2 * Copyright (C) 2015-2020 "IoT.bzh"
3 * Author: José Bollo <jose.bollo@iot.bzh>
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
29 #include <microhttpd.h>
30 #include <json-c/json.h>
31 #if !defined(JSON_C_TO_STRING_NOSLASHESCAPE)
32 #define JSON_C_TO_STRING_NOSLASHESCAPE 0
35 #if defined(USE_MAGIC_MIME_TYPE)
39 #include "afb-method.h"
40 #include "afb-msg-json.h"
41 #include "afb-context.h"
44 #include "afb-session.h"
45 #include "afb-token.h"
46 #include "afb-error-text.h"
48 #include "locale-root.h"
50 #define SIZE_RESPONSE_BUFFER 8192
52 static int global_reqids = 0;
54 static char empty_string[] = "";
56 static const char long_key_for_uuid[] = "x-afb-uuid";
57 static const char short_key_for_uuid[] = "uuid";
59 static const char long_key_for_token[] = "x-afb-token";
60 static const char short_key_for_token[] = "token";
62 static const char long_key_for_reqid[] = "x-afb-reqid";
63 static const char short_key_for_reqid[] = "reqid";
65 static const char key_for_bearer[] = "Bearer";
66 static const char key_for_access_token[] = "access_token";
68 static char *cookie_name = NULL;
69 static char *cookie_setter = NULL;
70 static char *tmp_pattern = NULL;
73 * Structure for storing key/values read from POST requests
76 struct hreq_data *next; /* chain to next data */
77 char *key; /* key name */
78 size_t length; /* length of the value (used for appending) */
79 char *value; /* the value (or original filename) */
80 char *path; /* path of the file saved */
83 static struct json_object *req_json(struct afb_xreq *xreq);
84 static struct afb_arg req_get(struct afb_xreq *xreq, const char *name);
85 static void req_reply(struct afb_xreq *xreq, struct json_object *object, const char *error, const char *info);
86 static void req_destroy(struct afb_xreq *xreq);
88 const struct afb_xreq_query_itf afb_hreq_xreq_query_itf = {
95 static struct hreq_data *get_data(struct afb_hreq *hreq, const char *key, int create)
97 struct hreq_data *data = hreq->data;
98 while (data != NULL) {
99 if (!strcasecmp(data->key, key))
104 data = calloc(1, sizeof *data);
106 data->key = strdup(key);
107 if (data->key == NULL) {
111 data->next = hreq->data;
119 /* a valid subpath is a relative path not looking deeper than root using .. */
120 static int validsubpath(const char *subpath)
125 switch (subpath[i++]) {
129 if (subpath[i] == '/') {
133 if (subpath[i++] == '.') {
139 if (subpath[i++] == '/') {
146 while (subpath[i] && subpath[i] != '/')
156 static void afb_hreq_reply_v(struct afb_hreq *hreq, unsigned status, struct MHD_Response *response, va_list args)
161 if (hreq->replied != 0)
164 k = va_arg(args, const char *);
166 v = va_arg(args, const char *);
167 MHD_add_response_header(response, k, v);
168 k = va_arg(args, const char *);
171 v = afb_context_uuid(&hreq->xreq.context);
172 if (v != NULL && asprintf(&cookie, cookie_setter, v) > 0) {
173 MHD_add_response_header(response, MHD_HTTP_HEADER_SET_COOKIE, cookie);
176 MHD_queue_response(hreq->connection, status, response);
177 MHD_destroy_response(response);
180 if (hreq->suspended != 0) {
181 MHD_resume_connection (hreq->connection);
183 afb_hsrv_run(hreq->hsrv);
187 void afb_hreq_reply(struct afb_hreq *hreq, unsigned status, struct MHD_Response *response, ...)
190 va_start(args, response);
191 afb_hreq_reply_v(hreq, status, response, args);
195 void afb_hreq_reply_empty(struct afb_hreq *hreq, unsigned status, ...)
198 va_start(args, status);
199 afb_hreq_reply_v(hreq, status, MHD_create_response_from_buffer(0, NULL, MHD_RESPMEM_PERSISTENT), args);
203 void afb_hreq_reply_static(struct afb_hreq *hreq, unsigned status, size_t size, const char *buffer, ...)
