X-Git-Url: https://gerrit.automotivelinux.org/gerrit/gitweb?a=blobdiff_plain;f=src%2Fafb-hreq.c;h=7e3d7ceb9f38591fc08b73c7c4a358c4de97f738;hb=65353dce81a629e042800bb7b86fcd869a76727e;hp=dc02e6feabca0e77ee32635f140123f85f24941a;hpb=c65113c390a5337924729e21f74f45df8c109291;p=src%2Fapp-framework-binder.git diff --git a/src/afb-hreq.c b/src/afb-hreq.c index dc02e6fe..7e3d7ceb 100644 --- a/src/afb-hreq.c +++ b/src/afb-hreq.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2016, 2017 "IoT.bzh" + * Copyright (C) 2015-2020 "IoT.bzh" * Author: José Bollo * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -20,6 +20,7 @@ #include #include #include +#include #include #include #include @@ -27,18 +28,22 @@ #include #include +#if !defined(JSON_C_TO_STRING_NOSLASHESCAPE) +#define JSON_C_TO_STRING_NOSLASHESCAPE 0 +#endif #if defined(USE_MAGIC_MIME_TYPE) #include #endif #include "afb-method.h" -#include #include "afb-msg-json.h" #include "afb-context.h" #include "afb-hreq.h" +#include "afb-hsrv.h" #include "afb-session.h" -#include "afb-cred.h" +#include "afb-token.h" +#include "afb-error-text.h" #include "verbose.h" #include "locale-root.h" @@ -57,6 +62,9 @@ static const char short_key_for_token[] = "token"; static const char long_key_for_reqid[] = "x-afb-reqid"; static const char short_key_for_reqid[] = "reqid"; +static const char key_for_bearer[] = "Bearer"; +static const char key_for_access_token[] = "access_token"; + static char *cookie_name = NULL; static char *cookie_setter = NULL; static char *tmp_pattern = NULL; @@ -74,15 +82,13 @@ struct hreq_data { static struct json_object *req_json(struct afb_xreq *xreq); static struct afb_arg req_get(struct afb_xreq *xreq, const char *name); -static void req_fail(struct afb_xreq *xreq, const char *status, const char *info); -static void req_success(struct afb_xreq *xreq, json_object *obj, const char *info); +static void req_reply(struct afb_xreq *xreq, struct json_object *object, const char *error, const char *info); static void req_destroy(struct afb_xreq *xreq); const struct afb_xreq_query_itf afb_hreq_xreq_query_itf = { .json = req_json, .get = req_get, - .success = req_success, - .fail = req_fail, + .reply = req_reply, .unref = req_destroy }; @@ -161,7 +167,8 @@ static void afb_hreq_reply_v(struct afb_hreq *hreq, unsigned status, struct MHD_ MHD_add_response_header(response, k, v); k = va_arg(args, const char *); } - v = afb_context_sent_uuid(&hreq->xreq.context); + + v = afb_context_uuid(&hreq->xreq.context); if (v != NULL && asprintf(&cookie, cookie_setter, v) > 0) { MHD_add_response_header(response, MHD_HTTP_HEADER_SET_COOKIE, cookie); free(cookie); @@ -171,10 +178,9 @@ static void afb_hreq_reply_v(struct afb_hreq *hreq, unsigned status, struct MHD_ hreq->replied = 1; if (hreq->suspended != 0) { - extern void run_micro_httpd(struct afb_hsrv *hsrv); MHD_resume_connection (hreq->connection); hreq->suspended = 0; - run_micro_httpd(hreq->hsrv); + afb_hsrv_run(hreq->hsrv); } } @@ -272,22 +278,38 @@ static const char *mimetype_fd_name(int fd, const char *filename) const char *extension = strrchr(filename, '.'); if (extension) { static const char *const known[][2] = { - { ".js", "text/javascript" }, - { ".html", "text/html" }, - { ".css", "text/css" }, - { ".ico", "image/x-icon"}, - { ".png", "image/png" }, - { ".svg", "image/svg+xml" }, - { ".ttf", "application/x-font-ttf"}, - { NULL, NULL } + /* keep it sorted for dichotomic search */ + { ".css", "text/css" }, + { ".gif", "image/gif" }, + { ".html", "text/html" }, + { ".htm", "text/html" }, + { ".ico", "image/x-icon"}, + { ".jpeg", "image/jpeg" }, + { ".jpg", "image/jpeg" }, + { ".js", "text/javascript" }, + { ".json", "application/json" }, + { ".mp3", "audio/mpeg" }, + { ".png", "image/png" }, + { ".svg", "image/svg+xml" }, + { ".ttf", "application/x-font-ttf"}, + { ".txt", "text/plain" }, + { ".wav", "audio/x-wav" }, + { ".xht", "application/xhtml+xml" }, + { ".xhtml", "application/xhtml+xml" }, + { ".xml", "application/xml" } }; - int i = 0; - while (known[i][0]) { - if (!strcasecmp(extension, known[i][0])) { + int i, c, l = 0, u = sizeof known / sizeof *known; + while (l < u) { + i = (l + u) >> 1; + c = strcasecmp(extension, known[i][0]); + if (!c) { result = known[i][1]; break; } - i++; + if (c < 0) + u = i; + else + l = i + 1; } } #endif @@ -305,6 +327,9 @@ static void req_destroy(struct afb_xreq *xreq) if (hreq->postform != NULL) MHD_destroy_post_processor(hreq->postform); + if (hreq->tokener != NULL) + json_tokener_free(hreq->tokener); + for (data = hreq->data; data; data = hreq->data) { hreq->data = data->next; if (data->path) { @@ -317,22 +342,21 @@ static void req_destroy(struct afb_xreq *xreq) } afb_context_disconnect(&hreq->xreq.context); json_object_put(hreq->json); - free((char*)hreq->xreq.api); - free((char*)hreq->xreq.verb); - afb_cred_unref(hreq->xreq.cred); + free((char*)hreq->xreq.request.called_api); + free((char*)hreq->xreq.request.called_verb); free(hreq); } void afb_hreq_addref(struct afb_hreq *hreq) { - afb_xreq_addref(&hreq->xreq); + afb_xreq_unhooked_addref(&hreq->xreq); } void afb_hreq_unref(struct afb_hreq *hreq) { if (hreq->replied) hreq->xreq.replied = 1; - afb_xreq_unref(&hreq->xreq); + afb_xreq_unhooked_unref(&hreq->xreq); } /* @@ -716,6 +740,23 @@ const char *afb_hreq_get_header(struct afb_hreq *hreq, const char *name) return MHD_lookup_connection_value(hreq->connection, MHD_HEADER_KIND, name); } +const char *afb_hreq_get_authorization_bearer(struct afb_hreq *hreq) +{ + const char *value = afb_hreq_get_header(hreq, MHD_HTTP_HEADER_AUTHORIZATION); + if (value) { + if (strncasecmp(value, key_for_bearer, sizeof key_for_bearer - 1) == 0) { + value += sizeof key_for_bearer - 1; + if (isblank(*value++)) { + while (isblank(*value)) + value++; + if (*value) + return value; + } + } + } + return NULL; +} + int afb_hreq_post_add(struct afb_hreq *hreq, const char *key, const char *data, size_t size) { void *p; @@ -879,51 +920,60 @@ static struct json_object *req_json(struct afb_xreq *xreq) return obj; } +static inline const char *get_json_string(json_object *obj) +{ + return json_object_to_json_string_ext(obj, JSON_C_TO_STRING_PLAIN|JSON_C_TO_STRING_NOSLASHESCAPE); +} static ssize_t send_json_cb(json_object *obj, uint64_t pos, char *buf, size_t max) { - ssize_t len = stpncpy(buf, json_object_to_json_string_ext(obj, JSON_C_TO_STRING_PLAIN)+pos, max) - buf; + ssize_t len = stpncpy(buf, get_json_string(obj)+pos, max) - buf; return len ? : (ssize_t)MHD_CONTENT_READER_END_OF_STREAM; } -static void req_reply(struct afb_hreq *hreq, unsigned retcode, const char *status, const char *info, json_object *resp) +static void req_reply(struct afb_xreq *xreq, struct json_object *object, const char *error, const char *info) { - struct json_object *reply; + struct afb_hreq *hreq = CONTAINER_OF_XREQ(struct afb_hreq, xreq); + struct json_object *sub, *reply; const char *reqid; struct MHD_Response *response; + /* create the reply */ + reply = afb_msg_json_reply(object, error, info, &xreq->context); + + /* append the req id on need */ reqid = afb_hreq_get_argument(hreq, long_key_for_reqid); if (reqid == NULL) reqid = afb_hreq_get_argument(hreq, short_key_for_reqid); - - reply = afb_msg_json_reply(status, info, resp, &hreq->xreq.context, reqid); - - response = MHD_create_response_from_callback((uint64_t)strlen(json_object_to_json_string_ext(reply, JSON_C_TO_STRING_PLAIN)), SIZE_RESPONSE_BUFFER, (void*)send_json_cb, reply, (void*)json_object_put); - afb_hreq_reply(hreq, retcode, response, NULL); -} - -static void req_fail(struct afb_xreq *xreq, const char *status, const char *info) -{ - struct afb_hreq *hreq = CONTAINER_OF_XREQ(struct afb_hreq, xreq); - req_reply(hreq, MHD_HTTP_OK, status, info, NULL); -} - -static void req_success(struct afb_xreq *xreq, json_object *obj, const char *info) -{ - struct afb_hreq *hreq = CONTAINER_OF_XREQ(struct afb_hreq, xreq); - req_reply(hreq, MHD_HTTP_OK, "success", info, obj); + if (reqid != NULL && json_object_object_get_ex(reply, "request", &sub)) + json_object_object_add(sub, "reqid", json_object_new_string(reqid)); + + response = MHD_create_response_from_callback( + (uint64_t)strlen(get_json_string(reply)), + SIZE_RESPONSE_BUFFER, + (void*)send_json_cb, + reply, + (void*)json_object_put); + + /* handle authorisation feedback */ + if (error == afb_error_text_invalid_token) + afb_hreq_reply(hreq, MHD_HTTP_UNAUTHORIZED, response, MHD_HTTP_HEADER_WWW_AUTHENTICATE, "error=\"invalid_token\"", NULL); + else if (error == afb_error_text_insufficient_scope) + afb_hreq_reply(hreq, MHD_HTTP_FORBIDDEN, response, MHD_HTTP_HEADER_WWW_AUTHENTICATE, "error=\"insufficient_scope\"", NULL); + else + afb_hreq_reply(hreq, MHD_HTTP_OK, response, NULL); } void afb_hreq_call(struct afb_hreq *hreq, struct afb_apiset *apiset, const char *api, size_t lenapi, const char *verb, size_t lenverb) { - hreq->xreq.api = strndup(api, lenapi); - hreq->xreq.verb = strndup(verb, lenverb); - if (hreq->xreq.api == NULL || hreq->xreq.verb == NULL) { + hreq->xreq.request.called_api = strndup(api, lenapi); + hreq->xreq.request.called_verb = strndup(verb, lenverb); + if (hreq->xreq.request.called_api == NULL || hreq->xreq.request.called_verb == NULL) { ERROR("Out of memory"); afb_hreq_reply_error(hreq, MHD_HTTP_INTERNAL_SERVER_ERROR); } else if (afb_hreq_init_context(hreq) < 0) { afb_hreq_reply_error(hreq, MHD_HTTP_INTERNAL_SERVER_ERROR); } else { - afb_xreq_addref(&hreq->xreq); /* TODO check if needed */ + afb_xreq_unhooked_addref(&hreq->xreq); afb_xreq_process(&hreq->xreq, apiset); } } @@ -932,25 +982,40 @@ int afb_hreq_init_context(struct afb_hreq *hreq) { const char *uuid; const char *token; + struct afb_token *tok; if (hreq->xreq.context.session != NULL) return 0; + /* get the uuid of the session */ uuid = afb_hreq_get_header(hreq, long_key_for_uuid); - if (uuid == NULL) + if (uuid == NULL) { uuid = afb_hreq_get_argument(hreq, long_key_for_uuid); - if (uuid == NULL) - uuid = afb_hreq_get_cookie(hreq, cookie_name); - if (uuid == NULL) - uuid = afb_hreq_get_argument(hreq, short_key_for_uuid); - - token = afb_hreq_get_header(hreq, long_key_for_token); - if (token == NULL) - token = afb_hreq_get_argument(hreq, long_key_for_token); - if (token == NULL) - token = afb_hreq_get_argument(hreq, short_key_for_token); - - return afb_context_connect(&hreq->xreq.context, uuid, token); + if (uuid == NULL) { + uuid = afb_hreq_get_cookie(hreq, cookie_name); + if (uuid == NULL) + uuid = afb_hreq_get_argument(hreq, short_key_for_uuid); + } + } + + /* get the authorisation token */ + token = afb_hreq_get_authorization_bearer(hreq); + if (token == NULL) { + token = afb_hreq_get_argument(hreq, key_for_access_token); + if (token == NULL) { + token = afb_hreq_get_header(hreq, long_key_for_token); + if (token == NULL) { + token = afb_hreq_get_argument(hreq, long_key_for_token); + if (token == NULL) + token = afb_hreq_get_argument(hreq, short_key_for_token); + } + } + } + tok = NULL; + if (token) + afb_token_get(&tok, token); + + return afb_context_connect(&hreq->xreq.context, uuid, tok, NULL); } int afb_hreq_init_cookie(int port, const char *path, int maxage)