set(remote_SOURCES
apifunction.cpp apilistener.cpp apilistener.thpp apilistener-sync.cpp
- apiuser.cpp apiuser.thpp authority.cpp endpoint.cpp endpoint.thpp
+ apiuser.cpp apiuser.thpp authority.cpp base64.cpp endpoint.cpp endpoint.thpp
httpchunkedencoding.cpp httpconnection.cpp httpdemohandler.cpp httphandler.cpp httprequest.cpp httpresponse.cpp
jsonrpc.cpp jsonrpcconnection.cpp jsonrpcconnection-heartbeat.cpp
messageorigin.cpp zone.cpp zone.thpp
#include "remote/apilistener.hpp"
#include "remote/apifunction.hpp"
#include "remote/jsonrpc.hpp"
+#include "remote/base64.hpp"
#include "base/dynamictype.hpp"
#include "base/objectlock.hpp"
#include "base/utility.hpp"
boost::call_once(l_HttpConnectionOnceFlag, &HttpConnection::StaticInitialize);
if (authenticated)
- m_ApiUser = ApiUser::GetByName(identity);
+ m_ApiUser = ApiUser::GetByClientCN(identity);
}
void HttpConnection::StaticInitialize(void)
{
Log(LogInformation, "HttpConnection", "Processing Http message");
+ String auth_header = request.Headers->Get("authorization");
+
+ String::SizeType pos = auth_header.FindFirstOf(" ");
+ String username, password;
+
+ if (pos != String::NPos && auth_header.SubStr(0, pos) == "Basic") {
+ String credentials_base64 = auth_header.SubStr(pos + 1);
+ String credentials = Base64::Decode(credentials_base64);
+
+ String::SizeType cpos = credentials.FindFirstOf(":");
+
+ if (cpos != String::NPos) {
+ username = credentials.SubStr(0, cpos);
+ password = credentials.SubStr(cpos + 1);
+ }
+ }
+
+ ApiUser::Ptr user;
+
+ if (m_ApiUser)
+ user = m_ApiUser;
+ else {
+ user = ApiUser::GetByName(username);
+
+ if (!user || !user->CheckPassword(password))
+ user.reset();
+ }
+
HttpResponse response(m_Stream, request);
- HttpHandler::ProcessRequest(request, response);
+
+ if (!user) {
+ response.SetStatus(401, "Unauthorized");
+ response.AddHeader("WWW-Authenticate", "Basic realm=\"Icinga 2\"");
+ String msg = "<h1>Unauthorized</h1>";
+ response.WriteBody(msg.CStr(), msg.GetLength());
+ } else {
+ HttpHandler::ProcessRequest(user, request, response);
+ }
+
response.Finish();
m_PendingRequests--;
REGISTER_URLHANDLER("/demo", HttpDemoHandler);
-void HttpDemoHandler::HandleRequest(HttpRequest& request, HttpResponse& response)
+void HttpDemoHandler::HandleRequest(const ApiUser::Ptr& user, HttpRequest& request, HttpResponse& response)
{
if (request.RequestMethod == "GET") {
- String form = "<form action=\"/demo\" method=\"post\"><input type=\"text\" name=\"msg\"><input type=\"submit\"></form>";
+ String form = "<h1>Hallo " + user->GetName() + "</h1><form action=\"/demo\" method=\"post\"><input type=\"text\" name=\"msg\"><input type=\"submit\"></form>";
response.SetStatus(200, "OK");
response.AddHeader("Content-Type", "text/html");
response.WriteBody(form.CStr(), form.GetLength());
public:
DECLARE_PTR_TYPEDEFS(HttpDemoHandler);
- virtual void HandleRequest(HttpRequest& request, HttpResponse& response);
+ virtual void HandleRequest(const ApiUser::Ptr& user, HttpRequest& request, HttpResponse& response);
};
}
return false;
}
-void HttpHandler::ProcessRequest(HttpRequest& request, HttpResponse& response)
+void HttpHandler::ProcessRequest(const ApiUser::Ptr& user, HttpRequest& request, HttpResponse& response)
{
Dictionary::Ptr node = m_UrlTree;
HttpHandler::Ptr current_handler, handler;
return;
}
- handler->HandleRequest(request, response);
+ handler->HandleRequest(user, request, response);
}
#include "remote/i2-remote.hpp"
#include "remote/httpresponse.hpp"
+#include "remote/apiuser.hpp"
#include "base/registry.hpp"
#include <vector>
#include <boost/function.hpp>
DECLARE_PTR_TYPEDEFS(HttpHandler);
virtual bool CanAlsoHandleUrl(const Url::Ptr& url) const;
- virtual void HandleRequest(HttpRequest& request, HttpResponse& response) = 0;
+ virtual void HandleRequest(const ApiUser::Ptr& user, HttpRequest& request, HttpResponse& response) = 0;
static void Register(const Url::Ptr& url, const HttpHandler::Ptr& handler);
- static void ProcessRequest(HttpRequest& request, HttpResponse& response);
+ static void ProcessRequest(const ApiUser::Ptr& user, HttpRequest& request, HttpResponse& response);
private:
static Dictionary::Ptr m_UrlTree;
projects / icinga2 / commitdiff