14010370149

Committed 22 Mar 2025 04:28PM CUT coverage: 98.534%. Remained the same

Build # 14010370149

Build Type

push

github

Committed by

gjasny

Commit Message

ci: fix coverage generation

Run Details

874 of 887 relevant lines covered (98.53%)

49857.53 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

97.14

/pull/src/basic_auth.cc

#include "basic_auth.h"

#include <utility>

#include "CivetServer.h"
#include "prometheus/detail/base64.h"

namespace prometheus {

BasicAuthHandler::BasicAuthHandler(AuthFunc callback, std::string realm)
    : callback_(std::move(callback)), realm_(std::move(realm)) {}

bool BasicAuthHandler::authorize(CivetServer* server, mg_connection* conn) {
  if (!AuthorizeInner(server, conn)) {
    WriteUnauthorizedResponse(conn);
    return false;
  }
  return true;
}

bool BasicAuthHandler::AuthorizeInner(CivetServer*, mg_connection* conn) {
  const char* authHeader = mg_get_header(conn, "Authorization");

  if (authHeader == nullptr) {
    // No auth header was provided.
    return false;
  }
  std::string authHeaderStr = authHeader;

  // Basic auth header is expected to be of the form:
  // "Basic dXNlcm5hbWU6cGFzc3dvcmQ="

  const std::string prefix = "Basic ";
  if (authHeaderStr.compare(0, prefix.size(), prefix) != 0) {
    return false;
  }

  // Strip the "Basic " prefix leaving the base64 encoded auth string
  auto b64Auth = authHeaderStr.substr(prefix.size());

  std::string decoded;
  try {
    decoded = detail::base64_decode(b64Auth);
  } catch (...) {
    return false;
  }

  // decoded auth string is expected to be of the form:
  // "username:password"
  // colons may not appear in the username.
  auto splitPos = decoded.find(':');
  if (splitPos == std::string::npos) {
    return false;
  }

  auto username = decoded.substr(0, splitPos);
  auto password = decoded.substr(splitPos + 1);

  // TODO: bool does not permit a distinction between 401 Unauthorized
  //  and 403 Forbidden. Authentication may succeed, but the user still
  //  not be authorized to perform the request.
  return callback_(username, password);
}

void BasicAuthHandler::WriteUnauthorizedResponse(mg_connection* conn) {
  mg_printf(conn, "HTTP/1.1 401 Unauthorized\r\n");
  mg_printf(conn, "WWW-Authenticate: Basic realm=\"%s\"\r\n", realm_.c_str());
  mg_printf(conn, "Connection: close\r\n");
  mg_printf(conn, "Content-Length: 0\r\n");
  // end headers
  mg_printf(conn, "\r\n");
}

}  // namespace prometheus

1	#include "basic_auth.h"
2
3	#include <utility>
4
5	#include "CivetServer.h"
6	#include "prometheus/detail/base64.h"
7
8	namespace prometheus {
9
10	BasicAuthHandler::BasicAuthHandler(AuthFunc callback, std::string realm)	6✔
11	: callback_(std::move(callback)), realm_(std::move(realm)) {}	6✔
12
13	bool BasicAuthHandler::authorize(CivetServer* server, mg_connection* conn) {	6✔
14	if (!AuthorizeInner(server, conn)) {	6✔
15	WriteUnauthorizedResponse(conn);	5✔
16	return false;	5✔
17	}
18	return true;	1✔
19	}
20
21	bool BasicAuthHandler::AuthorizeInner(CivetServer, mg_connection conn) {	6✔
22	const char* authHeader = mg_get_header(conn, "Authorization");	6✔
23
24	if (authHeader == nullptr) {	6✔
25	// No auth header was provided.
26	return false;	1✔
27	}
28	std::string authHeaderStr = authHeader;	10✔
29
30	// Basic auth header is expected to be of the form:
31	// "Basic dXNlcm5hbWU6cGFzc3dvcmQ="
32
33	const std::string prefix = "Basic ";	5✔
34	if (authHeaderStr.compare(0, prefix.size(), prefix) != 0) {	5✔
35	return false;	×
36	}
37
38	// Strip the "Basic " prefix leaving the base64 encoded auth string
39	auto b64Auth = authHeaderStr.substr(prefix.size());	5✔
40
41	std::string decoded;	5✔
42	try {
43	decoded = detail::base64_decode(b64Auth);	5✔
44	} catch (...) {	1✔
45	return false;	1✔
46	}	1✔
47
48	// decoded auth string is expected to be of the form:
49	// "username:password"
50	// colons may not appear in the username.
51	auto splitPos = decoded.find(':');	4✔
52	if (splitPos == std::string::npos) {	4✔
53	return false;	1✔
54	}
55
56	auto username = decoded.substr(0, splitPos);	3✔
57	auto password = decoded.substr(splitPos + 1);	3✔
58
59	// TODO: bool does not permit a distinction between 401 Unauthorized
60	// and 403 Forbidden. Authentication may succeed, but the user still
61	// not be authorized to perform the request.
62	return callback_(username, password);	3✔
63	}	5✔
64
65	void BasicAuthHandler::WriteUnauthorizedResponse(mg_connection* conn) {	5✔
66	mg_printf(conn, "HTTP/1.1 401 Unauthorized\r\n");	5✔
67	mg_printf(conn, "WWW-Authenticate: Basic realm=\"%s\"\r\n", realm_.c_str());	5✔
68	mg_printf(conn, "Connection: close\r\n");	5✔
69	mg_printf(conn, "Content-Length: 0\r\n");	5✔
70	// end headers
71	mg_printf(conn, "\r\n");	5✔
72	}	5✔
73
74	} // namespace prometheus

jupp0r / prometheus-cpp / 14010370149

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous