static OCStackApplicationResult AmsMgrAclReqCallback(void *ctx, OCDoHandle handle,
OCClientResponse * clientResponse)
{
OC_LOG_V(INFO, TAG, "%s Begin", __func__ );
(void)handle;
PEContext_t *context = (PEContext_t *) ctx;
SRMAccessResponse_t rsps;
if (!ctx ||
!clientResponse ||
!clientResponse->payload||
(PAYLOAD_TYPE_SECURITY != clientResponse->payload->type) ||
(clientResponse->result != OC_STACK_OK))
{
SRMSendResponse(ACCESS_DENIED_AMS_SERVICE_ERROR);
goto exit;
}
if (context->state != AWAITING_AMS_RESPONSE)
{
OC_LOG_V(ERROR, TAG, "%s Invalid State ", __func__);
context->retVal = ACCESS_DENIED_AMS_SERVICE_ERROR;
SRMSendResponse(context->retVal);
return OC_STACK_DELETE_TRANSACTION;
}
// Verify before installing ACL if the ID of the sender of this ACL is an AMS
//service that this device trusts.
rsps = ACCESS_DENIED;
if((UUID_LENGTH == clientResponse->identity.id_length) &&
memcmp(context->amsMgrContext->amsDeviceId.id, clientResponse->identity.id,
sizeof(context->amsMgrContext->amsDeviceId.id)) == 0)
{
OCStackResult ret =
InstallNewACL(((OCSecurityPayload*)clientResponse->payload)->securityData);
VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR);
OC_LOG_V(INFO, TAG, "%s : Calling checkPermission", __func__);
rsps = CheckPermission(context, &context->subject, context->resource, context->permission);
VERIFY_SUCCESS(TAG, (true == IsAccessGranted(rsps)), ERROR);
OC_LOG_V(INFO, TAG, "%sAccess granted, Calling SRMCallCARequestHandler", __func__);
context->retVal = ACCESS_GRANTED;
SRMSendResponse(context->retVal);
return OC_STACK_DELETE_TRANSACTION;
}
exit:
context->retVal = ACCESS_DENIED_AMS_SERVICE_ERROR;
SRMSendResponse(context->retVal);
FreeCARequestInfo(context->amsMgrContext->requestInfo);
OICFree(context->amsMgrContext->endpoint);
return OC_STACK_DELETE_TRANSACTION;
}
static void InternalCallback(struct mg_connection *connection,
const struct mg_request_info *request)
{
MongooseServer* that = reinterpret_cast<MongooseServer*>(request->user_data);
MongooseOutputStream stream(connection);
HttpOutput output(stream, that->IsKeepAliveEnabled());
// Check remote calls
if (!that->IsRemoteAccessAllowed() &&
request->remote_ip != LOCALHOST)
{
output.SendUnauthorized(ORTHANC_REALM);
return;
}
// Extract the HTTP headers
IHttpHandler::Arguments headers;
for (int i = 0; i < request->num_headers; i++)
{
std::string name = request->http_headers[i].name;
std::transform(name.begin(), name.end(), name.begin(), ::tolower);
headers.insert(std::make_pair(name, request->http_headers[i].value));
}
// Extract the GET arguments
IHttpHandler::GetArguments argumentsGET;
if (!strcmp(request->request_method, "GET"))
{
HttpToolbox::ParseGetArguments(argumentsGET, request->query_string);
}
// Compute the HTTP method, taking method faking into consideration
HttpMethod method = HttpMethod_Get;
if (!ExtractMethod(method, request, headers, argumentsGET))
{
output.SendStatus(HttpStatus_400_BadRequest);
return;
}
// Authenticate this connection
if (that->IsAuthenticationEnabled() && !IsAccessGranted(*that, headers))
{
output.SendUnauthorized(ORTHANC_REALM);
return;
}
// Apply the filter, if it is installed
const IIncomingHttpRequestFilter *filter = that->GetIncomingHttpRequestFilter();
if (filter != NULL)
{
std::string username = GetAuthenticatedUsername(headers);
char remoteIp[24];
sprintf(remoteIp, "%d.%d.%d.%d",
reinterpret_cast<const uint8_t*>(&request->remote_ip) [3],
reinterpret_cast<const uint8_t*>(&request->remote_ip) [2],
reinterpret_cast<const uint8_t*>(&request->remote_ip) [1],
reinterpret_cast<const uint8_t*>(&request->remote_ip) [0]);
if (!filter->IsAllowed(method, request->uri, remoteIp, username.c_str()))
{
output.SendUnauthorized(ORTHANC_REALM);
return;
}
}
// Extract the body of the request for PUT and POST
// TODO Avoid unneccessary memcopy of the body
std::string body;
if (method == HttpMethod_Post ||
method == HttpMethod_Put)
{
PostDataStatus status;
IHttpHandler::Arguments::const_iterator ct = headers.find("content-type");
if (ct == headers.end())
{
// No content-type specified. Assume no multi-part content occurs at this point.
status = ReadBody(body, connection, headers);
}
else
{
std::string contentType = ct->second;
if (contentType.size() >= multipartLength &&
!memcmp(contentType.c_str(), multipart, multipartLength))
{
status = ParseMultipartPost(body, connection, headers, contentType, that->GetChunkStore());
}
else
{
status = ReadBody(body, connection, headers);
}
}
switch (status)
{
case PostDataStatus_NoLength:
output.SendStatus(HttpStatus_411_LengthRequired);
return;
case PostDataStatus_Failure:
output.SendStatus(HttpStatus_400_BadRequest);
return;
case PostDataStatus_Pending:
output.SendBody();
return;
default:
break;
}
}
// Decompose the URI into its components
UriComponents uri;
try
{
Toolbox::SplitUriComponents(uri, request->uri);
}
catch (OrthancException)
{
output.SendStatus(HttpStatus_400_BadRequest);
return;
}
LOG(INFO) << EnumerationToString(method) << " " << Toolbox::FlattenUri(uri);
bool found = false;
try
{
if (that->HasHandler())
{
found = that->GetHandler().Handle(output, method, uri, headers, argumentsGET, body.c_str(), body.size());
}
}
catch (OrthancException& e)
{
// Using this candidate handler results in an exception
LOG(ERROR) << "Exception in the HTTP handler: " << e.What();
try
{
switch (e.GetErrorCode())
{
case ErrorCode_InexistentFile:
case ErrorCode_InexistentItem:
case ErrorCode_UnknownResource:
output.SendStatus(HttpStatus_404_NotFound);
break;
case ErrorCode_BadRequest:
case ErrorCode_UriSyntax:
output.SendStatus(HttpStatus_400_BadRequest);
break;
default:
output.SendStatus(HttpStatus_500_InternalServerError);
}
}
catch (OrthancException&)
{
// An exception here reflects the fact that an exception was
// triggered after the status code was sent by the HTTP handler.
}
return;
}
catch (boost::bad_lexical_cast&)
{
LOG(ERROR) << "Exception in the HTTP handler: Bad lexical cast";
output.SendStatus(HttpStatus_400_BadRequest);
return;
}
catch (std::runtime_error&)
{
LOG(ERROR) << "Exception in the HTTP handler: Presumably a bad JSON request";
output.SendStatus(HttpStatus_400_BadRequest);
return;
}
if (!found)
{
output.SendStatus(HttpStatus_404_NotFound);
}
}
