http_client_auth.c File Reference

HTTP authentication. More...

#include "core/net.h"
#include "http/http_client.h"
#include "http/http_client_auth.h"
#include "debug.h"

Go to the source code of this file.

Macros

#define TRACE_LEVEL   HTTP_TRACE_LEVEL
 

Functions

void httpClientInitAuthParams (HttpClientAuthParams *authParams)
 Initialize HTTP authentication parameters. More...
 
error_t httpClientFormatAuthorizationField (HttpClientContext *context)
 Format Authorization header field. More...
 
error_t httpClientParseWwwAuthenticateField (HttpClientContext *context, const char_t *value)
 Parse WWW-Authenticate header field. More...
 
void httpClientParseQopParam (const HttpParam *param, HttpWwwAuthenticateHeader *authHeader)
 Parse qop parameter. More...
 
void httpClientParseAlgorithmParam (const HttpParam *param, HttpWwwAuthenticateHeader *authHeader)
 Parse algorithm parameter. More...
 
error_t httpClientComputeDigest (HttpClientAuthParams *authParams, const char_t *method, size_t methodLen, const char_t *uri, size_t uriLen, char_t *response)
 Digest operation. More...
 

Detailed Description

HTTP authentication.

License

SPDX-License-Identifier: GPL-2.0-or-later

Copyright (C) 2010-2024 Oryx Embedded SARL. All rights reserved.

This file is part of CycloneTCP Open.

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

Description

The HTTP authentication framework consists of Basic and Digest access authentication schemes. Basic access authentication scheme is not considered to be a secure method of user authentication (unless used in conjunction with some external secure system such as SSL), as the user name and password are passed over the network as cleartext. Digest access authentication verifies that both parties know a shared secret; unlike Basic, this verification can be done without sending the password in the clear. Refer to the following RFCs for complete details:

  • RFC 2617: HTTP Authentication: Basic and Digest Access Authentication
  • RFC 7235: Hypertext Transfer Protocol (HTTP/1.1): Authentication
  • RFC 7616: HTTP Digest Access Authentication
  • RFC 7617: The Basic HTTP Authentication Scheme
Author
Oryx Embedded SARL (www.oryx-embedded.com)
Version
2.4.0

Definition in file http_client_auth.c.

Macro Definition Documentation

◆ TRACE_LEVEL

#define TRACE_LEVEL   HTTP_TRACE_LEVEL

Definition at line 47 of file http_client_auth.c.

Function Documentation

◆ httpClientComputeDigest()

error_t httpClientComputeDigest ( HttpClientAuthParams authParams,
const char_t method,
size_t  methodLen,
const char_t uri,
size_t  uriLen,
char_t response 
)

Digest operation.

Parameters
[in]authParamsHTTP authentication parameters
[in]methodPointer to the HTTP method
[in]methodLenLength of the HTTP method
[in]uriPointer to the URI
[in]uriLenLength of the URI
[out]responsePointer to the resulting digest
Returns
Error code

Definition at line 594 of file http_client_auth.c.

◆ httpClientFormatAuthorizationField()

error_t httpClientFormatAuthorizationField ( HttpClientContext context)

Format Authorization header field.

Parameters
[in]contextPointer to the HTTP client context
Returns
Error code

Definition at line 92 of file http_client_auth.c.

◆ httpClientInitAuthParams()

void httpClientInitAuthParams ( HttpClientAuthParams authParams)

Initialize HTTP authentication parameters.

Parameters
[in]authParamsHTTP authentication parameters

Definition at line 64 of file http_client_auth.c.

◆ httpClientParseAlgorithmParam()

void httpClientParseAlgorithmParam ( const HttpParam param,
HttpWwwAuthenticateHeader authHeader 
)

Parse algorithm parameter.

Parameters
[in]paramPointer to the algorithm parameter
[in,out]authHeaderPointer to the WWW-Authenticate header field

Definition at line 542 of file http_client_auth.c.

◆ httpClientParseQopParam()

void httpClientParseQopParam ( const HttpParam param,
HttpWwwAuthenticateHeader authHeader 
)

Parse qop parameter.

Parameters
[in]paramPointer to the algorithm parameter
[in,out]authHeaderPointer to the WWW-Authenticate header field

Definition at line 494 of file http_client_auth.c.

◆ httpClientParseWwwAuthenticateField()

error_t httpClientParseWwwAuthenticateField ( HttpClientContext context,
const char_t value 
)

Parse WWW-Authenticate header field.

Parameters
[in]contextPointer to the HTTP client context
[in]valueNULL-terminated string that contains the value of header field
Returns
Error code

Definition at line 289 of file http_client_auth.c.