From 349630f6763f44ceebc021b454376b2c97663c5e Mon Sep 17 00:00:00 2001 From: jsdelfino Date: Mon, 27 Dec 2010 05:59:19 +0000 Subject: Merge changes from apr-2 branch. Port to APR 1.4.x and enable mod_session_crypto. git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@1053002 13f79535-47bb-0310-9956-ffa450edef68 --- sca-cpp/trunk/modules/http/mod-openauth.cpp | 51 +++++++++++++++++++++++++---- 1 file changed, 44 insertions(+), 7 deletions(-) (limited to 'sca-cpp/trunk/modules/http/mod-openauth.cpp') diff --git a/sca-cpp/trunk/modules/http/mod-openauth.cpp b/sca-cpp/trunk/modules/http/mod-openauth.cpp index b43624f08d..953d6891a6 100644 --- a/sca-cpp/trunk/modules/http/mod-openauth.cpp +++ b/sca-cpp/trunk/modules/http/mod-openauth.cpp @@ -76,15 +76,52 @@ public: string login; }; +/** + * Log a session entry. + */ +int debugSession(unused void* r, const char* key, const char* value) { + cdebug << " session key: " << key << ", value: " << value << endl; + return 1; +} + +/** + * Return the user info from a form auth encrypted session cookie. + */ +static int (*ap_session_load_fn) (request_rec * r, session_rec ** z) = NULL; +static void (*ap_session_get_fn) (request_rec * r, session_rec * z, const char *key, const char **value) = NULL; + +const failable userInfoFromSession(const string& realm, request_rec* r) { + debug("modopenauth::userInfoFromSession"); + if (ap_session_load_fn == NULL) + ap_session_load_fn = APR_RETRIEVE_OPTIONAL_FN(ap_session_load); + session_rec *z = NULL; + ap_session_load_fn(r, &z); + if (z == NULL) + return mkfailure("Couldn't retrieve user session"); + apr_table_do(debugSession, r, z->entries, NULL); + + if (ap_session_get_fn == NULL) + ap_session_get_fn = APR_RETRIEVE_OPTIONAL_FN(ap_session_get); + const char* user = NULL; + ap_session_get_fn(r, z, c_str(realm + "-user"), &user); + if (user == NULL) + return mkfailure("Couldn't retrieve user id"); + const char* pw = NULL; + ap_session_get_fn(r, z, c_str(realm + "-pw"), &pw); + if (pw == NULL) + return mkfailure("Couldn't retrieve password"); + return value(mklist(mklist("realm", realm), mklist("id", string(user)), mklist("password", string(pw)))); +} + /** * Return the user info from a form auth session cookie. */ -const failable userInfo(const value& sid, const string& realm) { +const failable userInfoFromCookie(const value& sid, const string& realm, request_rec* r) { const list> info = httpd::queryArgs(sid); - debug(info, "modopenauth::userInfo::info"); + debug(info, "modopenauth::userInfoFromCookie::info"); const list user = assoc(realm + "-user", info); if (isNil(user)) - return mkfailure("Couldn't retrieve user id"); + return userInfoFromSession(realm, r); const list pw = assoc(realm + "-pw", info); if (isNil(pw)) return mkfailure("Couldn't retrieve password"); @@ -94,8 +131,8 @@ const failable userInfo(const value& sid, const string& realm) { /** * Return the user info from a basic auth header. */ -const failable userInfo(const char* header, const string& realm, request_rec* r) { - debug(header, "modopenauth::userInfo::header"); +const failable userInfoFromHeader(const char* header, const string& realm, request_rec* r) { + debug(header, "modopenauth::userInfoFromHeader::header"); if (strcasecmp(ap_getword(r->pool, &header, ' '), "Basic")) return mkfailure("Wrong authentication scheme"); @@ -176,7 +213,7 @@ static int checkAuthn(request_rec *r) { return httpd::reportStatus(mkfailure("Missing AuthName")); // Extract user info from the session id - const failable info = userInfo(content(sid), aname); + const failable info = userInfoFromCookie(content(sid), aname, r); if (hasContent(info)) { // Try to authenticate the request @@ -205,7 +242,7 @@ static int checkAuthn(request_rec *r) { return httpd::reportStatus(mkfailure("Missing AuthName")); // Extract user info from the session id - const failable info = userInfo(header, aname, r); + const failable info = userInfoFromHeader(header, aname, r); if (hasContent(info)) { // Try to authenticate the request -- cgit v1.2.3