|
Packit Service |
ca3877 |
/* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*- */
|
|
Packit Service |
ca3877 |
/*
|
|
Packit Service |
ca3877 |
* soup-auth-manager.c: SoupAuth manager for SoupSession
|
|
Packit Service |
ca3877 |
*
|
|
Packit Service |
ca3877 |
* Copyright (C) 2007 Red Hat, Inc.
|
|
Packit Service |
ca3877 |
*/
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
#ifdef HAVE_CONFIG_H
|
|
Packit Service |
ca3877 |
#include <config.h>
|
|
Packit Service |
ca3877 |
#endif
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
#include <string.h>
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
#include "soup-auth-manager.h"
|
|
Packit Service |
ca3877 |
#include "soup.h"
|
|
Packit Service |
ca3877 |
#include "soup-connection-auth.h"
|
|
Packit Service |
ca3877 |
#include "soup-message-private.h"
|
|
Packit Service |
ca3877 |
#include "soup-message-queue.h"
|
|
Packit Service |
ca3877 |
#include "soup-path-map.h"
|
|
Packit Service |
ca3877 |
#include "soup-session-private.h"
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
/**
|
|
Packit Service |
ca3877 |
* SECTION:soup-auth-manager
|
|
Packit Service |
ca3877 |
* @short_description: HTTP client-side authentication handler
|
|
Packit Service |
ca3877 |
* @see_also: #SoupSession, #SoupAuth
|
|
Packit Service |
ca3877 |
*
|
|
Packit Service |
ca3877 |
* #SoupAuthManager is the #SoupSessionFeature that handles HTTP
|
|
Packit Service |
ca3877 |
* authentication for a #SoupSession.
|
|
Packit Service |
ca3877 |
*
|
|
Packit Service |
ca3877 |
* A #SoupAuthManager is added to the session by default, and normally
|
|
Packit Service |
ca3877 |
* you don't need to worry about it at all. However, if you want to
|
|
Packit Service |
ca3877 |
* disable HTTP authentication, you can remove the feature from the
|
|
Packit Service |
ca3877 |
* session with soup_session_remove_feature_by_type(), or disable it on
|
|
Packit Service |
ca3877 |
* individual requests with soup_message_disable_feature().
|
|
Packit Service |
ca3877 |
*
|
|
Packit Service |
ca3877 |
* Since: 2.42
|
|
Packit Service |
ca3877 |
**/
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
/**
|
|
Packit Service |
ca3877 |
* SOUP_TYPE_AUTH_MANAGER:
|
|
Packit Service |
ca3877 |
*
|
|
Packit Service |
ca3877 |
* The #GType of #SoupAuthManager; you can use this with
|
|
Packit Service |
ca3877 |
* soup_session_remove_feature_by_type() or
|
|
Packit Service |
ca3877 |
* soup_message_disable_feature().
|
|
Packit Service |
ca3877 |
*
|
|
Packit Service |
ca3877 |
* (Although this type has only been publicly visible since libsoup
|
|
Packit Service |
ca3877 |
* 2.42, it has always existed in the background, and you can use
|
|
Packit Service |
ca3877 |
* <literal>g_type_from_name ("SoupAuthManager")</literal>
|
|
Packit Service |
ca3877 |
* to get its #GType in earlier releases.)
|
|
Packit Service |
ca3877 |
*
|
|
Packit Service |
ca3877 |
* Since: 2.42
|
|
Packit Service |
ca3877 |
*/
|
|
Packit Service |
ca3877 |
static void soup_auth_manager_session_feature_init (SoupSessionFeatureInterface *feature_interface, gpointer interface_data);
|
|
Packit Service |
ca3877 |
static SoupSessionFeatureInterface *soup_session_feature_default_interface;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
enum {
|
|
Packit Service |
ca3877 |
AUTHENTICATE,
|
|
Packit Service |
ca3877 |
LAST_SIGNAL
|
|
Packit Service |
ca3877 |
};
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static guint signals[LAST_SIGNAL] = { 0 };
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
struct SoupAuthManagerPrivate {
|
|
Packit Service |
ca3877 |
SoupSession *session;
|
|
Packit Service |
ca3877 |
GPtrArray *auth_types;
|
|
Packit Service |
ca3877 |
gboolean auto_ntlm;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
GMutex lock;
|
|
Packit Service |
ca3877 |
SoupAuth *proxy_auth;
|
|
Packit Service |
ca3877 |
GHashTable *auth_hosts;
|
|
Packit Service |
ca3877 |
};
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
typedef struct {
|
|
Packit Service |
ca3877 |
SoupURI *uri;
|
|
Packit Service |
ca3877 |
SoupPathMap *auth_realms; /* path -> scheme:realm */
|
|
Packit Service |
ca3877 |
GHashTable *auths; /* scheme:realm -> SoupAuth */
|
|
Packit Service |
ca3877 |
} SoupAuthHost;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
G_DEFINE_TYPE_WITH_CODE (SoupAuthManager, soup_auth_manager, G_TYPE_OBJECT,
|
|
Packit Service |
ca3877 |
G_ADD_PRIVATE (SoupAuthManager)
|
|
Packit Service |
ca3877 |
G_IMPLEMENT_INTERFACE (SOUP_TYPE_SESSION_FEATURE,
|
|
Packit Service |
ca3877 |
soup_auth_manager_session_feature_init))
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static void soup_auth_host_free (SoupAuthHost *host);
|
|
Packit Service |
ca3877 |
static SoupAuth *record_auth_for_uri (SoupAuthManagerPrivate *priv,
|
|
Packit Service |
ca3877 |
