github-personal/sysadm
1
0
Fork 0
mirror of https://github.com/outbackdingo/sysadm.git synced 2026-01-27 10:20:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add in the REST authorization protocols so REST communications now get through to the backend systems if valid requests.

Browse Source
This commit is contained in:
Ken Moore
2016-01-05 15:11:01 -05:00
parent 7677ed5f65
commit 858ed83611
2 changed files with 18 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/server/RestStructs.h
View File

@@ -48,7 +48,15 @@ public:
URI = line.section(" ",1,1);
HTTPVERSION = line.section(" ",2,2);
Body = message.remove(Header.join("\n")+"\n"); //chop the headers off the front
//if(Header.filter(
if(!Header.filter("Authorization:").isEmpty()){
line = Header.filter("Authorization:").takeFirst().section("Authorization: ",1,50).simplified();
if(line.section(" ",0,0).toLower()=="basic"){
//Convert the base64-encoded string to the plain "user:pass" string
QByteArray ba;
ba.append(line.section(" ",1,1));
auth = QByteArray::fromBase64(ba);
}
}
}
//Now Parse out the Body into the JSON fields and/or arguments structure
Body = Body.simplified(); //remove any extra whitespace on the beginning/end

11
src/server/WebSocket.cpp
View File

@@ -84,6 +84,7 @@ void WebSocket::EvaluateREST(QString msg){
qDebug() << " VERB:" << IN.VERB << "URI:" << IN.URI;
qDebug() << " HEADERS:" << IN.Header;
qDebug() << " BODY:" << IN.Body;
qDebug() << " Auth:" << IN.auth;
qDebug() << "JSON Values:";
qDebug() << " - Name:" << IN.name;
qDebug() << " - Namespace:" << IN.namesp;
@@ -122,6 +123,12 @@ void WebSocket::EvaluateRequest(const RestInputStruct &REQ){
//Note: id and args are optional at this stage - let the subsystems handle those inputs
out.CODE = RestOutputStruct::BADREQUEST;
}else{
//First check for a REST authorization (not stand-alone request)
if(!out.in_struct.auth.isEmpty()){
AUTHSYSTEM->clearAuth(SockAuthToken); //new auth requested - clear any old token
SockAuthToken = AUTHSYSTEM->LoginUP(false, out.in_struct.auth.section(":",0,0), out.in_struct.auth.section(":",1,1));
}
//Now check the body of the message and do what it needs
if(out.in_struct.namesp.toLower() == "rpc"){
if(out.in_struct.name.startsWith("auth")){
@@ -197,12 +204,12 @@ void WebSocket::EvaluateRequest(const RestInputStruct &REQ){
out.CODE = RestOutputStruct::UNAUTHORIZED;
}
//Other namespace - check whether auth has already been established before continuing
}else if( AUTHSYSTEM->checkAuth(SockAuthToken) ){ //validate current Authentication token
}else if( AUTHSYSTEM->checkAuth(SockAuthToken) ){ //validate current Authentication token
//Now provide access to the various subsystems
//Pre-set any output fields
QJsonObject outargs;
out.CODE = EvaluateBackendRequest(out.in_struct.namesp, out.in_struct.name, out.in_struct.args, &outargs);
out.out_args = outargs;
out.out_args = outargs;
}else{
//Error in inputs - assemble the return error message
out.CODE = RestOutputStruct::UNAUTHORIZED;