206 va_start(args, buffer);
207 afb_hreq_reply_v(hreq, status, MHD_create_response_from_buffer((unsigned)size, (char*)buffer, MHD_RESPMEM_PERSISTENT), args);
211 void afb_hreq_reply_copy(struct afb_hreq *hreq, unsigned status, size_t size, const char *buffer, ...)
214 va_start(args, buffer);
215 afb_hreq_reply_v(hreq, status, MHD_create_response_from_buffer((unsigned)size, (char*)buffer, MHD_RESPMEM_MUST_COPY), args);
219 void afb_hreq_reply_free(struct afb_hreq *hreq, unsigned status, size_t size, char *buffer, ...)
222 va_start(args, buffer);
223 afb_hreq_reply_v(hreq, status, MHD_create_response_from_buffer((unsigned)size, buffer, MHD_RESPMEM_MUST_FREE), args);
227 #if defined(USE_MAGIC_MIME_TYPE)
229 #if !defined(MAGIC_DB)
230 #define MAGIC_DB "/usr/share/misc/magic.mgc"
233 static magic_t lazy_libmagic()
236 static magic_t result = NULL;
240 /* MAGIC_MIME tells magic to return a mime of the file,
241 but you can specify different things */
242 INFO("Loading mimetype default magic database");
243 result = magic_open(MAGIC_MIME_TYPE);
244 if (result == NULL) {
245 ERROR("unable to initialize magic library");
247 /* Warning: should not use NULL for DB
248 [libmagic bug wont pass efence check] */
249 else if (magic_load(result, MAGIC_DB) != 0) {
250 ERROR("cannot load magic database: %s", magic_error(result));
259 static const char *magic_mimetype_fd(int fd)
261 magic_t lib = lazy_libmagic();
262 return lib ? magic_descriptor(lib, fd) : NULL;
267 static const char *mimetype_fd_name(int fd, const char *filename)
269 const char *result = NULL;
271 #if defined(INFER_EXTENSION)
273 * Set some well-known extensions
274 * Note that it is mandatory for example for css files in order to provide
275 * right mimetype that must be text/css (otherwise chrome browser will not
276 * load correctly css file) while libmagic returns text/plain.
278 const char *extension = strrchr(filename, '.');
280 static const char *const known[][2] = {
281 /* keep it sorted for dichotomic search */
282 { ".css", "text/css" },
283 { ".gif", "image/gif" },
284 { ".html", "text/html" },
285 { ".htm", "text/html" },
286 { ".ico", "image/x-icon"},
287 { ".jpeg", "image/jpeg" },
288 { ".jpg", "image/jpeg" },
289 { ".js", "text/javascript" },
290 { ".json", "application/json" },
291 { ".mp3", "audio/mpeg" },
292 { ".png", "image/png" },
293 { ".svg", "image/svg+xml" },
294 { ".ttf", "application/x-font-ttf"},
295 { ".txt", "text/plain" },
296 { ".wav", "audio/x-wav" },
297 { ".xht", "application/xhtml+xml" },
298 { ".xhtml", "application/xhtml+xml" },
299 { ".xml", "application/xml" }
301 int i, c, l = 0, u = sizeof known / sizeof *known;
304 c = strcasecmp(extension, known[i][0]);
306 result = known[i][1];
316 #if defined(USE_MAGIC_MIME_TYPE)
318 result = magic_mimetype_fd(fd);
323 static void req_destroy(struct afb_xreq *xreq)
325 struct afb_hreq *hreq = CONTAINER_OF_XREQ(struct afb_hreq, xreq);
326 struct hreq_data *data;
328 if (hreq->postform != NULL)
329 MHD_destroy_post_processor(hreq->postform);
330 if (hreq->tokener != NULL)
331 json_tokener_free(hreq->tokener);
333 for (data = hreq->data; data; data = hreq->data) {