SoupURI *uri, SoupAuth *auth,
|
|
Packit Service |
ca3877 |
gboolean prior_auth_failed);
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static void
|
|
Packit Service |
ca3877 |
soup_auth_manager_init (SoupAuthManager *manager)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
SoupAuthManagerPrivate *priv;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
priv = manager->priv = soup_auth_manager_get_instance_private (manager);
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
priv->auth_types = g_ptr_array_new_with_free_func ((GDestroyNotify)g_type_class_unref);
|
|
Packit Service |
ca3877 |
priv->auth_hosts = g_hash_table_new_full (soup_uri_host_hash,
|
|
Packit Service |
ca3877 |
soup_uri_host_equal,
|
|
Packit Service |
ca3877 |
NULL,
|
|
Packit Service |
ca3877 |
(GDestroyNotify)soup_auth_host_free);
|
|
Packit Service |
ca3877 |
g_mutex_init (&priv->lock);
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static void
|
|
Packit Service |
ca3877 |
soup_auth_manager_finalize (GObject *object)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
SoupAuthManagerPrivate *priv = SOUP_AUTH_MANAGER (object)->priv;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
g_ptr_array_free (priv->auth_types, TRUE);
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
g_hash_table_destroy (priv->auth_hosts);
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
g_clear_object (&priv->proxy_auth);
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
g_mutex_clear (&priv->lock);
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
G_OBJECT_CLASS (soup_auth_manager_parent_class)->finalize (object);
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static void
|
|
Packit Service |
ca3877 |
soup_auth_manager_class_init (SoupAuthManagerClass *auth_manager_class)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
GObjectClass *object_class = G_OBJECT_CLASS (auth_manager_class);
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
object_class->finalize = soup_auth_manager_finalize;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
/**
|
|
Packit Service |
ca3877 |
* SoupAuthManager::authenticate:
|
|
Packit Service |
ca3877 |
* @manager: the #SoupAuthManager
|
|
Packit Service |
ca3877 |
* @msg: the #SoupMessage being sent
|
|
Packit Service |
ca3877 |
* @auth: the #SoupAuth to authenticate
|
|
Packit Service |
ca3877 |
* @retrying: %TRUE if this is the second (or later) attempt
|
|
Packit Service |
ca3877 |
*
|
|
Packit Service |
ca3877 |
* Emitted when the manager requires the application to
|
|
Packit Service |
ca3877 |
* provide authentication credentials.
|
|
Packit Service |
ca3877 |
*
|
|
Packit Service |
ca3877 |
* #SoupSession connects to this signal and emits its own
|
|
Packit Service |
ca3877 |
* #SoupSession::authenticate signal when it is emitted, so
|
|
Packit Service |
ca3877 |
* you shouldn't need to use this signal directly.
|
|
Packit Service |
ca3877 |
*/
|
|
Packit Service |
ca3877 |
signals[AUTHENTICATE] =
|
|
Packit Service |
ca3877 |
g_signal_new ("authenticate",
|
|
Packit Service |
ca3877 |
G_OBJECT_CLASS_TYPE (object_class),
|
|
Packit Service |
ca3877 |
G_SIGNAL_RUN_FIRST,
|
|
Packit Service |
ca3877 |
G_STRUCT_OFFSET (SoupAuthManagerClass, authenticate),
|
|
Packit Service |
ca3877 |
NULL, NULL,
|
|
Packit Service |
ca3877 |
NULL,
|
|
Packit Service |
ca3877 |
G_TYPE_NONE, 3,
|
|
Packit Service |
ca3877 |
SOUP_TYPE_MESSAGE,
|
|
Packit Service |
ca3877 |
SOUP_TYPE_AUTH,
|
|
Packit Service |
ca3877 |
G_TYPE_BOOLEAN);
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static int
|
|
Packit Service |
ca3877 |
auth_type_compare_func (gconstpointer a, gconstpointer b)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
SoupAuthClass **auth1 = (SoupAuthClass **)a;
|
|
Packit Service |
ca3877 |
SoupAuthClass **auth2 = (SoupAuthClass **)b;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
return (*auth1)->strength - (*auth2)->strength;
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static gboolean
|
|
Packit Service |
ca3877 |
soup_auth_manager_add_feature (SoupSessionFeature *feature, GType type)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
SoupAuthManagerPrivate *priv = SOUP_AUTH_MANAGER (feature)->priv;
|
|
Packit Service |
ca3877 |
SoupAuthClass *auth_class;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
if (!g_type_is_a (type, SOUP_TYPE_AUTH))
|
|
Packit Service |
ca3877 |
return FALSE;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
auth_class = g_type_class_ref (type);
|
|
Packit Service |
ca3877 |
g_ptr_array_add (priv->auth_types, auth_class);
|
|
Packit Service |
ca3877 |
g_ptr_array_sort (priv->auth_types, auth_type_compare_func);
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
/* Plain SoupSession does not get the backward-compat
|
|
Packit Service |
ca3877 |
* auto-NTLM behavior; SoupSession subclasses do.
|
|
Packit Service |
ca3877 |
*/
|
|
Packit Service |
ca3877 |
if (type == SOUP_TYPE_AUTH_NTLM &&
|
|
Packit Service |
ca3877 |
G_TYPE_FROM_INSTANCE (priv->session) != SOUP_TYPE_SESSION)
|
|
Packit Service |
ca3877 |
priv->auto_ntlm = TRUE;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
return TRUE;
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static gboolean
|
|
Packit Service |
ca3877 |
soup_auth_manager_remove_feature (SoupSessionFeature *feature, GType type)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
SoupAuthManagerPrivate *priv = SOUP_AUTH_MANAGER (feature)->priv;
|
|
Packit Service |
ca3877 |
SoupAuthClass *auth_class;
|
|
Packit Service |
ca3877 |
guint i;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
if (!g_type_is_a (type, SOUP_TYPE_AUTH))
|
|
Packit Service |
ca3877 |
return FALSE;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
auth_class = g_type_class_peek (type);
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
for (i = 0; i < priv->auth_types->len; i++) {
|
|
Packit Service |
ca3877 |
if (priv->auth_types->pdata[i] == (gpointer)auth_class) {
|
|
Packit Service |
ca3877 |
if (type == SOUP_TYPE_AUTH_NTLM)
|
|
Packit Service |
ca3877 |
priv->auto_ntlm = FALSE;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
g_ptr_array_remove_index (priv->auth_types, i);
|
|
Packit Service |
ca3877 |
return TRUE;
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
return FALSE;
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static gboolean
|
|
Packit Service |
ca3877 |
soup_auth_manager_has_feature (SoupSessionFeature *feature, GType type)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
SoupAuthManagerPrivate *priv = SOUP_AUTH_MANAGER (feature)->priv;
|
|
Packit Service |
ca3877 |
SoupAuthClass *auth_class;
|
|
Packit Service |
ca3877 |
guint i;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
if (!g_type_is_a (type, SOUP_TYPE_AUTH))
|
|
Packit Service |
ca3877 |
return FALSE;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
auth_class = g_type_class_peek (type);
|
|
Packit Service |
ca3877 |
for (i = 0; i < priv->auth_types->len; i++) {
|
|
Packit Service |
ca3877 |
if (priv->auth_types->pdata[i] == (gpointer)auth_class)
|
|
Packit Service |
ca3877 |
return TRUE;
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
return FALSE;
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static void
|
|
Packit Service |
ca3877 |
soup_auth_manager_attach (SoupSessionFeature *feature, SoupSession *session)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
SoupAuthManagerPrivate *priv = SOUP_AUTH_MANAGER (feature)->priv;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
/* FIXME: should support multiple sessions */
|
|
Packit Service |
ca3877 |
priv->session = session;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
soup_session_feature_default_interface->attach (feature, session);
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static inline const char *
|
|
Packit Service |
ca3877 |
auth_header_for_message (SoupMessage *msg)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
if (msg->status_code == SOUP_STATUS_PROXY_UNAUTHORIZED) {
|
|
Packit Service |
ca3877 |
return soup_message_headers_get_list (msg->response_headers,
|
|
Packit Service |
ca3877 |
"Proxy-Authenticate");
|
|
Packit Service |
ca3877 |
} else {
|
|
Packit Service |
ca3877 |
return soup_message_headers_get_list (msg->response_headers,
|
|
Packit Service |
ca3877 |
"WWW-Authenticate");
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static GSList *
|
|
Packit Service |
ca3877 |
next_challenge_start (GSList *items)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
/* The relevant grammar (from httpbis):
|
|
Packit Service |
ca3877 |
*
|
|
Packit Service |
ca3877 |
* WWW-Authenticate = 1#challenge
|
|
Packit Service |
ca3877 |
* Proxy-Authenticate = 1#challenge
|
|
Packit Service |
ca3877 |
* challenge = auth-scheme [ 1*SP ( b64token / #auth-param ) ]
|
|
Packit Service |
ca3877 |
* auth-scheme = token
|
|
Packit Service |
ca3877 |
* auth-param = token BWS "=" BWS ( token / quoted-string )
|
|
Packit Service |
ca3877 |
* b64token = 1*( ALPHA / DIGIT /
|
|
Packit Service |
ca3877 |
* "-" / "." / "_" / "~" / "+" / "/" ) *"="
|
|
Packit Service |
ca3877 |
*
|
|
Packit Service |
ca3877 |
* The fact that quoted-strings can contain commas, equals
|
|
Packit Service |
ca3877 |
* signs, and auth scheme names makes it tricky to "cheat" on
|
|
Packit Service |
ca3877 |
* the parsing. So soup_auth_manager_extract_challenge() will
|
|
Packit Service |
ca3877 |
* have used soup_header_parse_list() to split the header into
|
|
Packit Service |
ca3877 |
* items. Given the grammar above, the possible items are:
|
|
Packit Service |
ca3877 |
*
|
|
Packit Service |
ca3877 |
* auth-scheme
|
|
Packit Service |
ca3877 |
* auth-scheme 1*SP b64token
|
|
Packit Service |
ca3877 |
* auth-scheme 1*SP auth-param
|
|
Packit Service |
ca3877 |
* auth-param
|
|
Packit Service |
ca3877 |
*
|
|
Packit Service |
ca3877 |
* where the first three represent the start of a new challenge and
|
|
Packit Service |
ca3877 |
* the last one does not.
|
|
Packit Service |
ca3877 |
*/
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
for (; items; items = items->next) {
|
|
Packit Service |
ca3877 |
const char *item = items->data;
|
|
Packit Service |
ca3877 |
const char *sp = strpbrk (item, "\t\r\n ");
|
|
Packit Service |
ca3877 |
const char *eq = strchr (item, '=');
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
if (!eq) {
|
|
Packit Service |
ca3877 |
/* No "=", so it can't be an auth-param */
|
|
Packit Service |
ca3877 |
return items;
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
if (!sp || sp > eq) {
|
|
Packit Service |
ca3877 |
/* No space, or first space appears after the "=",
|
|
Packit Service |
ca3877 |
* so it must be an auth-param.
|
|
Packit Service |
ca3877 |
*/
|
|
Packit Service |
ca3877 |
continue;
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
while (g_ascii_isspace (*++sp))
|
|
Packit Service |
ca3877 |
;
|
|
Packit Service |
ca3877 |
if (sp == eq) {
|
|
Packit Service |
ca3877 |
/* First "=" appears immediately after the first
|
|
Packit Service |
ca3877 |
* space, so this must be an auth-param with
|
|
Packit Service |
ca3877 |
* space around the "=".
|
|
Packit Service |
ca3877 |
*/
|
|
Packit Service |
ca3877 |
continue;
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
/* "auth-scheme auth-param" or "auth-scheme b64token" */
|
|
Packit Service |
ca3877 |
return items;
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
return NULL;
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static char *
|
|
Packit Service |
ca3877 |
soup_auth_manager_extract_challenge (const char *challenges, const char *scheme)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
GSList *items, *i, *next;
|
|
Packit Service |
ca3877 |
int schemelen = strlen (scheme);
|
|
Packit Service |
ca3877 |
char *item;
|
|
Packit Service |
ca3877 |
GString *challenge;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
items = soup_header_parse_list (challenges);
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
/* First item will start with the scheme name, followed by
|
|
Packit Service |
ca3877 |
* either nothing, or else a space and then the first
|
|
Packit Service |
ca3877 |
* auth-param.
|
|
Packit Service |
ca3877 |
*/
|
|
Packit Service |
ca3877 |
for (i = items; i; i = next_challenge_start (i->next)) {
|
|
Packit Service |
ca3877 |
item = i->data;
|
|
Packit Service |
ca3877 |
if (!g_ascii_strncasecmp (item, scheme, schemelen) &&
|
|
Packit Service |
ca3877 |
(!item[schemelen] || g_ascii_isspace (item[schemelen])))
|
|
Packit Service |
ca3877 |
break;
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
if (!i) {
|
|
Packit Service |
ca3877 |
soup_header_free_list (items);
|
|
Packit Service |
ca3877 |
return NULL;
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
next = next_challenge_start (i->next);
|
|
Packit Service |
ca3877 |
challenge = g_string_new (item);
|
|
Packit Service |
ca3877 |
for (i = i->next; i != next; i = i->next) {
|
|
Packit Service |
ca3877 |
item = i->data;
|
|
Packit Service |
ca3877 |
g_string_append (challenge, ", ");
|
|
Packit Service |
ca3877 |
g_string_append (challenge, item);
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
soup_header_free_list (items);
|
|
Packit Service |
ca3877 |
return g_string_free (challenge, FALSE);
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static SoupAuth *
|
|
Packit Service |
ca3877 |
create_auth (SoupAuthManagerPrivate *priv, SoupMessage *msg)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
const char *header;
|
|
Packit Service |
ca3877 |
SoupAuthClass *auth_class;
|
|
Packit Service |
ca3877 |
char *challenge = NULL;
|
|
Packit Service |
ca3877 |
SoupAuth *auth = NULL;
|
|
Packit Service |
ca3877 |
int i;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
header = auth_header_for_message (msg);
|
|
Packit Service |
ca3877 |
if (!header)
|
|
Packit Service |
ca3877 |
return NULL;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
for (i = priv->auth_types->len - 1; i >= 0; i--) {
|
|
Packit Service |
ca3877 |
auth_class = priv->auth_types->pdata[i];
|
|
Packit Service |
ca3877 |
challenge = soup_auth_manager_extract_challenge (header, auth_class->scheme_name);
|
|
Packit Service |
ca3877 |
if (!challenge)
|
|
Packit Service |
ca3877 |
continue;
|
|
Packit Service |
ca3877 |
auth = soup_auth_new (G_TYPE_FROM_CLASS (auth_class), msg, challenge);
|
|
Packit Service |
ca3877 |
g_free (challenge);
|
|
Packit Service |
ca3877 |
if (auth)
|
|
Packit Service |
ca3877 |
break;
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
return auth;
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static gboolean
|
|
Packit Service |
ca3877 |
check_auth (SoupMessage *msg, SoupAuth *auth)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
const char *header, *scheme;
|
|
Packit Service |
ca3877 |
char *challenge = NULL;
|
|
Packit Service |
ca3877 |
gboolean ok = TRUE;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
scheme = soup_auth_get_scheme_name (auth);
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
header = auth_header_for_message (msg);
|
|
Packit Service |
ca3877 |
if (header)
|
|
Packit Service |
ca3877 |
challenge = soup_auth_manager_extract_challenge (header, scheme);
|
|
Packit Service |
ca3877 |
if (!challenge) {
|
|
Packit Service |
ca3877 |
ok = FALSE;
|
|
Packit Service |
ca3877 |
challenge = g_strdup (scheme);
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
if (!soup_auth_update (auth, msg, challenge))
|
|
Packit Service |
ca3877 |
ok = FALSE;
|
|
Packit Service |
ca3877 |
g_free (challenge);
|
|
Packit Service |
ca3877 |
return ok;
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static SoupAuthHost *
|
|
Packit Service |
ca3877 |
get_auth_host_for_uri (SoupAuthManagerPrivate *priv, SoupURI *uri)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
SoupAuthHost *host;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
host = g_hash_table_lookup (priv->auth_hosts, uri);
|
|
Packit Service |
ca3877 |
if (host)
|
|
Packit Service |
ca3877 |
return host;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
host = g_slice_new0 (SoupAuthHost);
|
|
Packit Service |
ca3877 |
host->uri = soup_uri_copy_host (uri);
|
|
Packit Service |
ca3877 |
g_hash_table_insert (priv->auth_hosts, host->uri, host);
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
return host;
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static void
|
|
Packit Service |
ca3877 |
soup_auth_host_free (SoupAuthHost *host)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
g_clear_pointer (&host->auth_realms, soup_path_map_free);
|
|
Packit Service |
ca3877 |
g_clear_pointer (&host->auths, g_hash_table_destroy);
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
soup_uri_free (host->uri);
|
|
Packit Service |
ca3877 |
g_slice_free (SoupAuthHost, host);
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static gboolean
|
|
Packit Service |
ca3877 |
make_auto_ntlm_auth (SoupAuthManagerPrivate *priv, SoupAuthHost *host)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
SoupAuth *auth;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
if (!priv->auto_ntlm)
|
|
Packit Service |
ca3877 |
return FALSE;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
auth = g_object_new (SOUP_TYPE_AUTH_NTLM,
|
|
Packit Service |
ca3877 |
SOUP_AUTH_HOST, host->uri->host,
|
|
Packit Service |
ca3877 |
NULL);
|
|
Packit Service |
ca3877 |
record_auth_for_uri (priv, host->uri, auth, FALSE);
|
|
Packit Service |
ca3877 |
g_object_unref (auth);
|
|
Packit Service |
ca3877 |
return TRUE;
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static void
|
|
Packit Service |
ca3877 |
update_authorization_header (SoupMessage *msg, SoupAuth *auth, gboolean is_proxy)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
const char *authorization_header = is_proxy ? "Proxy-Authorization" : "Authorization";
|
|
Packit Service |
ca3877 |
char *token;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
if (soup_message_get_auth (msg))
|
|
Packit Service |
ca3877 |
soup_message_headers_remove (msg->request_headers, authorization_header);
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
if (!auth)
|
|
Packit Service |
ca3877 |
return;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
token = soup_auth_get_authorization (auth, msg);
|
|
Packit Service |
ca3877 |
if (!token)
|
|
Packit Service |
ca3877 |
return;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
soup_message_headers_replace (msg->request_headers, authorization_header, token);
|
|
Packit Service |
ca3877 |
g_free (token);
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static SoupAuth *
|
|
Packit Service |
ca3877 |
lookup_auth (SoupAuthManagerPrivate *priv, SoupMessage *msg)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
SoupAuthHost *host;
|
|
Packit Service |
ca3877 |
const char *path, *realm;
|
|
Packit Service |
ca3877 |
SoupAuth *auth;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
/* If the message already has a ready auth, use that instead */
|
|
Packit Service |
ca3877 |
auth = soup_message_get_auth (msg);
|
|
Packit Service |
ca3877 |
if (auth && soup_auth_is_ready (auth, msg))
|
|
Packit Service |
ca3877 |
return auth;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
if (soup_message_get_flags (msg) & SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE)
|
|
Packit Service |
ca3877 |
return NULL;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
host = get_auth_host_for_uri (priv, soup_message_get_uri (msg));
|
|
Packit Service |
ca3877 |
if (!host->auth_realms && !make_auto_ntlm_auth (priv, host))
|
|
Packit Service |
ca3877 |
return NULL;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
path = soup_message_get_uri (msg)->path;
|
|
Packit Service |
ca3877 |
if (!path)
|
|
Packit Service |
ca3877 |
path = "/";
|
|
Packit Service |
ca3877 |
realm = soup_path_map_lookup (host->auth_realms, path);
|
|
Packit Service |
ca3877 |
if (realm)
|
|
Packit Service |
ca3877 |
return g_hash_table_lookup (host->auths, realm);
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
return NULL;
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static SoupAuth *
|
|
Packit Service |
ca3877 |
lookup_proxy_auth (SoupAuthManagerPrivate *priv, SoupMessage *msg)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
SoupAuth *auth;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
/* If the message already has a ready auth, use that instead */
|
|
Packit Service |
ca3877 |
auth = soup_message_get_proxy_auth (msg);
|
|
Packit Service |
ca3877 |
if (auth && soup_auth_is_ready (auth, msg))
|
|
Packit Service |
ca3877 |
return auth;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
if (soup_message_get_flags (msg) & SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE)
|
|
Packit Service |
ca3877 |
return NULL;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
return priv->proxy_auth;
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static void
|
|
Packit Service |
ca3877 |
authenticate_auth (SoupAuthManager *manager, SoupAuth *auth,
|
|
Packit Service |
ca3877 |
SoupMessage *msg, gboolean prior_auth_failed,
|
|
Packit Service |
ca3877 |
gboolean proxy, gboolean can_interact)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
SoupAuthManagerPrivate *priv = manager->priv;
|
|
Packit Service |
ca3877 |
SoupURI *uri;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
if (!soup_auth_can_authenticate (auth))
|
|
Packit Service |
ca3877 |
return;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
if (proxy) {
|
|
Packit Service |
ca3877 |
SoupMessageQueue *queue;
|
|
Packit Service |
ca3877 |
SoupMessageQueueItem *item;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
queue = soup_session_get_queue (priv->session);
|
|
Packit Service |
ca3877 |
item = soup_message_queue_lookup (queue, msg);
|
|
Packit Service |
ca3877 |
if (!item)
|
|
Packit Service |
ca3877 |
return;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
/* When loaded from the disk cache, the connection is NULL. */
|
|
Packit Service |
ca3877 |
uri = item->conn ? soup_connection_get_proxy_uri (item->conn) : NULL;
|
|
Packit Service |
ca3877 |
soup_message_queue_item_unref (item);
|
|
Packit Service |
ca3877 |
if (!uri)
|
|
Packit Service |
ca3877 |
return;
|
|
Packit Service |
ca3877 |
} else
|
|
Packit Service |
ca3877 |
uri = soup_message_get_uri (msg);
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
/* If a password is specified explicitly in the URI, use it
|
|
Packit Service |
ca3877 |
* even if the auth had previously already been authenticated.
|
|
Packit Service |
ca3877 |
*/
|
|
Packit Service |
ca3877 |
if (uri->password && uri->user) {
|
|
Packit Service |
ca3877 |
soup_auth_authenticate (auth, uri->user, uri->password);
|
|
Packit Service |
ca3877 |
soup_uri_set_password (uri, NULL);
|
|
Packit Service |
ca3877 |
soup_uri_set_user (uri, NULL);
|
|
Packit Service |
ca3877 |
} else if (!soup_auth_is_authenticated (auth) && can_interact) {
|
|
Packit Service |
ca3877 |
g_signal_emit (manager, signals[AUTHENTICATE], 0,
|
|
Packit Service |
ca3877 |
msg, auth, prior_auth_failed);
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static SoupAuth *
|
|
Packit Service |
ca3877 |
record_auth_for_uri (SoupAuthManagerPrivate *priv, SoupURI *uri,
|
|
Packit Service |
ca3877 |
SoupAuth *auth, gboolean prior_auth_failed)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
SoupAuthHost *host;
|
|
Packit Service |
ca3877 |
SoupAuth *old_auth;
|
|
Packit Service |
ca3877 |
const char *path;
|
|
Packit Service |
ca3877 |
char *auth_info, *old_auth_info;
|
|
Packit Service |
ca3877 |
GSList *pspace, *p;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
host = get_auth_host_for_uri (priv, uri);
|
|
Packit Service |
ca3877 |
auth_info = soup_auth_get_info (auth);
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
if (!host->auth_realms) {
|
|
Packit Service |
ca3877 |
host->auth_realms = soup_path_map_new (g_free);
|
|
Packit Service |
ca3877 |
host->auths = g_hash_table_new_full (g_str_hash, g_str_equal,
|
|
Packit Service |
ca3877 |
g_free, g_object_unref);
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
/* Record where this auth realm is used. */
|
|
Packit Service |
ca3877 |
pspace = soup_auth_get_protection_space (auth, uri);
|
|
Packit Service |
ca3877 |
for (p = pspace; p; p = p->next) {
|
|
Packit Service |
ca3877 |
path = p->data;
|
|
Packit Service |
ca3877 |
old_auth_info = soup_path_map_lookup (host->auth_realms, path);
|
|
Packit Service |
ca3877 |
if (old_auth_info) {
|
|
Packit Service |
ca3877 |
if (!strcmp (old_auth_info, auth_info))
|
|
Packit Service |
ca3877 |
continue;
|
|
Packit Service |
ca3877 |
soup_path_map_remove (host->auth_realms, path);
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
soup_path_map_add (host->auth_realms, path,
|
|
Packit Service |
ca3877 |
g_strdup (auth_info));
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
soup_auth_free_protection_space (auth, pspace);
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
/* Now, make sure the auth is recorded. (If there's a
|
|
Packit Service |
ca3877 |
* pre-existing good auth, we keep that rather than the new one,
|
|
Packit Service |
ca3877 |
* since the old one might already be authenticated.)
|
|
Packit Service |
ca3877 |
*/
|
|
Packit Service |
ca3877 |
old_auth = g_hash_table_lookup (host->auths, auth_info);
|
|
Packit Service |
ca3877 |
if (old_auth && (old_auth != auth || !prior_auth_failed)) {
|
|
Packit Service |
ca3877 |
g_free (auth_info);
|
|
Packit Service |
ca3877 |
return old_auth;
|
|
Packit Service |
ca3877 |
} else {
|
|
Packit Service |
ca3877 |
g_hash_table_insert (host->auths, auth_info,
|
|
Packit Service |
ca3877 |
g_object_ref (auth));
|
|
Packit Service |
ca3877 |
return auth;
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static void
|
|
Packit Service |
ca3877 |
auth_got_headers (SoupMessage *msg, gpointer manager)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
SoupAuthManagerPrivate *priv = SOUP_AUTH_MANAGER (manager)->priv;
|
|
Packit Service |
ca3877 |
SoupAuth *auth, *prior_auth;
|
|
Packit Service |
ca3877 |
gboolean prior_auth_failed = FALSE;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
g_mutex_lock (&priv->lock);
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
/* See if we used auth last time */
|
|
Packit Service |
ca3877 |
prior_auth = soup_message_get_auth (msg);
|
|
Packit Service |
ca3877 |
if (prior_auth && check_auth (msg, prior_auth)) {
|
|
Packit Service |
ca3877 |
auth = g_object_ref (prior_auth);
|
|
Packit Service |
ca3877 |
if (!soup_auth_is_ready (auth, msg))
|
|
Packit Service |
ca3877 |
prior_auth_failed = TRUE;
|
|
Packit Service |
ca3877 |
} else {
|
|
Packit Service |
ca3877 |
auth = create_auth (priv, msg);
|
|
Packit Service |
ca3877 |
if (!auth) {
|
|
Packit Service |
ca3877 |
g_mutex_unlock (&priv->lock);
|
|
Packit Service |
ca3877 |
return;
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
if (!(soup_message_get_flags (msg) & SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE)) {
|
|
Packit Service |
ca3877 |
SoupAuth *new_auth;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
new_auth = record_auth_for_uri (priv, soup_message_get_uri (msg),
|
|
Packit Service |
ca3877 |
auth, prior_auth_failed);
|
|
Packit Service |
ca3877 |
g_object_unref (auth);
|
|
Packit Service |
ca3877 |
auth = g_object_ref (new_auth);
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
/* If we need to authenticate, try to do it. */
|
|
Packit Service |
ca3877 |
authenticate_auth (manager, auth, msg,
|
|
Packit Service |
ca3877 |
prior_auth_failed, FALSE, TRUE);
|
|
Packit Service |
ca3877 |
soup_message_set_auth (msg, auth);
|
|
Packit Service |
ca3877 |
g_object_unref (auth);
|
|
Packit Service |
ca3877 |
g_mutex_unlock (&priv->lock);
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static void
|
|
Packit Service |
ca3877 |
auth_got_body (SoupMessage *msg, gpointer manager)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
SoupAuthManagerPrivate *priv = SOUP_AUTH_MANAGER (manager)->priv;
|
|
Packit Service |
ca3877 |
SoupAuth *auth;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
g_mutex_lock (&priv->lock);
|
|
Packit Service |
ca3877 |
auth = lookup_auth (priv, msg);
|
|
Packit Service |
ca3877 |
if (auth && soup_auth_is_ready (auth, msg)) {
|
|
Packit Service |
ca3877 |
if (SOUP_IS_CONNECTION_AUTH (auth)) {
|
|
Packit Service |
ca3877 |
SoupMessageFlags flags;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
flags = soup_message_get_flags (msg);
|
|
Packit Service |
ca3877 |
soup_message_set_flags (msg, flags & ~SOUP_MESSAGE_NEW_CONNECTION);
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
/* When not using cached credentials, update the Authorization header
|
|
Packit Service |
ca3877 |
* right before requeuing the message.
|
|
Packit Service |
ca3877 |
*/
|
|
Packit Service |
ca3877 |
if (soup_message_get_flags (msg) & SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE)
|
|
Packit Service |
ca3877 |
update_authorization_header (msg, auth, FALSE);
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
soup_session_requeue_message (priv->session, msg);
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
g_mutex_unlock (&priv->lock);
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static void
|
|
Packit Service |
ca3877 |
proxy_auth_got_headers (SoupMessage *msg, gpointer manager)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
SoupAuthManagerPrivate *priv = SOUP_AUTH_MANAGER (manager)->priv;
|
|
Packit Service |
ca3877 |
SoupAuth *auth = NULL, *prior_auth;
|
|
Packit Service |
ca3877 |
gboolean prior_auth_failed = FALSE;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
g_mutex_lock (&priv->lock);
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
/* See if we used auth last time */
|
|
Packit Service |
ca3877 |
prior_auth = soup_message_get_proxy_auth (msg);
|
|
Packit Service |
ca3877 |
if (prior_auth && check_auth (msg, prior_auth)) {
|
|
Packit Service |
ca3877 |
if (!soup_auth_is_ready (prior_auth, msg))
|
|
Packit Service |
ca3877 |
prior_auth_failed = TRUE;
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
if (!(soup_message_get_flags (msg) & SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE))
|
|
Packit Service |
ca3877 |
auth = priv->proxy_auth ? g_object_ref (priv->proxy_auth) : NULL;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
if (!auth) {
|
|
Packit Service |
ca3877 |
auth = create_auth (priv, msg);
|
|
Packit Service |
ca3877 |
if (!auth) {
|
|
Packit Service |
ca3877 |
g_mutex_unlock (&priv->lock);
|
|
Packit Service |
ca3877 |
return;
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
if (!(soup_message_get_flags (msg) & SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE))
|
|
Packit Service |
ca3877 |
priv->proxy_auth = g_object_ref (auth);
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
/* If we need to authenticate, try to do it. */
|
|
Packit Service |
ca3877 |
authenticate_auth (manager, auth, msg,
|
|
Packit Service |
ca3877 |
prior_auth_failed, TRUE, TRUE);
|
|
Packit Service |
ca3877 |
soup_message_set_proxy_auth (msg, auth);
|
|
Packit Service |
ca3877 |
g_object_unref (auth);
|
|
Packit Service |
ca3877 |
g_mutex_unlock (&priv->lock);
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static void
|
|
Packit Service |
ca3877 |
proxy_auth_got_body (SoupMessage *msg, gpointer manager)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
SoupAuthManagerPrivate *priv = SOUP_AUTH_MANAGER (manager)->priv;
|
|
Packit Service |
ca3877 |
SoupAuth *auth;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
g_mutex_lock (&priv->lock);
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
auth = lookup_proxy_auth (priv, msg);
|
|
Packit Service |
ca3877 |
if (auth && soup_auth_is_ready (auth, msg)) {
|
|
Packit Service |
ca3877 |
/* When not using cached credentials, update the Authorization header
|
|
Packit Service |
ca3877 |
* right before requeuing the message.
|
|
Packit Service |
ca3877 |
*/
|
|
Packit Service |
ca3877 |
if (soup_message_get_flags (msg) & SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE)
|
|
Packit Service |
ca3877 |
update_authorization_header (msg, auth, TRUE);
|
|
Packit Service |
ca3877 |
soup_session_requeue_message (priv->session, msg);
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
g_mutex_unlock (&priv->lock);
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static void
|
|
Packit Service |
ca3877 |
auth_msg_starting (SoupMessage *msg, gpointer manager)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
SoupAuthManagerPrivate *priv = SOUP_AUTH_MANAGER (manager)->priv;
|
|
Packit Service |
ca3877 |
SoupAuth *auth;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
if (soup_message_get_flags (msg) & SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE)
|
|
Packit Service |
ca3877 |
return;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
g_mutex_lock (&priv->lock);
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
if (msg->method != SOUP_METHOD_CONNECT) {
|
|
Packit Service |
ca3877 |
auth = lookup_auth (priv, msg);
|
|
Packit Service |
ca3877 |
if (auth) {
|
|
Packit Service |
ca3877 |
authenticate_auth (manager, auth, msg, FALSE, FALSE, FALSE);
|
|
Packit Service |
ca3877 |
if (!soup_auth_is_ready (auth, msg))
|
|
Packit Service |
ca3877 |
auth = NULL;
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
soup_message_set_auth (msg, auth);
|
|
Packit Service |
ca3877 |
update_authorization_header (msg, auth, FALSE);
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
auth = lookup_proxy_auth (priv, msg);
|
|
Packit Service |
ca3877 |
if (auth) {
|
|
Packit Service |
ca3877 |
authenticate_auth (manager, auth, msg, FALSE, TRUE, FALSE);
|
|
Packit Service |
ca3877 |
if (!soup_auth_is_ready (auth, msg))
|
|
Packit Service |
ca3877 |
auth = NULL;
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
soup_message_set_proxy_auth (msg, auth);
|
|
Packit Service |
ca3877 |
update_authorization_header (msg, auth, TRUE);
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
g_mutex_unlock (&priv->lock);
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static void
|
|
Packit Service |
ca3877 |
soup_auth_manager_request_queued (SoupSessionFeature *manager,
|
|
Packit Service |
ca3877 |
SoupSession *session,
|
|
Packit Service |
ca3877 |
SoupMessage *msg)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
g_signal_connect (msg, "starting",
|
|
Packit Service |
ca3877 |
G_CALLBACK (auth_msg_starting), manager);
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
soup_message_add_status_code_handler (
|
|
Packit Service |
ca3877 |
msg, "got_headers", SOUP_STATUS_UNAUTHORIZED,
|
|
Packit Service |
ca3877 |
G_CALLBACK (auth_got_headers), manager);
|
|
Packit Service |
ca3877 |
soup_message_add_status_code_handler (
|
|
Packit Service |
ca3877 |
msg, "got_body", SOUP_STATUS_UNAUTHORIZED,
|
|
Packit Service |
ca3877 |
G_CALLBACK (auth_got_body), manager);
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
soup_message_add_status_code_handler (
|
|
Packit Service |
ca3877 |
msg, "got_headers", SOUP_STATUS_PROXY_UNAUTHORIZED,
|
|
Packit Service |
ca3877 |
G_CALLBACK (proxy_auth_got_headers), manager);
|
|
Packit Service |
ca3877 |
soup_message_add_status_code_handler (
|
|
Packit Service |
ca3877 |
msg, "got_body", SOUP_STATUS_PROXY_UNAUTHORIZED,
|
|
Packit Service |
ca3877 |
G_CALLBACK (proxy_auth_got_body), manager);
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static void
|
|
Packit Service |
ca3877 |
soup_auth_manager_request_unqueued (SoupSessionFeature *manager,
|
|
Packit Service |
ca3877 |
SoupSession *session,
|
|
Packit Service |
ca3877 |
SoupMessage *msg)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
g_signal_handlers_disconnect_matched (msg, G_SIGNAL_MATCH_DATA,
|
|
Packit Service |
ca3877 |
0, 0, NULL, NULL, manager);
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
/**
|
|
Packit Service |
ca3877 |
* soup_auth_manager_use_auth:
|
|
Packit Service |
ca3877 |
* @manager: a #SoupAuthManager
|
|
Packit Service |
ca3877 |
* @uri: the #SoupURI under which @auth is to be used
|
|
Packit Service |
ca3877 |
* @auth: the #SoupAuth to use
|
|
Packit Service |
ca3877 |
*
|
|
Packit Service |
ca3877 |
* Records that @auth is to be used under @uri, as though a
|
|
Packit Service |
ca3877 |
* WWW-Authenticate header had been received at that URI. This can be
|
|
Packit Service |
ca3877 |
* used to "preload" @manager's auth cache, to avoid an extra HTTP
|
|
Packit Service |
ca3877 |
* round trip in the case where you know ahead of time that a 401
|
|
Packit Service |
ca3877 |
* response will be returned.
|
|
Packit Service |
ca3877 |
*
|
|
Packit Service |
ca3877 |
* This is only useful for authentication types where the initial
|
|
Packit Service |
ca3877 |
* Authorization header does not depend on any additional information
|
|
Packit Service |
ca3877 |
* from the server. (Eg, Basic or NTLM, but not Digest.)
|
|
Packit Service |
ca3877 |
*
|
|
Packit Service |
ca3877 |
* Since: 2.42
|
|
Packit Service |
ca3877 |
*/
|
|
Packit Service |
ca3877 |
void
|
|
Packit Service |
ca3877 |
soup_auth_manager_use_auth (SoupAuthManager *manager,
|
|
Packit Service |
ca3877 |
SoupURI *uri,
|
|
Packit Service |
ca3877 |
SoupAuth *auth)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
SoupAuthManagerPrivate *priv = manager->priv;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
g_mutex_lock (&priv->lock);
|
|
Packit Service |
ca3877 |
record_auth_for_uri (priv, uri, auth, FALSE);
|
|
Packit Service |
ca3877 |
g_mutex_unlock (&priv->lock);
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
/**
|
|
Packit Service |
ca3877 |
* soup_auth_manager_clear_cached_credentials:
|
|
Packit Service |
ca3877 |
* @manager: a #SoupAuthManager
|
|
Packit Service |
ca3877 |
*
|
|
Packit Service |
ca3877 |
* Clear all credentials cached by @manager
|
|
Packit Service |
ca3877 |
*
|
|
Packit Service |
ca3877 |
* Since: 2.58
|
|
Packit Service |
ca3877 |
*/
|
|
Packit Service |
ca3877 |
void
|
|
Packit Service |
ca3877 |
soup_auth_manager_clear_cached_credentials (SoupAuthManager *manager)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
SoupAuthManagerPrivate *priv;
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
g_return_if_fail (SOUP_IS_AUTH_MANAGER (manager));
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
priv = manager->priv;
|
|
Packit Service |
ca3877 |
g_mutex_lock (&priv->lock);
|
|
Packit Service |
ca3877 |
g_hash_table_remove_all (priv->auth_hosts);
|
|
Packit Service |
ca3877 |
g_mutex_unlock (&priv->lock);
|
|
Packit Service |
ca3877 |
}
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
static void
|
|
Packit Service |
ca3877 |
soup_auth_manager_session_feature_init (SoupSessionFeatureInterface *feature_interface,
|
|
Packit Service |
ca3877 |
gpointer interface_data)
|
|
Packit Service |
ca3877 |
{
|
|
Packit Service |
ca3877 |
soup_session_feature_default_interface =
|
|
Packit Service |
ca3877 |
g_type_default_interface_peek (SOUP_TYPE_SESSION_FEATURE);
|
|
Packit Service |
ca3877 |
|
|
Packit Service |
ca3877 |
feature_interface->attach = soup_auth_manager_attach;
|
|
Packit Service |
ca3877 |
feature_interface->request_queued = soup_auth_manager_request_queued;
|
|
Packit Service |
ca3877 |
feature_interface->request_unqueued = soup_auth_manager_request_unqueued;
|
|
Packit Service |
ca3877 |
feature_interface->add_feature = soup_auth_manager_add_feature;
|
|
Packit Service |
ca3877 |
feature_interface->remove_feature = soup_auth_manager_remove_feature;
|
|
Packit Service |
ca3877 |
feature_interface->has_feature = soup_auth_manager_has_feature;
|
|
Packit Service |
ca3877 |
}
|