struct curl_slist * hmac_sign(const char * method, const char * path, struct curl_slist *headers, const Credentials * credentials) { if (valid_credentials(credentials)) { headers = add_date_header_if_missing(headers); char * signature = build_signature(method, path, headers, credentials->secret_key); char * auth_header = build_auth_header(credentials->access_id, signature); curl_slist_append(headers, auth_header); free(signature); free(auth_header); } return headers; }
apr_status_t serf__setup_request_digest_auth(peer_t peer, int code, serf_connection_t *conn, serf_request_t *request, const char *method, const char *uri, serf_bucket_t *hdrs_bkt) { digest_authn_info_t *digest_info = (peer == HOST) ? conn->authn_baton : conn->proxy_authn_baton; apr_status_t status = APR_SUCCESS; if (digest_info && digest_info->realm) { const char *value; apr_uri_t parsed_uri; /* TODO: per request pool? */ /* Extract path from uri. */ status = apr_uri_parse(conn->pool, uri, &parsed_uri); /* Build a new Authorization header. */ digest_info->header = (peer == HOST) ? "Authorization" : "Proxy-Authorization"; value = build_auth_header(digest_info, parsed_uri.path, method, conn->pool); serf_bucket_headers_setn(hdrs_bkt, digest_info->header, value); digest_info->digest_nc++; /* Store the uri of this request on the serf_request_t object, to make it available when validating the Authentication-Info header of the matching response. */ request->auth_baton = parsed_uri.path; } return status; }
/* Implements serf__setup_request_func_t callback. */ static apr_status_t serf__setup_request_digest_auth(peer_t peer, int code, serf_connection_t *conn, serf_request_t *request, const char *method, const char *uri, serf_bucket_t *hdrs_bkt) { serf_context_t *ctx = conn->ctx; serf__authn_info_t *authn_info; digest_authn_info_t *digest_info; apr_status_t status; if (peer == HOST) { authn_info = serf__get_authn_info_for_server(conn); } else { authn_info = &ctx->proxy_authn_info; } digest_info = authn_info->baton; if (digest_info && digest_info->realm) { const char *value; const char *path; /* TODO: per request pool? */ /* for request 'CONNECT serf.googlecode.com:443', the uri also should be serf.googlecode.com:443. apr_uri_parse can't handle this, so special case. */ if (strcmp(method, "CONNECT") == 0) path = uri; else { apr_uri_t parsed_uri; /* Extract path from uri. */ status = apr_uri_parse(conn->pool, uri, &parsed_uri); if (status) return status; path = parsed_uri.path; } /* Build a new Authorization header. */ digest_info->header = (peer == HOST) ? "Authorization" : "Proxy-Authorization"; status = build_auth_header(&value, digest_info, path, method, conn->pool); if (status) return status; serf_bucket_headers_setn(hdrs_bkt, digest_info->header, value); digest_info->digest_nc++; /* Store the uri of this request on the serf_request_t object, to make it available when validating the Authentication-Info header of the matching response. */ request->auth_baton = (void *)path; } return APR_SUCCESS; }