334 hreq->data = data->next;
343 afb_context_disconnect(&hreq->xreq.context);
344 json_object_put(hreq->json);
345 free((char*)hreq->xreq.request.called_api);
346 free((char*)hreq->xreq.request.called_verb);
350 void afb_hreq_addref(struct afb_hreq *hreq)
352 afb_xreq_unhooked_addref(&hreq->xreq);
355 void afb_hreq_unref(struct afb_hreq *hreq)
358 hreq->xreq.replied = 1;
359 afb_xreq_unhooked_unref(&hreq->xreq);
363 * Removes the 'prefix' of 'length' from the tail of 'hreq'
364 * if and only if the prefix exists and is terminated by a leading
367 int afb_hreq_unprefix(struct afb_hreq *hreq, const char *prefix, size_t length)
369 /* check the prefix ? */
370 if (length > hreq->lentail || (hreq->tail[length] && hreq->tail[length] != '/')
371 || strncasecmp(prefix, hreq->tail, length))
374 /* removes successives / */
375 while (length < hreq->lentail && hreq->tail[length + 1] == '/')
378 /* update the tail */
379 hreq->lentail -= length;
380 hreq->tail += length;
384 int afb_hreq_valid_tail(struct afb_hreq *hreq)
386 return validsubpath(hreq->tail);
389 void afb_hreq_reply_error(struct afb_hreq *hreq, unsigned int status)
391 afb_hreq_reply_empty(hreq, status, NULL);
394 int afb_hreq_redirect_to_ending_slash_if_needed(struct afb_hreq *hreq)
398 if (hreq->url[hreq->lenurl - 1] == '/')
401 /* the redirect is needed for reliability of relative path */
402 tourl = alloca(hreq->lenurl + 2);
403 memcpy(tourl, hreq->url, hreq->lenurl);
404 tourl[hreq->lenurl] = '/';
405 tourl[hreq->lenurl + 1] = 0;
406 afb_hreq_redirect_to(hreq, tourl, 1);
410 int afb_hreq_reply_file_if_exist(struct afb_hreq *hreq, int dirfd, const char *filename)
416 char etag[1 + 2 * 8];
418 struct MHD_Response *response;
419 const char *mimetype;
421 /* Opens the file or directory */
423 fd = openat(dirfd, filename, O_RDONLY);
427 afb_hreq_reply_error(hreq, MHD_HTTP_FORBIDDEN);
433 afb_hreq_reply_error(hreq, MHD_HTTP_INTERNAL_SERVER_ERROR);
438 /* Retrieves file's status */
439 if (fstat(fd, &st) != 0) {
441 afb_hreq_reply_error(hreq, MHD_HTTP_INTERNAL_SERVER_ERROR);
445 /* serve directory */
446 if (S_ISDIR(st.st_mode)) {
447 rc = afb_hreq_redirect_to_ending_slash_if_needed(hreq);
449 static const char *indexes[] = { "index.html", NULL };
451 while (indexes[i] != NULL) {
452 if (faccessat(fd, indexes[i], R_OK, 0) == 0) {
453 rc = afb_hreq_reply_file_if_exist(hreq, fd, indexes[i]);
463 /* Don't serve special files */
464 if (!S_ISREG(st.st_mode)) {
466 afb_hreq_reply_error(hreq, MHD_HTTP_FORBIDDEN);
470 /* Check the method */
471 if ((hreq->method & (afb_method_get | afb_method_head)) == 0) {
473 afb_hreq_reply_error(hreq, MHD_HTTP_METHOD_NOT_ALLOWED);
477 /* computes the etag */
478 sprintf(etag, "%08X%08X", ((int)(st.st_mtim.tv_sec) ^ (int)(st.st_mtim.tv_nsec)), (int)(st.st_size));
480 /* checks the etag */
481 inm = MHD_lookup_connection_value(hreq->connection, MHD_HEADER_KIND, MHD_HTTP_HEADER_IF_NONE_MATCH);
482 if (inm && 0 == strcmp(inm, etag)) {
483 /* etag ok, return NOT MODIFIED */
485 DEBUG("Not Modified: [%s]", filename);
486 response = MHD_create_response_from_buffer(0, empty_string, MHD_RESPMEM_PERSISTENT);
487 status = MHD_HTTP_NOT_MODIFIED;
490 if (st.st_size != (off_t) (size_t) st.st_size) {
492 afb_hreq_reply_error(hreq, MHD_HTTP_INTERNAL_SERVER_ERROR);
496 /* create the response */
497 response = MHD_create_response_from_fd((size_t) st.st_size, fd);
498 status = MHD_HTTP_OK;
501 mimetype = mimetype_fd_name(fd, filename);
502 if (mimetype != NULL)
503 MHD_add_response_header(response, MHD_HTTP_HEADER_CONTENT_TYPE, mimetype);
506 /* fills the value and send */
507 afb_hreq_reply(hreq, status, response,
508 MHD_HTTP_HEADER_CACHE_CONTROL, hreq->cacheTimeout,
509 MHD_HTTP_HEADER_ETAG, etag,
514 int afb_hreq_reply_file(struct afb_hreq *hreq, int dirfd, const char *filename)
516 int rc = afb_hreq_reply_file_if_exist(hreq, dirfd, filename);
518 afb_hreq_reply_error(hreq, MHD_HTTP_NOT_FOUND);
522 int afb_hreq_reply_locale_file_if_exist(struct afb_hreq *hreq, struct locale_search *search, const char *filename)
528 char etag[1 + 2 * 8];
530 struct MHD_Response *response;
531 const char *mimetype;
533 /* Opens the file or directory */
534 fd = locale_search_open(search, filename[0] ? filename : ".", O_RDONLY);
538 afb_hreq_reply_error(hreq, MHD_HTTP_FORBIDDEN);
542 /* Retrieves file's status */
543 if (fstat(fd, &st) != 0) {
545 afb_hreq_reply_error(hreq, MHD_HTTP_INTERNAL_SERVER_ERROR);
549 /* serve directory */
550 if (S_ISDIR(st.st_mode)) {
551 rc = afb_hreq_redirect_to_ending_slash_if_needed(hreq);
553 static const char *indexes[] = { "index.html", NULL };
555 size_t length = strlen(filename);
556 char *extname = alloca(length + 30); /* 30 is enough to old data of indexes */
557 memcpy(extname, filename, length);
558 if (length && extname[length - 1] != '/')
559 extname[length++] = '/';
560 while (rc == 0 && indexes[i] != NULL) {
561 strcpy(extname + length, indexes[i++]);
562 rc = afb_hreq_reply_locale_file_if_exist(hreq, search, extname);
569 /* Don't serve special files */
570 if (!S_ISREG(st.st_mode)) {
572 afb_hreq_reply_error(hreq, MHD_HTTP_FORBIDDEN);
576 /* Check the method */
577 if ((hreq->method & (afb_method_get | afb_method_head)) == 0) {
579 afb_hreq_reply_error(hreq, MHD_HTTP_METHOD_NOT_ALLOWED);
583 /* computes the etag */
584 sprintf(etag, "%08X%08X", ((int)(st.st_mtim.tv_sec) ^ (int)(st.st_mtim.tv_nsec)), (int)(st.st_size));
586 /* checks the etag */
587 inm = MHD_lookup_connection_value(hreq->connection, MHD_HEADER_KIND, MHD_HTTP_HEADER_IF_NONE_MATCH);
588 if (inm && 0 == strcmp(inm, etag)) {
589 /* etag ok, return NOT MODIFIED */
591 DEBUG("Not Modified: [%s]", filename);
592 response = MHD_create_response_from_buffer(0, empty_string, MHD_RESPMEM_PERSISTENT);
593 status = MHD_HTTP_NOT_MODIFIED;
596 if (st.st_size != (off_t) (size_t) st.st_size) {
598 afb_hreq_reply_error(hreq, MHD_HTTP_INTERNAL_SERVER_ERROR);
602 /* create the response */
603 response = MHD_create_response_from_fd((size_t) st.st_size, fd);
604 status = MHD_HTTP_OK;
607 mimetype = mimetype_fd_name(fd, filename);
608 if (mimetype != NULL)
609 MHD_add_response_header(response, MHD_HTTP_HEADER_CONTENT_TYPE, mimetype);
612 /* fills the value and send */
613 afb_hreq_reply(hreq, status, response,
614 MHD_HTTP_HEADER_CACHE_CONTROL, hreq->cacheTimeout,
615 MHD_HTTP_HEADER_ETAG, etag,
620 int afb_hreq_reply_locale_file(struct afb_hreq *hreq, struct locale_search *search, const char *filename)
622 int rc = afb_hreq_reply_locale_file_if_exist(hreq, search, filename);
624 afb_hreq_reply_error(hreq, MHD_HTTP_NOT_FOUND);
635 static void _mkq_add_(struct _mkq_ *mkq, char value)
637 char *text = mkq->text;
639 if (mkq->length == mkq->alloc) {
641 text = realloc(text, mkq->alloc);
649 text[mkq->length++] = value;
653 static void _mkq_add_hex_(struct _mkq_ *mkq, char value)
655 _mkq_add_(mkq, (char)(value < 10 ? value + '0' : value + 'A' - 10));
658 static void _mkq_add_esc_(struct _mkq_ *mkq, char value)
661 _mkq_add_hex_(mkq, (char)((value >> 4) & 15));
662 _mkq_add_hex_(mkq, (char)(value & 15));
665 static void _mkq_add_char_(struct _mkq_ *mkq, char value)
667 if (value <= ' ' || value >= 127)
668 _mkq_add_esc_(mkq, value);
674 _mkq_add_esc_(mkq, value);
677 _mkq_add_(mkq, value);
681 static void _mkq_append_(struct _mkq_ *mkq, const char *value)
684 _mkq_add_char_(mkq, *value++);
687 static int _mkquery_(struct _mkq_ *mkq, enum MHD_ValueKind kind, const char *key, const char *value)
689 _mkq_add_(mkq, mkq->count++ ? '&' : '?');
690 _mkq_append_(mkq, key);
693 _mkq_append_(mkq, value);
698 static char *url_with_query(struct afb_hreq *hreq, const char *url)
703 mkq.length = strlen(url);
704 mkq.alloc = mkq.length + 1000;
705 mkq.text = malloc(mkq.alloc);
706 if (mkq.text != NULL) {
707 strcpy(mkq.text, url);
708 MHD_get_connection_values(hreq->connection, MHD_GET_ARGUMENT_KIND, (void*)_mkquery_, &mkq);
714 void afb_hreq_redirect_to(struct afb_hreq *hreq, const char *url, int add_query_part)
719 wqp = add_query_part ? url_with_query(hreq, url) : NULL;
721 afb_hreq_reply_static(hreq, MHD_HTTP_MOVED_PERMANENTLY, 0, NULL,
722 MHD_HTTP_HEADER_LOCATION, to, NULL);
723 DEBUG("redirect from [%s] to [%s]", hreq->url, url);
727 const char *afb_hreq_get_cookie(struct afb_hreq *hreq, const char *name)
729 return MHD_lookup_connection_value(hreq->connection, MHD_COOKIE_KIND, name);
732 const char *afb_hreq_get_argument(struct afb_hreq *hreq, const char *name)
734 struct hreq_data *data = get_data(hreq, name, 0);
735 return data ? data->value : MHD_lookup_connection_value(hreq->connection, MHD_GET_ARGUMENT_KIND, name);
738 const char *afb_hreq_get_header(struct afb_hreq *hreq, const char *name)
740 return MHD_lookup_connection_value(hreq->connection, MHD_HEADER_KIND, name);
743 const char *afb_hreq_get_authorization_bearer(struct afb_hreq *hreq)
745 const char *value = afb_hreq_get_header(hreq, MHD_HTTP_HEADER_AUTHORIZATION);
747 if (strncasecmp(value, key_for_bearer, sizeof key_for_bearer - 1) == 0) {
748 value += sizeof key_for_bearer - 1;
749 if (isblank(*value++)) {
750 while (isblank(*value))
760 int afb_hreq_post_add(struct afb_hreq *hreq, const char *key, const char *data, size_t size)
763 struct hreq_data *hdat = get_data(hreq, key, 1);
764 if (hdat->path != NULL) {
767 p = realloc(hdat->value, hdat->length + size + 1);
772 memcpy(&hdat->value[hdat->length], data, size);
773 hdat->length += size;
