,19 +970,30 @@ int afb_hreq_init_context(struct afb_hreq *hreq)
        if (hreq->xreq.context.session != NULL)
                return 0;
 
+       /* get the uuid of the session */
        uuid = afb_hreq_get_header(hreq, long_key_for_uuid);
-       if (uuid == NULL)
+       if (uuid == NULL) {
                uuid = afb_hreq_get_argument(hreq, long_key_for_uuid);
-       if (uuid == NULL)
-               uuid = afb_hreq_get_cookie(hreq, cookie_name);
-       if (uuid == NULL)
-               uuid = afb_hreq_get_argument(hreq, short_key_for_uuid);
-
-       token = afb_hreq_get_header(hreq, long_key_for_token);
-       if (token == NULL)
-               token = afb_hreq_get_argument(hreq, long_key_for_token);
-       if (token == NULL)
-               token = afb_hreq_get_argument(hreq, short_key_for_token);
+               if (uuid == NULL) {
+                       uuid = afb_hreq_get_cookie(hreq, cookie_name);
+                       if (uuid == NULL)
+                               uuid = afb_hreq_get_argument(hreq, short_key_for_uuid);
+               }
+       }
+
+       /* get the authorisation token */
+       token = afb_hreq_get_authorization_bearer(hreq);
+       if (token == NULL) {
+               token = afb_hreq_get_argument(hreq, key_for_access_token);
+               if (token == NULL) {
+                       token = afb_hreq_get_header(hreq, long_key_for_token);
+                       if (token == NULL) {
+                               token = afb_hreq_get_argument(hreq, long_key_for_token);
+                               if (token == NULL)
+                                       token = afb_hreq_get_argument(hreq, short_key_for_token);
+                       }
+               }
+       }
 
        return afb_context_connect(&hreq->xreq.context, uuid, token);
 }