aboutsummaryrefslogtreecommitdiffstats
path: root/src/cowboy_http.erl
diff options
context:
space:
mode:
Diffstat (limited to 'src/cowboy_http.erl')
-rw-r--r--src/cowboy_http.erl88
1 files changed, 73 insertions, 15 deletions
diff --git a/src/cowboy_http.erl b/src/cowboy_http.erl
index 66383cb..a78e090 100644
--- a/src/cowboy_http.erl
+++ b/src/cowboy_http.erl
@@ -1,4 +1,4 @@
-%% Copyright (c) 2011-2012, Loïc Hoguin <[email protected]>
+%% Copyright (c) 2011-2013, Loïc Hoguin <[email protected]>
%% Copyright (c) 2011, Anthony Ramine <[email protected]>
%%
%% Permission to use, copy, modify, and/or distribute this software for any
@@ -36,6 +36,7 @@
-export([token/2]).
-export([token_ci/2]).
-export([quoted_string/2]).
+-export([authorization/2]).
%% Decoding.
-export([te_chunked/2]).
@@ -801,25 +802,72 @@ qvalue(<< C, Rest/binary >>, Fun, Q, M)
qvalue(Data, Fun, Q, _M) ->
Fun(Data, Q).
+%% @doc Parse authorization value according rfc 2617.
+%% Only Basic authorization is supported so far.
+-spec authorization(binary(), binary()) -> {binary(), any()} | {error, badarg}.
+authorization(UserPass, Type = <<"basic">>) ->
+ cowboy_http:whitespace(UserPass,
+ fun(D) ->
+ authorization_basic_userid(base64:mime_decode(D),
+ fun(Rest, Userid) ->
+ authorization_basic_password(Rest,
+ fun(Password) ->
+ {Type, {Userid, Password}}
+ end)
+ end)
+ end);
+authorization(String, Type) ->
+ {Type, String}.
+
+%% @doc Parse user credentials.
+-spec authorization_basic_userid(binary(), fun()) -> any().
+authorization_basic_userid(Data, Fun) ->
+ authorization_basic_userid(Data, Fun, <<>>).
+
+authorization_basic_userid(<<>>, _Fun, _Acc) ->
+ {error, badarg};
+authorization_basic_userid(<<C, _Rest/binary>>, _Fun, Acc)
+ when C < 32; C =:= 127; (C =:=$: andalso Acc =:= <<>>) ->
+ {error, badarg};
+authorization_basic_userid(<<$:, Rest/binary>>, Fun, Acc) ->
+ Fun(Rest, Acc);
+authorization_basic_userid(<<C, Rest/binary>>, Fun, Acc) ->
+ authorization_basic_userid(Rest, Fun, <<Acc/binary, C>>).
+
+-spec authorization_basic_password(binary(), fun()) -> any().
+authorization_basic_password(Data, Fun) ->
+ authorization_basic_password(Data, Fun, <<>>).
+
+authorization_basic_password(<<>>, _Fun, <<>>) ->
+ {error, badarg};
+authorization_basic_password(<<C, _Rest/binary>>, _Fun, _Acc)
+ when C < 32; C=:= 127 ->
+ {error, badarg};
+authorization_basic_password(<<>>, Fun, Acc) ->
+ Fun(Acc);
+authorization_basic_password(<<C, Rest/binary>>, Fun, Acc) ->
+ authorization_basic_password(Rest, Fun, <<Acc/binary, C>>).
+
%% Decoding.
%% @doc Decode a stream of chunks.
--spec te_chunked(binary(), {non_neg_integer(), non_neg_integer()})
- -> more | {ok, binary(), {non_neg_integer(), non_neg_integer()}}
- | {ok, binary(), binary(), {non_neg_integer(), non_neg_integer()}}
- | {done, non_neg_integer(), binary()} | {error, badarg}.
-te_chunked(<<>>, _) ->
- more;
+-spec te_chunked(Bin, TransferState)
+ -> more | {more, non_neg_integer(), Bin, TransferState}
+ | {ok, Bin, TransferState} | {ok, Bin, Bin, TransferState}
+ | {done, non_neg_integer(), Bin} | {error, badarg}
+ when Bin::binary(), TransferState::{non_neg_integer(), non_neg_integer()}.
te_chunked(<< "0\r\n\r\n", Rest/binary >>, {0, Streamed}) ->
{done, Streamed, Rest};
te_chunked(Data, {0, Streamed}) ->
%% @todo We are expecting an hex size, not a general token.
token(Data,
- fun (Rest, _) when byte_size(Rest) < 4 ->
- more;
- (<< "\r\n", Rest/binary >>, BinLen) ->
+ fun (<< "\r\n", Rest/binary >>, BinLen) ->
Len = list_to_integer(binary_to_list(BinLen), 16),
te_chunked(Rest, {Len, Streamed});
+ %% Chunk size shouldn't take too many bytes,
+ %% don't try to stream forever.
+ (Rest, _) when byte_size(Rest) < 16 ->
+ more;
(_, _) ->
{error, badarg}
end);
@@ -827,13 +875,12 @@ te_chunked(Data, {ChunkRem, Streamed}) when byte_size(Data) >= ChunkRem + 2 ->
<< Chunk:ChunkRem/binary, "\r\n", Rest/binary >> = Data,
{ok, Chunk, Rest, {0, Streamed + byte_size(Chunk)}};
te_chunked(Data, {ChunkRem, Streamed}) ->
- Size = byte_size(Data),
- {ok, Data, {ChunkRem - Size, Streamed + Size}}.
+ {more, ChunkRem + 2, Data, {ChunkRem, Streamed}}.
%% @doc Decode an identity stream.
--spec te_identity(binary(), {non_neg_integer(), non_neg_integer()})
- -> {ok, binary(), {non_neg_integer(), non_neg_integer()}}
- | {done, binary(), non_neg_integer(), binary()}.
+-spec te_identity(Bin, TransferState)
+ -> {ok, Bin, TransferState} | {done, Bin, non_neg_integer(), Bin}
+ when Bin::binary(), TransferState::{non_neg_integer(), non_neg_integer()}.
te_identity(Data, {Streamed, Total})
when Streamed + byte_size(Data) < Total ->
{ok, Data, {Streamed + byte_size(Data), Total}};
@@ -1294,4 +1341,15 @@ urlencode_test_() ->
?_assertEqual(<<"%ff+">>, urlencode(<<255, " ">>))
].
+http_authorization_test_() ->
+ [?_assertEqual({<<"basic">>, {<<"Alladin">>, <<"open sesame">>}},
+ authorization(<<"QWxsYWRpbjpvcGVuIHNlc2FtZQ==">>, <<"basic">>)),
+ ?_assertEqual({error, badarg},
+ authorization(<<"dXNlcm5hbWUK">>, <<"basic">>)),
+ ?_assertEqual({error, badarg},
+ authorization(<<"_[]@#$%^&*()-AA==">>, <<"basic">>)),
+ ?_assertEqual({error, badarg},
+ authorization(<<"dXNlcjpwYXNzCA==">>, <<"basic">>)) %% user:pass\010
+ ].
+
-endif.
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-11 09:45:56 +0000