774 hdat->value[hdat->length] = 0;
778 int afb_hreq_init_download_path(const char *directory)
784 if (access(directory, R_OK|W_OK)) {
785 /* no read/write access */
788 if (stat(directory, &st)) {
792 if (!S_ISDIR(st.st_mode)) {
793 /* not a directory */
797 n = strlen(directory);
798 while(n > 1 && directory[n-1] == '/') n--;
801 /* can't allocate memory */
805 memcpy(p, directory, n);
819 static int opentempfile(char **path)
824 fname = strdup(tmp_pattern ? : "XXXXXX"); /* TODO improve the path */
828 fd = mkostemp(fname, O_CLOEXEC|O_WRONLY);
836 int afb_hreq_post_add_file(struct afb_hreq *hreq, const char *key, const char *file, const char *data, size_t size)
840 struct hreq_data *hdat = get_data(hreq, key, 1);
842 if (hdat->value == NULL) {
843 hdat->value = strdup(file);
844 if (hdat->value == NULL)
846 fd = opentempfile(&hdat->path);
847 } else if (strcmp(hdat->value, file) || hdat->path == NULL) {
850 fd = open(hdat->path, O_WRONLY|O_APPEND);
855 sz = write(fd, data, size);
857 hdat->length += (size_t)sz;
860 } else if (errno != EINTR)
867 static struct afb_arg req_get(struct afb_xreq *xreq, const char *name)
870 struct afb_hreq *hreq = CONTAINER_OF_XREQ(struct afb_hreq, xreq);
871 struct hreq_data *hdat = get_data(hreq, name, 0);
873 return (struct afb_arg){
875 .value = hdat->value,
879 value = MHD_lookup_connection_value(hreq->connection, MHD_GET_ARGUMENT_KIND, name);
880 return (struct afb_arg){
881 .name = value == NULL ? NULL : name,
887 static int _iterargs_(struct json_object *obj, enum MHD_ValueKind kind, const char *key, const char *value)
889 json_object_object_add(obj, key, value ? json_object_new_string(value) : NULL);
893 static struct json_object *req_json(struct afb_xreq *xreq)
895 struct hreq_data *hdat;
896 struct json_object *obj, *val;
897 struct afb_hreq *hreq = CONTAINER_OF_XREQ(struct afb_hreq, xreq);
901 hreq->json = obj = json_object_new_object();
904 MHD_get_connection_values (hreq->connection, MHD_GET_ARGUMENT_KIND, (void*)_iterargs_, obj);
905 for (hdat = hreq->data ; hdat ; hdat = hdat->next) {
906 if (hdat->path == NULL)
907 val = hdat->value ? json_object_new_string(hdat->value) : NULL;
909 val = json_object_new_object();
912 json_object_object_add(val, "file", json_object_new_string(hdat->value));
913 json_object_object_add(val, "path", json_object_new_string(hdat->path));
916 json_object_object_add(obj, hdat->key, val);
923 static inline const char *get_json_string(json_object *obj)
925 return json_object_to_json_string_ext(obj, JSON_C_TO_STRING_PLAIN|JSON_C_TO_STRING_NOSLASHESCAPE);
927 static ssize_t send_json_cb(json_object *obj, uint64_t pos, char *buf, size_t max)
929 ssize_t len = stpncpy(buf, get_json_string(obj)+pos, max) - buf;
930 return len ? : (ssize_t)MHD_CONTENT_READER_END_OF_STREAM;
933 static void req_reply(struct afb_xreq *xreq, struct json_object *object, const char *error, const char *info)
935 struct afb_hreq *hreq = CONTAINER_OF_XREQ(struct afb_hreq, xreq);
936 struct json_object *sub, *reply;
938 struct MHD_Response *response;
940 /* create the reply */
941 reply = afb_msg_json_reply(object, error, info, &xreq->context);
943 /* append the req id on need */
944 reqid = afb_hreq_get_argument(hreq, long_key_for_reqid);
946 reqid = afb_hreq_get_argument(hreq, short_key_for_reqid);
947 if (reqid != NULL && json_object_object_get_ex(reply, "request", &sub))
948 json_object_object_add(sub, "reqid", json_object_new_string(reqid));
950 response = MHD_create_response_from_callback(
951 (uint64_t)strlen(get_json_string(reply)),
952 SIZE_RESPONSE_BUFFER,
955 (void*)json_object_put);
957 /* handle authorisation feedback */
958 if (error == afb_error_text_invalid_token)
959 afb_hreq_reply(hreq, MHD_HTTP_UNAUTHORIZED, response, MHD_HTTP_HEADER_WWW_AUTHENTICATE, "error=\"invalid_token\"", NULL);
960 else if (error == afb_error_text_insufficient_scope)
961 afb_hreq_reply(hreq, MHD_HTTP_FORBIDDEN, response, MHD_HTTP_HEADER_WWW_AUTHENTICATE, "error=\"insufficient_scope\"", NULL);
963 afb_hreq_reply(hreq, MHD_HTTP_OK, response, NULL);
966 void afb_hreq_call(struct afb_hreq *hreq, struct afb_apiset *apiset, const char *api, size_t lenapi, const char *verb, size_t lenverb)
968 hreq->xreq.request.called_api = strndup(api, lenapi);
969 hreq->xreq.request.called_verb = strndup(verb, lenverb);
970 if (hreq->xreq.request.called_api == NULL || hreq->xreq.request.called_verb == NULL) {
971 ERROR("Out of memory");
972 afb_hreq_reply_error(hreq, MHD_HTTP_INTERNAL_SERVER_ERROR);
973 } else if (afb_hreq_init_context(hreq) < 0) {
974 afb_hreq_reply_error(hreq, MHD_HTTP_INTERNAL_SERVER_ERROR);
976 afb_xreq_unhooked_addref(&hreq->xreq);
977 afb_xreq_process(&hreq->xreq, apiset);
981 int afb_hreq_init_context(struct afb_hreq *hreq)
985 struct afb_token *tok;
987 if (hreq->xreq.context.session != NULL)
990 /* get the uuid of the session */
991 uuid = afb_hreq_get_header(hreq, long_key_for_uuid);
993 uuid = afb_hreq_get_argument(hreq, long_key_for_uuid);
995 uuid = afb_hreq_get_cookie(hreq, cookie_name);
997 uuid = afb_hreq_get_argument(hreq, short_key_for_uuid);
1001 /* get the authorisation token */
1002 token = afb_hreq_get_authorization_bearer(hreq);
1003 if (token == NULL) {
1004 token = afb_hreq_get_argument(hreq, key_for_access_token);
1005 if (token == NULL) {
1006 token = afb_hreq_get_header(hreq, long_key_for_token);
1007 if (token == NULL) {
1008 token = afb_hreq_get_argument(hreq, long_key_for_token);
1010 token = afb_hreq_get_argument(hreq, short_key_for_token);
1016 afb_token_get(&tok, token);
1018 return afb_context_connect(&hreq->xreq.context, uuid, tok, NULL);
1021 int afb_hreq_init_cookie(int port, const char *path, int maxage)
1026 free(cookie_setter);
1028 cookie_setter = NULL;
1030 path = path ? : "/";
1031 rc = asprintf(&cookie_name, "%s-%d", long_key_for_uuid, port);
1034 rc = asprintf(&cookie_setter, "%s=%%s; Path=%s; Max-Age=%d; HttpOnly",
1035 cookie_name, path, maxage);
1041 struct afb_xreq *afb_hreq_to_xreq(struct afb_hreq *hreq)
1046 struct afb_hreq *afb_hreq_create()
1048 struct afb_hreq *hreq = calloc(1, sizeof *hreq);
1050 /* init the request */
1051 afb_xreq_init(&hreq->xreq, &afb_hreq_xreq_query_itf);
1052 hreq->reqid = ++global_reqids;
Code Review / src / app-framework-binder.git / blob