clbascauth.cpp

linux下的一款播放器

    HX_RELEASE(m_pClientRespondee);

    return Ret;
}

// IHXClientAuthConversation
STDMETHODIMP 
CClientBasicAuthenticator::MakeResponse
(
    IHXClientAuthResponse* pClientRespondee,
    IHXRequest*            pClientRequest
)
{
    if(!pClientRespondee || !pClientRequest)
    {
	return HXR_UNEXPECTED;
    }
    
    m_pClientRequest = pClientRequest;
    m_pClientRequest->AddRef();
    m_pClientRequest->QueryInterface(IID_IHXRequestContext,
	(void **)&m_pRequestContext);

    m_pClientRespondee = pClientRespondee;
    m_pClientRespondee->AddRef();

    IHXValues* pChallengeHeaders = NULL;

    m_pClientRequest->GetResponseHeaders(pChallengeHeaders);

    if(!pChallengeHeaders)
    {
	m_pClientRespondee->ResponseReady(HXR_UNEXPECTED, pClientRequest);
	HX_RELEASE(m_pClientRespondee);
	return HXR_UNEXPECTED;
    }

    HX_RESULT Ret = HXR_FAIL;
    IHXBuffer* pChallengeBuf = NULL;

    pChallengeHeaders->GetPropertyCString("WWW-Authenticate", pChallengeBuf);

    m_bIsProxyAuthentication = FALSE;
    
    if (!pChallengeBuf)
    {
	pChallengeHeaders->GetPropertyCString("Proxy-Authenticate", pChallengeBuf);
	m_bIsProxyAuthentication = TRUE;
    }

    if (pChallengeBuf)
    {
	const char* sChallenge = (const char*) pChallengeBuf->GetBuffer();

	if(strncasecmp(sChallenge, "Basic", 5) == 0)
	{
	    IHXCredRequest* pCredRequest = NULL;
	    IHXValues*      pCredentials = NULL;

	    // Set up Prompt, User, Password fields for UI
	    _DescribeCredentials(pChallengeHeaders, &pCredentials);

	    m_pClientRespondee->QueryInterface(IID_IHXCredRequest,
		(void **)&pCredRequest);
	   
	    Ret = pCredRequest->GetCredentials(this, pCredentials);
	    // Flow continues in CredentialsReady()
	    HX_RELEASE(pCredRequest);
	    HX_RELEASE(pCredentials);
	}
	else
	{
	    m_pClientRespondee->ResponseReady(HXR_FAIL, NULL);
	    HX_RELEASE(m_pClientRespondee);
	}
    }
    else
    {
	m_pClientRespondee->ResponseReady(HXR_FAIL, NULL);
	HX_RELEASE(m_pClientRespondee);
    }

    HX_RELEASE(pChallengeHeaders);
    HX_RELEASE(pChallengeBuf);
    return Ret;
}

BOOL 
CClientBasicAuthenticator::IsDone()
{
    return m_bFinished;
}

STDMETHODIMP
CClientBasicAuthenticator::Authenticated(BOOL bAuthenticated)
{
    return HXR_OK;
}

void 
CClientBasicAuthenticator::_SetPropertyFromCharArray(IHXValues* pOptions, 
			  const char* sName, const char* sValue)
{
    IHXBuffer* pVal = NULL;
    CHXBuffer::FromCharArray(sValue, &pVal);
    pOptions->SetPropertyCString(sName, pVal);
    HX_RELEASE(pVal);
}

HX_RESULT 
CClientBasicAuthenticator::_DescribeCredentials
(
    IHXValues*  pChallengeHeaders,
    IHXValues** ppParms   
)
{
    HX_RESULT Ret = _ChallengeToCredentials(pChallengeHeaders, ppParms);

    if (SUCCEEDED(Ret) && (*ppParms))
    {
	// XXXSSH - does this msg ever actually shown anywhere??
	_SetPropertyFromCharArray(*ppParms, "Prompt",
	    "The Realm %Realm% has indicated that %URI% is secure \
	    content. Please fill out the credentials requested below \
	    to gain access. (WARNING: This type of authentication sends\
	    your password to the server)");
	_SetPropertyFromCharArray(*ppParms, "User", "?");
	_SetPropertyFromCharArray(*ppParms, "Password", "?*");
	
	// Now fill in the rest of pChallengeHeaders' stuff, so some
	// IHXAuthenticationManager2 implementor has the luxury of
	// picking and choosing what's appropriate. Like a future
	// "psuedonym" header, perhaps?
	
	IHXBuffer* pBuffer = NULL;
	const char * pName;
	
	HX_RESULT res = pChallengeHeaders->GetFirstPropertyCString(pName, pBuffer);
	while (res == HXR_OK)
	{
	    (*ppParms)->SetPropertyCString(pName, pBuffer);
	    
	    pBuffer->Release();
	    res = pChallengeHeaders->GetNextPropertyCString(pName, pBuffer);
	}
    }

    return Ret;
}

HX_RESULT
CClientBasicAuthenticator::_StorageToHeader
(
    IHXValues*  pCredentials,
    IHXBuffer*  pStoredPassword,
    IHXValues** ppResponseHeaders
)
{
    if (!pStoredPassword)
    {
	HX_ASSERT(0);
	return HXR_UNEXPECTED;
    }

    IHXBuffer* pUserName = NULL;
    HX_RESULT Ret = HXR_UNEXPECTED;

    if (FAILED(pCredentials->GetPropertyCString("UserName", pUserName)))
    {
	return HXR_UNEXPECTED;
    }

    char prebuf[1024]; /* Flawfinder: ignore */
    sprintf(prebuf, "%-.200s:%-.200s", pUserName->GetBuffer(), /* Flawfinder: ignore */
	pStoredPassword->GetBuffer());

    HX_RELEASE(pUserName);

    char encodedbuf[1024]; /* Flawfinder: ignore */
    INT32 encodedlen;
    encodedlen = BinTo64((const BYTE*)prebuf, strlen(prebuf), encodedbuf);
    if (encodedlen >=1024)
    {
	encodedlen = 1023;
    }
    encodedbuf[encodedlen] = '\0';

    char authbuf[1024]; /* Flawfinder: ignore */
    SafeSprintf(authbuf, 1024, "Basic %s", encodedbuf);
    
    (*ppResponseHeaders) = new CHXHeader;
    (*ppResponseHeaders)->AddRef();

    if (m_bIsProxyAuthentication)
    {
	_SetPropertyFromCharArray((*ppResponseHeaders), "Proxy-Authorization", authbuf);
    }
    else
    {
	_SetPropertyFromCharArray((*ppResponseHeaders), "Authorization", authbuf);
    }

    return Ret;
}

BOOL
CClientBasicAuthenticator::_GetQuotedValue
(
    const char*& instr, 
    char* valname, 
    char* valbuf
)
{
    char* equals = (char*)strchr(instr, '=');
    if(!equals)
	return FALSE;

    while(isspace(*(equals - 1)) && equals > instr) equals--;
    if(equals <= instr || (equals - instr > 200))
	return FALSE;

    strncpy(valname, instr, equals - instr); /* Flawfinder: ignore */
    valname[equals -instr] = 0;

    char* firstquote = strchr(equals, '"');
    if(!firstquote)
	return FALSE;

    char* secondquote = strchr(firstquote + 1, '"');
    if(!secondquote || (secondquote - firstquote > 200))
	return FALSE;

    strncpy(valbuf, firstquote + 1, secondquote - firstquote - 1); /* Flawfinder: ignore */
    valbuf[secondquote - firstquote - 1] = 0;
    instr = secondquote + 1;
    return TRUE;
}

HX_RESULT
CClientBasicAuthenticator::_ChallengeToCredentials
(
    IHXValues* pChallengeHeaders, 
    IHXValues** ppCredentials
)
{
    IHXBuffer* pChallengeBuf = NULL;

    if (m_bIsProxyAuthentication)
    {
	pChallengeHeaders->GetPropertyCString("Proxy-Authenticate", pChallengeBuf);
    }
    else
    {
	pChallengeHeaders->GetPropertyCString("WWW-Authenticate", pChallengeBuf);
    }

    if (!pChallengeBuf)
    {
	return HXR_FAIL;
    }

    const char* sChallenge = (const char*) pChallengeBuf->GetBuffer();

    if (strncasecmp(sChallenge, "Basic", 5) == 0)
    {
	BOOL done = FALSE;

	(*ppCredentials) = new CHXHeader;
	(*ppCredentials)->AddRef();

	sChallenge += 5;

	char valbuf[256]; /* Flawfinder: ignore */
	char valname[256]; /* Flawfinder: ignore */

	while(!done)
	{
	    while ((isspace(*sChallenge) || *sChallenge == ',') && *sChallenge)
	    {
		++sChallenge;
	    }

	    if(!(*sChallenge))
		break;

	    if(_GetQuotedValue(sChallenge, valname, valbuf))
	    {
		_SetPropertyFromCharArray((*ppCredentials), valname, valbuf);
	    }
	    else
	    {
		done = TRUE;
	    }
	}

	HX_RELEASE(pChallengeBuf);
	return HXR_OK;
    }

    HX_RELEASE(pChallengeBuf);
    return HXR_FAIL;
}