diff options
author | Ivan Lisenkov <[email protected]> | 2013-01-30 00:30:05 +0400 |
---|---|---|
committer | Ivan Lisenkov <[email protected]> | 2013-01-30 00:30:05 +0400 |
commit | 54c6d3fa3aada272839a431a45318d33dbc6b9e5 (patch) | |
tree | d702271731de3dff8e5af1863dc210280a5f961c /src | |
parent | fd5a977a39ec99d0aa57a2864f91cca7af5c67d6 (diff) | |
download | cowboy-54c6d3fa3aada272839a431a45318d33dbc6b9e5.tar.gz cowboy-54c6d3fa3aada272839a431a45318d33dbc6b9e5.tar.bz2 cowboy-54c6d3fa3aada272839a431a45318d33dbc6b9e5.zip |
Implement authorization header parsing
Basic HTTP authorization according to RFC 2617 is implemented.
Added an example of its usage with REST handler.
Diffstat (limited to 'src')
-rw-r--r-- | src/cowboy_http.erl | 59 | ||||
-rw-r--r-- | src/cowboy_req.erl | 5 |
2 files changed, 64 insertions, 0 deletions
diff --git a/src/cowboy_http.erl b/src/cowboy_http.erl index 6f42ab9..67d3f70 100644 --- a/src/cowboy_http.erl +++ b/src/cowboy_http.erl @@ -36,6 +36,7 @@ -export([token/2]). -export([token_ci/2]). -export([quoted_string/2]). +-export([authorization/2]). %% Decoding. -export([te_chunked/2]). @@ -801,6 +802,52 @@ qvalue(<< C, Rest/binary >>, Fun, Q, M) qvalue(Data, Fun, Q, _M) -> Fun(Data, Q). +%% @doc Parse user credentials. +-spec authorization_basic_userid(binary(), fun()) -> any(). +authorization_basic_userid(Data, Fun) -> + authorization_basic_userid(Data, Fun, <<>>). + +authorization_basic_userid(<<>>, _Fun, _Acc) -> + {error, badarg}; +authorization_basic_userid(<<C, _Rest/binary>>, _Fun, Acc) + when C < 32; C =:= 127; (C =:=$: andalso Acc =:= <<>>) -> + {error, badarg}; +authorization_basic_userid(<<$:, Rest/binary>>, Fun, Acc) -> + Fun(Rest, Acc); +authorization_basic_userid(<<C, Rest/binary>>, Fun, Acc) -> + authorization_basic_userid(Rest, Fun, <<Acc/binary, C>>). + +-spec authorization_basic_password(binary(), fun()) -> any(). +authorization_basic_password(Data, Fun) -> + authorization_basic_password(Data, Fun, <<>>). + +authorization_basic_password(<<>>, _Fun, <<>>) -> + {error, badarg}; +authorization_basic_password(<<C, _Rest/binary>>, _Fun, _Acc) + when C < 32; C=:= 127 -> + {error, badarg}; +authorization_basic_password(<<>>, Fun, Acc) -> + Fun(Acc); +authorization_basic_password(<<C, Rest/binary>>, Fun, Acc) -> + authorization_basic_password(Rest, Fun, <<Acc/binary, C>>). + +%% @doc Parse authorization value according rfc 2617. +%% Only Basic authorization is supported so far. +-spec authorization(binary(), binary()) -> {binary(), any()} | {error, badarg}. +authorization(UserPass, Type = <<"basic">>) -> + cowboy_http:whitespace(UserPass, + fun(D) -> + authorization_basic_userid(base64:mime_decode(D), + fun(Rest, Userid) -> + authorization_basic_password(Rest, + fun(Password) -> + {Type, {Userid, Password}} + end) + end) + end); +authorization(String, Type) -> + {Type, String}. + %% Decoding. %% @doc Decode a stream of chunks. @@ -1294,4 +1341,16 @@ urlencode_test_() -> ?_assertEqual(<<"%ff+">>, urlencode(<<255, " ">>)) ]. +http_authorization_test_() -> + [?_assertEqual({<<"basic">>, {<<"Alladin">>, <<"open sesame">>}}, + authorization(<<"QWxsYWRpbjpvcGVuIHNlc2FtZQ==">>, <<"basic">>)), + ?_assertEqual({error, badarg}, + authorization(<<"dXNlcm5hbWUK">>, <<"basic">>)), + ?_assertEqual({error, badarg}, + authorization(<<"_[]@#$%^&*()-AA==">>, <<"basic">>)), + ?_assertEqual({error, badarg}, + authorization(<<"dXNlcjpwYXNzCA==">>, <<"basic">>)) %% user:pass\010 + ]. + + -endif. diff --git a/src/cowboy_req.erl b/src/cowboy_req.erl index 4ae28e9..5cb7aa3 100644 --- a/src/cowboy_req.erl +++ b/src/cowboy_req.erl @@ -441,6 +441,11 @@ parse_header(Name, Req, Default) when Name =:= <<"accept-language">> -> fun (Value) -> cowboy_http:nonempty_list(Value, fun cowboy_http:language_range/2) end); +parse_header(Name, Req, Default) when Name =:= <<"authorization">> -> + parse_header(Name, Req, Default, + fun (Value) -> + cowboy_http:token_ci(Value, fun cowboy_http:authorization/2) + end); parse_header(Name, Req, Default) when Name =:= <<"content-length">> -> parse_header(Name, Req, Default, fun cowboy_http:digits/1); parse_header(Name, Req, Default) when Name =:= <<"content-type">> -> |