netwerk/protocol/http/src/nsHttpBasicAuth.cpp

   1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
   2 /* ***** BEGIN LICENSE BLOCK *****
   3  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
   4  *
   5  * The contents of this file are subject to the Mozilla Public License Version
   6  * 1.1 (the "License"); you may not use this file except in compliance with
   7  * the License. You may obtain a copy of the License at
   8  * http://www.mozilla.org/MPL/
   9  *
  10  * Software distributed under the License is distributed on an "AS IS" basis,
  11  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
  12  * for the specific language governing rights and limitations under the
  13  * License.
  14  *
  15  * The Original Code is mozilla.org code.
  16  *
  17  * The Initial Developer of the Original Code is
  18  * Netscape Communications Corporation.
  19  * Portions created by the Initial Developer are Copyright (C) 1998
  20  * the Initial Developer. All Rights Reserved.
  21  *
  22  * Contributor(s):
  23  *   Gagan Saksena <gagan@netscape.com> (original author)
  24  *   Mike Shaver <shaver@zeroknowledge.com>
  25  *   Christopher Blizzard <blizzard@mozilla.org>
  26  *   Darin Fisher <darin@netscape.com>
  27  *
  28  * Alternatively, the contents of this file may be used under the terms of
  29  * either the GNU General Public License Version 2 or later (the "GPL"), or
  30  * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
  31  * in which case the provisions of the GPL or the LGPL are applicable instead
  32  * of those above. If you wish to allow use of your version of this file only
  33  * under the terms of either the GPL or the LGPL, and not to allow others to
  34  * use your version of this file under the terms of the MPL, indicate your
  35  * decision by deleting the provisions above and replace them with the notice
  36  * and other provisions required by the GPL or the LGPL. If you do not delete
  37  * the provisions above, a recipient may use your version of this file under
  38  * the terms of any one of the MPL, the GPL or the LGPL.
  39  *
  40  * ***** END LICENSE BLOCK ***** */
  41
  42 #include <stdlib.h>
  43 #include "nsHttp.h"
  44 #include "nsHttpBasicAuth.h"
  45 #include "plbase64.h"
  46 #include "plstr.h"
  47 #include "prmem.h"
  48 #include "nsString.h"
  49
  50 //-----------------------------------------------------------------------------
  51 // nsHttpBasicAuth <public>
  52 //-----------------------------------------------------------------------------
  53
  54 nsHttpBasicAuth::nsHttpBasicAuth()
  55 {
  56 }
  57
  58 nsHttpBasicAuth::~nsHttpBasicAuth()
  59 {
  60 }
  61
  62 //-----------------------------------------------------------------------------
  63 // nsHttpBasicAuth::nsISupports
  64 //-----------------------------------------------------------------------------
  65
  66 NS_IMPL_ISUPPORTS1(nsHttpBasicAuth, nsIHttpAuthenticator)
  67
  68 //-----------------------------------------------------------------------------
  69 // nsHttpBasicAuth::nsIHttpAuthenticator
  70 //-----------------------------------------------------------------------------
  71
  72 NS_IMETHODIMP
  73 nsHttpBasicAuth::ChallengeReceived(nsIHttpChannel *httpChannel,
  74                                    const char *challenge,
  75                                    PRBool isProxyAuth,
  76                                    nsISupports **sessionState,
  77                                    nsISupports **continuationState,
  78                                    PRBool *identityInvalid)
  79 {
  80     // if challenged, then the username:password that was sent must
  81     // have been wrong.
  82     *identityInvalid = PR_TRUE;
  83     return NS_OK;
  84 }
  85
  86 NS_IMETHODIMP
  87 nsHttpBasicAuth::GenerateCredentials(nsIHttpChannel *httpChannel,
  88                                      const char *challenge,
  89                                      PRBool isProxyAuth,
  90                                      const PRUnichar *domain,
  91                                      const PRUnichar *user,
  92                                      const PRUnichar *password,
  93                                      nsISupports **sessionState,
  94                                      nsISupports **continuationState,
  95                                      char **creds)
  96
  97 {
  98     LOG(("nsHttpBasicAuth::GenerateCredentials [challenge=%s]\n", challenge));
  99
 100     NS_ENSURE_ARG_POINTER(creds);
 101
 102     // we only know how to deal with Basic auth for http.
 103     PRBool isBasicAuth = !PL_strncasecmp(challenge, "basic", 5);
 104     NS_ENSURE_TRUE(isBasicAuth, NS_ERROR_UNEXPECTED);
 105
 106     // we work with ASCII around here
 107     nsCAutoString userpass;
 108     LossyCopyUTF16toASCII(user, userpass);
 109     userpass.Append(':'); // always send a ':' (see bug 129565)
 110     if (password)
 111         LossyAppendUTF16toASCII(password, userpass);
 112
 113     // plbase64.h provides this worst-case output buffer size calculation.
 114     // use calloc, since PL_Base64Encode does not null terminate.
 115     *creds = (char *) calloc(6 + ((userpass.Length() + 2)/3)*4 + 1, 1);
 116     if (!*creds)
 117         return NS_ERROR_OUT_OF_MEMORY;
 118
 119     memcpy(*creds, "Basic ", 6);
 120     PL_Base64Encode(userpass.get(), userpass.Length(), *creds + 6);
 121     return NS_OK;
 122 }
 123
 124 NS_IMETHODIMP
 125 nsHttpBasicAuth::GetAuthFlags(nsresult *flags)
 126 {
 127     *flags = REQUEST_BASED | REUSABLE_CREDENTIALS | REUSABLE_CHALLENGE;
 128     return NS_OK;
 129 }