11650949085

Committed 03 Nov 2024 11:28AM CUT coverage: 98.248%. Remained the same

Build # 11650949085

Build Type

Pull #724

github

Committed by

gjasny

Commit Message

ci: switch to supported macos-13

Pull Request Pull Request #724: ci: switch to supported macos-13

Run Details

841 of 856 relevant lines covered (98.25%)

102379.54 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

96.97

/pull/src/basic_auth.cc

#include "basic_auth.h"

#include <utility>

#include "CivetServer.h"
#include "prometheus/detail/base64.h"

namespace prometheus {

BasicAuthHandler::BasicAuthHandler(AuthFunc callback, std::string realm)
    : callback_(std::move(callback)), realm_(std::move(realm)) {}

bool BasicAuthHandler::authorize(CivetServer* server, mg_connection* conn) {
  if (!AuthorizeInner(server, conn)) {
    WriteUnauthorizedResponse(conn);
    return false;
  }
  return true;
}

bool BasicAuthHandler::AuthorizeInner(CivetServer*, mg_connection* conn) {
  const char* authHeader = mg_get_header(conn, "Authorization");

  if (authHeader == nullptr) {
    // No auth header was provided.
    return false;
  }
  std::string authHeaderStr = authHeader;

  // Basic auth header is expected to be of the form:
  // "Basic dXNlcm5hbWU6cGFzc3dvcmQ="

  const std::string prefix = "Basic ";
  if (authHeaderStr.compare(0, prefix.size(), prefix) != 0) {
    return false;
  }

  // Strip the "Basic " prefix leaving the base64 encoded auth string
  auto b64Auth = authHeaderStr.substr(prefix.size());

  std::string decoded;
  try {
    decoded = detail::base64_decode(b64Auth);
  } catch (...) {
    return false;
  }

  // decoded auth string is expected to be of the form:
  // "username:password"
  // colons may not appear in the username.
  auto splitPos = decoded.find(':');
  if (splitPos == std::string::npos) {
    return false;
  }

  auto username = decoded.substr(0, splitPos);
  auto password = decoded.substr(splitPos + 1);

  // TODO: bool does not permit a distinction between 401 Unauthorized
  //  and 403 Forbidden. Authentication may succeed, but the user still
  //  not be authorized to perform the request.
  return callback_(username, password);
}

void BasicAuthHandler::WriteUnauthorizedResponse(mg_connection* conn) {
  mg_printf(conn, "HTTP/1.1 401 Unauthorized\r\n");
  mg_printf(conn, "WWW-Authenticate: Basic realm=\"%s\"\r\n", realm_.c_str());
  mg_printf(conn, "Connection: close\r\n");
  mg_printf(conn, "Content-Length: 0\r\n");
  // end headers
  mg_printf(conn, "\r\n");
}

}  // namespace prometheus

1	#include "basic_auth.h"
2
3	#include <utility>
4
5	#include "CivetServer.h"
6	#include "prometheus/detail/base64.h"
7
8	namespace prometheus {
9
10	BasicAuthHandler::BasicAuthHandler(AuthFunc callback, std::string realm)	12✔
11	: callback_(std::move(callback)), realm_(std::move(realm)) {}	12✔
12
13	bool BasicAuthHandler::authorize(CivetServer* server, mg_connection* conn) {	12✔
14	if (!AuthorizeInner(server, conn)) {	12✔
15	WriteUnauthorizedResponse(conn);	10✔
16	return false;	10✔
17	}
18	return true;	2✔
19	}
20
21	bool BasicAuthHandler::AuthorizeInner(CivetServer, mg_connection conn) {	12✔
22	const char* authHeader = mg_get_header(conn, "Authorization");	12✔
23
24	if (authHeader == nullptr) {	12✔
25	// No auth header was provided.
26	return false;	2✔
27	}
28	std::string authHeaderStr = authHeader;	20✔
29
30	// Basic auth header is expected to be of the form:
31	// "Basic dXNlcm5hbWU6cGFzc3dvcmQ="
32
33	const std::string prefix = "Basic ";	20✔
34	if (authHeaderStr.compare(0, prefix.size(), prefix) != 0) {	10✔
35	return false;	×
36	}
37
38	// Strip the "Basic " prefix leaving the base64 encoded auth string
39	auto b64Auth = authHeaderStr.substr(prefix.size());	20✔
40
41	std::string decoded;	20✔
42	try {
43	decoded = detail::base64_decode(b64Auth);	10✔
44	} catch (...) {	2✔
45	return false;	2✔
46	}
47
48	// decoded auth string is expected to be of the form:
49	// "username:password"
50	// colons may not appear in the username.
51	auto splitPos = decoded.find(':');	8✔
52	if (splitPos == std::string::npos) {	8✔
53	return false;	2✔
54	}
55
56	auto username = decoded.substr(0, splitPos);	12✔
57	auto password = decoded.substr(splitPos + 1);	12✔
58
59	// TODO: bool does not permit a distinction between 401 Unauthorized
60	// and 403 Forbidden. Authentication may succeed, but the user still
61	// not be authorized to perform the request.
62	return callback_(username, password);	6✔
63	}
64
65	void BasicAuthHandler::WriteUnauthorizedResponse(mg_connection* conn) {	10✔
66	mg_printf(conn, "HTTP/1.1 401 Unauthorized\r\n");	10✔
67	mg_printf(conn, "WWW-Authenticate: Basic realm=\"%s\"\r\n", realm_.c_str());	10✔
68	mg_printf(conn, "Connection: close\r\n");	10✔
69	mg_printf(conn, "Content-Length: 0\r\n");	10✔
70	// end headers
71	mg_printf(conn, "\r\n");	10✔
72	}	10✔
73
74	} // namespace prometheus

jupp0r / prometheus-cpp / 11650949085

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous