GNU libmicrohttpd  0.9.59
HTTP authentication

Macros

#define MHD_INVALID_NONCE   -1
 
#define MHD_INVALID_NONCE   -1
 

Functions

_MHD_EXTERN char * MHD_digest_auth_get_username (struct MHD_Connection *connection)
 
_MHD_EXTERN int MHD_digest_auth_check (struct MHD_Connection *connection, const char *realm, const char *username, const char *password, unsigned int nonce_timeout)
 
_MHD_EXTERN int MHD_queue_auth_fail_response (struct MHD_Connection *connection, const char *realm, const char *opaque, struct MHD_Response *response, int signal_stale)
 
_MHD_EXTERN char * MHD_basic_auth_get_username_password (struct MHD_Connection *connection, char **password)
 
_MHD_EXTERN int MHD_queue_basic_auth_fail_response (struct MHD_Connection *connection, const char *realm, struct MHD_Response *response)
 

Detailed Description

MHD API related to basic and digest HTTP authentication.

Macro Definition Documentation

◆ MHD_INVALID_NONCE [1/2]

#define MHD_INVALID_NONCE   -1

MHD digest auth internal code for an invalid nonce.

Constant to indicate that the nonce of the provided authentication code was wrong.

Definition at line 3101 of file microhttpd.h.

Referenced by MHD_digest_auth_check().

◆ MHD_INVALID_NONCE [2/2]

#define MHD_INVALID_NONCE   -1

MHD digest auth internal code for an invalid nonce.

Constant to indicate that the nonce of the provided authentication code was wrong.

Definition at line 3101 of file microhttpd.h.

Function Documentation

◆ MHD_basic_auth_get_username_password()

char * MHD_basic_auth_get_username_password ( struct MHD_Connection connection,
char **  password 
)

Get the username and password from the basic authorization header sent by the client

Parameters
connectionThe MHD connection structure
[out]passworda pointer for the password, free using MHD_free().
Returns
NULL if no username could be found, a pointer to the username if found, free using MHD_free().

Get the username and password from the basic authorization header sent by the client

Parameters
connectionThe MHD connection structure
passworda pointer for the password
Returns
NULL if no username could be found, a pointer to the username if found

Definition at line 47 of file basicauth.c.

References _, _BASIC_BASE, BASE64Decode(), MHD_Connection::daemon, MHD_HEADER_KIND, MHD_HTTP_HEADER_AUTHORIZATION, MHD_lookup_connection_value(), MHD_STATICSTR_LEN_, and NULL.

Here is the call graph for this function:

◆ MHD_digest_auth_check()

int MHD_digest_auth_check ( struct MHD_Connection connection,
const char *  realm,
const char *  username,
const char *  password,
unsigned int  nonce_timeout 
)

Authenticates the authorization header sent by the client

Parameters
connectionThe MHD connection structure
realmThe realm presented to the client
usernameThe username needs to be authenticated
passwordThe password used in the authentication
nonce_timeoutThe amount of time for a nonce to be invalid in seconds
Returns
MHD_YES if authenticated, MHD_NO if not, MHD_INVALID_NONCE if nonce is invalid

Definition at line 674 of file digestauth.c.

References _, _BASE, calculate_nonce(), check_argument_match(), check_nonce_nc(), MHD_Connection::daemon, digest_calc_ha1(), digest_calc_response(), HASH_MD5_HEX_LEN, lookup_sub_value(), MAX_AUTH_RESPONSE_LENGTH, MAX_NONCE_LENGTH, MAX_REALM_LENGTH, MAX_USERNAME_LENGTH, MHD_Connection::method, MHD_HEADER_KIND, MHD_HTTP_HEADER_AUTHORIZATION, MHD_INVALID_NONCE, MHD_lookup_connection_value(), MHD_monotonic_sec_counter(), MHD_NO, MHD_STATICSTR_LEN_, MHD_strx_to_uint32_n_(), MHD_strx_to_uint64_n_(), MHD_YES, NONCE_STD_LEN, NULL, TIMESTAMP_HEX_LEN, MHD_Daemon::unescape_callback, MHD_Daemon::unescape_callback_cls, and MHD_Connection::url.

Here is the call graph for this function:

◆ MHD_digest_auth_get_username()

char * MHD_digest_auth_get_username ( struct MHD_Connection connection)

Get the username from the authorization header sent by the client

Parameters
connectionThe MHD connection structure
Returns
NULL if no username could be found, a pointer to the username if found, free using MHD_free().

Get the username from the authorization header sent by the client

Parameters
connectionThe MHD connection structure
Returns
NULL if no username could be found, a pointer to the username if found
Warning
Returned value must be freed by MHD_free().

Definition at line 469 of file digestauth.c.

References _BASE, lookup_sub_value(), MAX_USERNAME_LENGTH, MHD_HEADER_KIND, MHD_HTTP_HEADER_AUTHORIZATION, MHD_lookup_connection_value(), MHD_STATICSTR_LEN_, and NULL.

Here is the call graph for this function:

◆ MHD_queue_auth_fail_response()

int MHD_queue_auth_fail_response ( struct MHD_Connection connection,
const char *  realm,
const char *  opaque,
struct MHD_Response response,
int  signal_stale 
)

Queues a response to request authentication from the client

Parameters
connectionThe MHD connection structure
realmThe realm presented to the client
opaquestring to user for opaque value
responsereply to send; should contain the "access denied" body; note that this function will set the "WWW Authenticate" header and that the caller should not do this
signal_staleMHD_YES if the nonce is invalid to add 'stale=true' to the authentication header
Returns
MHD_YES on success, MHD_NO otherwise

Queues a response to request authentication from the client

Parameters
connectionThe MHD connection structure
realmthe realm presented to the client
opaquestring to user for opaque value
responsereply to send; should contain the "access denied" body; note that this function will set the "WWW Authenticate" header and that the caller should not do this
signal_staleMHD_YES if the nonce is invalid to add 'stale=true' to the authentication header
Returns
MHD_YES on success, MHD_NO otherwise

Definition at line 948 of file digestauth.c.

References _, calculate_nonce(), check_nonce_nc(), MHD_Connection::daemon, MHD_Connection::method, MHD_add_response_header(), MHD_calloc_(), MHD_HTTP_HEADER_WWW_AUTHENTICATE, MHD_HTTP_UNAUTHORIZED, MHD_monotonic_sec_counter(), MHD_NO, MHD_queue_response(), MHD_YES, NONCE_STD_LEN, NULL, and MHD_Connection::url.

Here is the call graph for this function:

◆ MHD_queue_basic_auth_fail_response()

int MHD_queue_basic_auth_fail_response ( struct MHD_Connection connection,
const char *  realm,
struct MHD_Response response 
)

Queues a response to request basic authentication from the client The given response object is expected to include the payload for the response; the "WWW-Authenticate" header will be added and the response queued with the 'UNAUTHORIZED' status code.

Parameters
connectionThe MHD connection structure
realmthe realm presented to the client
responseresponse object to modify and queue
Returns
MHD_YES on success, MHD_NO otherwise

Queues a response to request basic authentication from the client. The given response object is expected to include the payload for the response; the "WWW-Authenticate" header will be added and the response queued with the 'UNAUTHORIZED' status code.

Parameters
connectionThe MHD connection structure
realmthe realm presented to the client
responseresponse object to modify and queue
Returns
MHD_YES on success, MHD_NO otherwise

Definition at line 120 of file basicauth.c.

References _, MHD_Connection::daemon, MHD_add_response_header(), MHD_HTTP_HEADER_WWW_AUTHENTICATE, MHD_HTTP_UNAUTHORIZED, MHD_NO, MHD_queue_response(), MHD_YES, and NULL.

Here is the call graph for this function: