/**
* soup_auth_get_host:
* @auth: a #SoupAuth
*
* Returns the host that @auth is associated with.
*
* Return value: the hostname
**/
const char *
soup_auth_get_host (SoupAuth *auth)
{
g_return_val_if_fail (SOUP_IS_AUTH (auth), NULL);
return SOUP_AUTH_GET_PRIVATE (auth)->host;
}
/**
* soup_auth_get_scheme_name:
* @auth: a #SoupAuth
*
* Returns @auth's scheme name. (Eg, "Basic", "Digest", or "NTLM")
*
* Return value: the scheme name
**/
const char *
soup_auth_get_scheme_name (SoupAuth *auth)
{
g_return_val_if_fail (SOUP_IS_AUTH (auth), NULL);
return SOUP_AUTH_GET_CLASS (auth)->scheme_name;
}
/**
* soup_auth_get_realm:
* @auth: a #SoupAuth
*
* Returns @auth's realm. This is an identifier that distinguishes
* separate authentication spaces on a given server, and may be some
* string that is meaningful to the user. (Although it is probably not
* localized.)
*
* Return value: the realm name
**/
const char *
soup_auth_get_realm (SoupAuth *auth)
{
g_return_val_if_fail (SOUP_IS_AUTH (auth), NULL);
return auth->realm;
}
/**
* soup_auth_is_authenticated:
* @auth: a #SoupAuth
*
* Tests if @auth has been given a username and password
*
* Return value: %TRUE if @auth has been given a username and password
**/
gboolean
soup_auth_is_authenticated (SoupAuth *auth)
{
g_return_val_if_fail (SOUP_IS_AUTH (auth), TRUE);
return SOUP_AUTH_GET_CLASS (auth)->is_authenticated (auth);
}
/**
* soup_auth_can_authenticate:
* @auth: a #SoupAuth
*
* Tests if @auth is able to authenticate by providing credentials to the
* soup_auth_authenticate().
*
* Return value: %TRUE if @auth is able to accept credentials.
*
* Since: 2.54
**/
gboolean
soup_auth_can_authenticate (SoupAuth *auth)
{
g_return_val_if_fail (SOUP_IS_AUTH (auth), FALSE);
return SOUP_AUTH_GET_CLASS (auth)->can_authenticate (auth);
}
/**
* soup_auth_is_for_proxy:
* @auth: a #SoupAuth
*
* Tests whether or not @auth is associated with a proxy server rather
* than an "origin" server.
*
* Return value: %TRUE or %FALSE
**/
gboolean
soup_auth_is_for_proxy (SoupAuth *auth)
{
g_return_val_if_fail (SOUP_IS_AUTH (auth), FALSE);
return SOUP_AUTH_GET_PRIVATE (auth)->proxy;
}
/**
* soup_auth_update:
* @auth: a #SoupAuth
* @msg: the #SoupMessage @auth is being updated for
* @auth_header: the WWW-Authenticate/Proxy-Authenticate header
*
* Updates @auth with the information from @msg and @auth_header,
* possibly un-authenticating it. As with soup_auth_new(), this is
* normally only used by #SoupSession.
*
* Return value: %TRUE if @auth is still a valid (but potentially
* unauthenticated) #SoupAuth. %FALSE if something about @auth_params
* could not be parsed or incorporated into @auth at all.
**/
gboolean
soup_auth_update (SoupAuth *auth, SoupMessage *msg, const char *auth_header)
{
GHashTable *params;
const char *scheme, *realm;
gboolean was_authenticated, success;
g_return_val_if_fail (SOUP_IS_AUTH (auth), FALSE);
g_return_val_if_fail (SOUP_IS_MESSAGE (msg), FALSE);
g_return_val_if_fail (auth_header != NULL, FALSE);
scheme = soup_auth_get_scheme_name (auth);
if (g_ascii_strncasecmp (auth_header, scheme, strlen (scheme)) != 0)
return FALSE;
params = soup_header_parse_param_list (auth_header + strlen (scheme));
if (!params)
params = g_hash_table_new (NULL, NULL);
realm = g_hash_table_lookup (params, "realm");
if (realm && auth->realm && strcmp (realm, auth->realm) != 0) {
soup_header_free_param_list (params);
return FALSE;
}
was_authenticated = soup_auth_is_authenticated (auth);
success = SOUP_AUTH_GET_CLASS (auth)->update (auth, msg, params);
if (was_authenticated != soup_auth_is_authenticated (auth))
g_object_notify (G_OBJECT (auth), SOUP_AUTH_IS_AUTHENTICATED);
soup_header_free_param_list (params);
return success;
}
/**
* soup_auth_get_protection_space:
* @auth: a #SoupAuth
* @source_uri: the URI of the request that @auth was generated in
* response to.
*
* Returns a list of paths on the server which @auth extends over.
* (All subdirectories of these paths are also assumed to be part
* of @auth's protection space, unless otherwise discovered not to
* be.)
*
* Return value: (element-type utf8) (transfer full): the list of
* paths, which can be freed with soup_auth_free_protection_space().
**/
GSList *
soup_auth_get_protection_space (SoupAuth *auth, SoupURI *source_uri)
{
g_return_val_if_fail (SOUP_IS_AUTH (auth), NULL);
g_return_val_if_fail (source_uri != NULL, NULL);
return SOUP_AUTH_GET_CLASS (auth)->get_protection_space (auth, source_uri);
}
/**
* soup_auth_get_authorization:
* @auth: a #SoupAuth
* @msg: the #SoupMessage to be authorized
*
* Generates an appropriate "Authorization" header for @msg. (The
* session will only call this if soup_auth_is_authenticated()
* returned %TRUE.)
*
* Return value: the "Authorization" header, which must be freed.
**/
char *
soup_auth_get_authorization (SoupAuth *auth, SoupMessage *msg)
{
g_return_val_if_fail (SOUP_IS_AUTH (auth), NULL);
g_return_val_if_fail (msg != NULL, NULL);
return SOUP_AUTH_GET_CLASS (auth)->get_authorization (auth, msg);
}
/**
* soup_auth_is_for_proxy:
* @auth: a #SoupAuth
*
* Tests whether or not @auth is associated with a proxy server rather
* than an "origin" server.
*
* Return value: %TRUE or %FALSE
**/
gboolean
soup_auth_is_for_proxy (SoupAuth *auth)
{
SoupAuthPrivate *priv = soup_auth_get_instance_private (auth);
g_return_val_if_fail (SOUP_IS_AUTH (auth), FALSE);
return priv->proxy;
}
/**
* soup_auth_get_info:
* @auth: a #SoupAuth
*
* Gets an opaque identifier for @auth, for use as a hash key or the
* like. #SoupAuth objects from the same server with the same
* identifier refer to the same authentication domain (eg, the URLs
* associated with them take the same usernames and passwords).
*
* Return value: the identifier
**/
char *
soup_auth_get_info (SoupAuth *auth)
{
g_return_val_if_fail (SOUP_IS_AUTH (auth), NULL);
return g_strdup_printf ("%s:%s",
SOUP_AUTH_GET_CLASS (auth)->scheme_name,
auth->realm);
}
/**
* soup_auth_get_host:
* @auth: a #SoupAuth
*
* Returns the host that @auth is associated with.
*
* Return value: the hostname
**/
const char *
soup_auth_get_host (SoupAuth *auth)
{
SoupAuthPrivate *priv = soup_auth_get_instance_private (auth);
g_return_val_if_fail (SOUP_IS_AUTH (auth), NULL);
return priv->host;
}
static void
do_message_has_authorization_header_test (void)
{
SoupSession *session;
SoupMessage *msg;
SoupAuthManager *manager;
SoupAuth *auth = NULL;
char *token;
guint auth_id;
char *uri;
g_test_bug ("775882");
SOUP_TEST_SKIP_IF_NO_APACHE;
session = soup_test_session_new (SOUP_TYPE_SESSION, NULL);
uri = g_strconcat (base_uri, "Digest/realm1/", NULL);
msg = soup_message_new ("GET", uri);
auth_id = g_signal_connect (session, "authenticate",
G_CALLBACK (has_authorization_header_authenticate), &auth);
soup_session_send_message (session, msg);
soup_test_assert_message_status (msg, SOUP_STATUS_OK);
soup_test_assert (SOUP_IS_AUTH (auth), "Expected a SoupAuth");
token = soup_auth_get_authorization (auth, msg);
g_object_unref (auth);
g_object_unref (msg);
g_signal_handler_disconnect (session, auth_id);
manager = SOUP_AUTH_MANAGER (soup_session_get_feature (session, SOUP_TYPE_AUTH_MANAGER));
soup_auth_manager_clear_cached_credentials (manager);
msg = soup_message_new ("GET", uri);
soup_message_headers_replace (msg->request_headers, "Authorization", token);
auth_id = g_signal_connect (session, "authenticate",
G_CALLBACK (has_authorization_header_authenticate_assert),
NULL);
soup_session_send_message (session, msg);
soup_test_assert_message_status (msg, SOUP_STATUS_OK);
g_object_unref (msg);
/* Check that we can also provide our own Authorization header when not using credentials cache. */
soup_auth_manager_clear_cached_credentials (manager);
msg = soup_message_new ("GET", uri);
soup_message_headers_replace (msg->request_headers, "Authorization", token);
soup_message_set_flags (msg, soup_message_get_flags (msg) | SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE);
soup_session_send_message (session, msg);
soup_test_assert_message_status (msg, SOUP_STATUS_OK);
g_object_unref (msg);
g_free (token);
g_signal_handler_disconnect (session, auth_id);
g_free (uri);
soup_test_session_abort_unref (session);
}
/**
* soup_auth_save_password:
* @auth: a #SoupAuth
* @username: the username provided by the user or client
* @password: the password provided by the user or client
*
* Requests that the username/password pair be saved to whatever form
* of persistent password storage the session supports.
*
* Since: 2.28
**/
void
soup_auth_save_password (SoupAuth *auth, const char *username,
const char *password)
{
g_return_if_fail (SOUP_IS_AUTH (auth));
g_return_if_fail (username != NULL);
g_return_if_fail (password != NULL);
g_signal_emit (auth, signals[SAVE_PASSWORD], 0,
username, password);
}
/**
* soup_auth_is_ready:
* @auth: a #SoupAuth
* @msg: a #SoupMessage
*
* Tests if @auth is ready to make a request for @msg with. For most
* auths, this is equivalent to soup_auth_is_authenticated(), but for
* some auth types (eg, NTLM), the auth may be sendable (eg, as an
* authentication request) even before it is authenticated.
*
* Return value: %TRUE if @auth is ready to make a request with.
*
* Since: 2.42
**/
gboolean
soup_auth_is_ready (SoupAuth *auth,
SoupMessage *msg)
{
g_return_val_if_fail (SOUP_IS_AUTH (auth), TRUE);
g_return_val_if_fail (SOUP_IS_MESSAGE (msg), TRUE);
if (SOUP_AUTH_GET_CLASS (auth)->is_ready)
return SOUP_AUTH_GET_CLASS (auth)->is_ready (auth, msg);
else
return SOUP_AUTH_GET_CLASS (auth)->is_authenticated (auth);
}
/**
* soup_auth_get_saved_password:
* @auth: a #SoupAuth
* @user: a username from the list returned from
* soup_auth_get_saved_users().
*
* Given a username for which @auth has a saved password, this returns
* that password. If @auth doesn't have a passwords saved for @user, it
* returns %NULL.
*
* Return value: the saved password, or %NULL.
*
* Since: 2.28
**/
const char *
soup_auth_get_saved_password (SoupAuth *auth, const char *user)
{
SoupAuthPrivate *priv;
g_return_val_if_fail (SOUP_IS_AUTH (auth), NULL);
g_return_val_if_fail (user != NULL, NULL);
priv = SOUP_AUTH_GET_PRIVATE (auth);
if (!priv->saved_passwords)
return NULL;
return g_hash_table_lookup (priv->saved_passwords, user);
}
/**
* soup_auth_authenticate:
* @auth: a #SoupAuth
* @username: the username provided by the user or client
* @password: the password provided by the user or client
*
* Call this on an auth to authenticate it; normally this will cause
* the auth's message to be requeued with the new authentication info.
**/
void
soup_auth_authenticate (SoupAuth *auth, const char *username, const char *password)
{
gboolean was_authenticated;
g_return_if_fail (SOUP_IS_AUTH (auth));
g_return_if_fail (username != NULL);
g_return_if_fail (password != NULL);
was_authenticated = soup_auth_is_authenticated (auth);
SOUP_AUTH_GET_CLASS (auth)->authenticate (auth, username, password);
if (was_authenticated != soup_auth_is_authenticated (auth))
g_object_notify (G_OBJECT (auth), SOUP_AUTH_IS_AUTHENTICATED);
}
/**
* soup_auth_has_saved_password:
* @auth: a #SoupAuth
* @username: a username
* @password: a password
*
* Updates @auth to be aware of an already-saved username/password
* combination. This method <emphasis>does not</emphasis> cause the
* given @username and @password to be saved; use
* soup_auth_save_password() for that. (soup_auth_has_saved_password()
* is an internal method, which is used by the code that actually
* saves and restores the passwords.)
*
* Since: 2.28
**/
void
soup_auth_has_saved_password (SoupAuth *auth, const char *username,
const char *password)
{
SoupAuthPrivate *priv;
g_return_if_fail (SOUP_IS_AUTH (auth));
g_return_if_fail (username != NULL);
g_return_if_fail (password != NULL);
priv = SOUP_AUTH_GET_PRIVATE (auth);
if (!priv->saved_passwords)
init_saved_passwords (priv);
g_hash_table_insert (priv->saved_passwords,
g_strdup (username), g_strdup (password));
}
/**
* soup_auth_get_saved_users:
* @auth: a #SoupAuth
*
* Gets a list of usernames for which a saved password is available.
* (If the session is not configured to save passwords, this will
* always be %NULL.)
*
* Return value: (transfer container): the list of usernames. You must
* free the list with g_slist_free(), but do not free or modify the
* contents.
*
* Since: 2.28
**/
GSList *
soup_auth_get_saved_users (SoupAuth *auth)
{
SoupAuthPrivate *priv;
GSList *users;
g_return_val_if_fail (SOUP_IS_AUTH (auth), NULL);
priv = SOUP_AUTH_GET_PRIVATE (auth);
users = NULL;
if (priv->saved_passwords) {
GHashTableIter iter;
gpointer key, value;
g_hash_table_iter_init (&iter, priv->saved_passwords);
while (g_hash_table_iter_next (&iter, &key, &value))
users = g_slist_prepend (users, key);
}
return users;
}
