void HTTPCookieAuth::handleUnauthorized(HTTPRequestPtr& http_request, TCPConnectionPtr& tcp_conn) { // if redirection option is used, send redirect if (!m_redirect.empty()) { handleRedirection(http_request,tcp_conn,m_redirect,"",false); return; } // authentication failed, send 401..... static const std::string CONTENT = " <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\"" "\"http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd\">" "<HTML>" "<HEAD>" "<TITLE>Error</TITLE>" "<META HTTP-EQUIV=\"Content-Type\" CONTENT=\"text/html; charset=ISO-8859-1\">" "</HEAD>" "<BODY><H1>401 Unauthorized.</H1></BODY>" "</HTML> "; HTTPResponseWriterPtr writer(HTTPResponseWriter::create(tcp_conn, *http_request, boost::bind(&TCPConnection::finish, tcp_conn))); writer->getResponse().setStatusCode(HTTPTypes::RESPONSE_CODE_UNAUTHORIZED); writer->getResponse().setStatusMessage(HTTPTypes::RESPONSE_MESSAGE_UNAUTHORIZED); writer->writeNoCopy(CONTENT); writer->send(); }
/** * Chooses which I/O redirection to perform and sends arguments based on that * to handleRedirection(). If there is no redirection specified in the command, * nothing will happen. * * @param tokens A character string array containing the tokens from parsing * * @returns nothing */ void redirect(char** tokens) { for(int i = 0; tokens[i] != NULL; i++) { if(strCompare(tokens[i], ">")) { handleRedirection(tokens, &i, 1, O_CREAT | O_WRONLY | O_TRUNC); } if(strCompare(tokens[i], ">>")) { handleRedirection(tokens, &i, 1, O_WRONLY | O_APPEND); } if(strCompare(tokens[i], "<")) { handleRedirection(tokens, &i, 0, O_RDONLY); } } }
void Net::DownloadHandler::processFinishedDownload() { QString url = m_reply->url().toString(); qDebug("Download finished: %s", qUtf8Printable(url)); // Check if the request was successful if (m_reply->error() != QNetworkReply::NoError) { // Failure qDebug("Download failure (%s), reason: %s", qUtf8Printable(url), qUtf8Printable(errorCodeToString(m_reply->error()))); emit downloadFailed(m_downloadRequest.url(), errorCodeToString(m_reply->error())); this->deleteLater(); } else { // Check if the server ask us to redirect somewhere else const QVariant redirection = m_reply->attribute(QNetworkRequest::RedirectionTargetAttribute); if (redirection.isValid()) { // We should redirect handleRedirection(redirection.toUrl()); } else { // Success QByteArray replyData = m_reply->readAll(); if (m_reply->rawHeader("Content-Encoding") == "gzip") { // decompress gzip reply replyData = Utils::Gzip::decompress(replyData); } if (m_downloadRequest.saveToFile()) { QString filePath; if (saveToFile(replyData, filePath)) emit downloadFinished(m_downloadRequest.url(), filePath); else emit downloadFailed(m_downloadRequest.url(), tr("I/O Error")); } else { emit downloadFinished(m_downloadRequest.url(), replyData); } this->deleteLater(); } } }
bool HTTPCookieAuth::processLogin(HTTPRequestPtr& http_request, TCPConnectionPtr& tcp_conn) { // strip off trailing slash if the request has one std::string resource(HTTPServer::stripTrailingSlash(http_request->getResource())); if (resource != m_login && resource != m_logout) { return false; // no login processing done } std::string redirect_url = HTTPTypes::url_decode(http_request->getQuery("url")); std::string new_cookie; bool delete_cookie = false; if (resource == m_login) { // process login // check username std::string username = HTTPTypes::url_decode(http_request->getQuery("user")); std::string password = HTTPTypes::url_decode(http_request->getQuery("pass")); // match username/password PionUserPtr user=m_user_manager->getUser(username,password); if (!user) { // authentication failed, process as in case of failed authentication... handleUnauthorized(http_request,tcp_conn); return true; } // ok we have a new user session, create a new cookie, add to cache // create random cookie std::string rand_binary; rand_binary.reserve(RANDOM_COOKIE_BYTES); for (unsigned int i=0; i<RANDOM_COOKIE_BYTES ; i++) { rand_binary += static_cast<unsigned char>(m_random_die()); } HTTPTypes::base64_encode(rand_binary, new_cookie); // add new session to cache PionDateTime time_now(boost::posix_time::second_clock::universal_time()); boost::mutex::scoped_lock cache_lock(m_cache_mutex); m_user_cache.insert(std::make_pair(new_cookie,std::make_pair(time_now,user))); } else { // process logout sequence // if auth cookie presented - clean cache out const std::string auth_cookie(http_request->getCookie(AUTH_COOKIE_NAME)); if (! auth_cookie.empty()) { boost::mutex::scoped_lock cache_lock(m_cache_mutex); PionUserCache::iterator user_cache_itr=m_user_cache.find(auth_cookie); if (user_cache_itr!=m_user_cache.end()) { m_user_cache.erase(user_cache_itr); } } // and remove cookie from browser delete_cookie = true; } // if redirect defined - send redirect if (! redirect_url.empty()) { handleRedirection(http_request,tcp_conn,redirect_url,new_cookie,delete_cookie); } else { // otherwise - OK handleOk(http_request,tcp_conn,new_cookie,delete_cookie); } // yes, we processed login/logout somehow return true; }