7267948222

Committed 19 Dec 2023 09:49PM CUT coverage: 96.499%. Remained the same

Build # 7267948222

Build Type

Pull #676

github

Committed by

web-flow

Commit Message

Merge 8832e95d6 into 540a5a522

Pull Request Pull Request #676: feat(push): allow timeout for HTTP requests

Run Details

827 of 857 relevant lines covered (96.5%)

102248.56 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

57.58

/pull/src/basic_auth.cc

#include "basic_auth.h"

#include <utility>

#include "CivetServer.h"
#include "prometheus/detail/base64.h"

namespace prometheus {

BasicAuthHandler::BasicAuthHandler(AuthFunc callback, std::string realm)
    : callback_(std::move(callback)), realm_(std::move(realm)) {}

bool BasicAuthHandler::authorize(CivetServer* server, mg_connection* conn) {
  if (!AuthorizeInner(server, conn)) {
    WriteUnauthorizedResponse(conn);
    return false;
  }
  return true;
}

bool BasicAuthHandler::AuthorizeInner(CivetServer*, mg_connection* conn) {
  const char* authHeader = mg_get_header(conn, "Authorization");

  if (authHeader == nullptr) {
    // No auth header was provided.
    return false;
  }
  std::string authHeaderStr = authHeader;

  // Basic auth header is expected to be of the form:
  // "Basic dXNlcm5hbWU6cGFzc3dvcmQ="

  const std::string prefix = "Basic ";
  if (authHeaderStr.compare(0, prefix.size(), prefix) != 0) {
    return false;
  }

  // Strip the "Basic " prefix leaving the base64 encoded auth string
  auto b64Auth = authHeaderStr.substr(prefix.size());

  std::string decoded;
  try {
    decoded = detail::base64_decode(b64Auth);
  } catch (...) {
    return false;
  }

  // decoded auth string is expected to be of the form:
  // "username:password"
  // colons may not appear in the username.
  auto splitPos = decoded.find(':');
  if (splitPos == std::string::npos) {
    return false;
  }

  auto username = decoded.substr(0, splitPos);
  auto password = decoded.substr(splitPos + 1);

  // TODO: bool does not permit a distinction between 401 Unauthorized
  //  and 403 Forbidden. Authentication may succeed, but the user still
  //  not be authorized to perform the request.
  return callback_(username, password);
}

void BasicAuthHandler::WriteUnauthorizedResponse(mg_connection* conn) {
  mg_printf(conn, "HTTP/1.1 401 Unauthorized\r\n");
  mg_printf(conn, "WWW-Authenticate: Basic realm=\"%s\"\r\n", realm_.c_str());
  mg_printf(conn, "Connection: close\r\n");
  mg_printf(conn, "Content-Length: 0\r\n");
  // end headers
  mg_printf(conn, "\r\n");
}

}  // namespace prometheus

1	#include "basic_auth.h"
2
3	#include <utility>
4
5	#include "CivetServer.h"
6	#include "prometheus/detail/base64.h"
7
8	namespace prometheus {
9
10	BasicAuthHandler::BasicAuthHandler(AuthFunc callback, std::string realm)	2✔
11	: callback_(std::move(callback)), realm_(std::move(realm)) {}	2✔
12
13	bool BasicAuthHandler::authorize(CivetServer* server, mg_connection* conn) {	2✔
14	if (!AuthorizeInner(server, conn)) {	2✔
15	WriteUnauthorizedResponse(conn);	×
16	return false;	×
17	}
18	return true;	2✔
19	}
20
21	bool BasicAuthHandler::AuthorizeInner(CivetServer, mg_connection conn) {	2✔
22	const char* authHeader = mg_get_header(conn, "Authorization");	2✔
23
24	if (authHeader == nullptr) {	2✔
25	// No auth header was provided.
26	return false;	×
27	}
28	std::string authHeaderStr = authHeader;	4✔
29
30	// Basic auth header is expected to be of the form:
31	// "Basic dXNlcm5hbWU6cGFzc3dvcmQ="
32
33	const std::string prefix = "Basic ";	4✔
34	if (authHeaderStr.compare(0, prefix.size(), prefix) != 0) {	2✔
35	return false;	×
36	}
37
38	// Strip the "Basic " prefix leaving the base64 encoded auth string
39	auto b64Auth = authHeaderStr.substr(prefix.size());	4✔
40
41	std::string decoded;	4✔
42	try {
43	decoded = detail::base64_decode(b64Auth);	2✔
44	} catch (...) {	×
45	return false;	×
46	}
47
48	// decoded auth string is expected to be of the form:
49	// "username:password"
50	// colons may not appear in the username.
51	auto splitPos = decoded.find(':');	2✔
52	if (splitPos == std::string::npos) {	2✔
53	return false;	×
54	}
55
56	auto username = decoded.substr(0, splitPos);	4✔
57	auto password = decoded.substr(splitPos + 1);	4✔
58
59	// TODO: bool does not permit a distinction between 401 Unauthorized
60	// and 403 Forbidden. Authentication may succeed, but the user still
61	// not be authorized to perform the request.
62	return callback_(username, password);	2✔
63	}
64
65	void BasicAuthHandler::WriteUnauthorizedResponse(mg_connection* conn) {	×
66	mg_printf(conn, "HTTP/1.1 401 Unauthorized\r\n");	×
67	mg_printf(conn, "WWW-Authenticate: Basic realm=\"%s\"\r\n", realm_.c_str());	×
68	mg_printf(conn, "Connection: close\r\n");	×
69	mg_printf(conn, "Content-Length: 0\r\n");	×
70	// end headers
71	mg_printf(conn, "\r\n");	×
72	}	×
73
74	} // namespace prometheus

jupp0r / prometheus-cpp / 7267948222

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous