/usr/include/pion/net/HTTPAuth.hpp is in libpion-net-dev 4.0.7+dfsg-3.1ubuntu2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 | // ------------------------------------------------------------------
// pion-net: a C++ framework for building lightweight HTTP interfaces
// ------------------------------------------------------------------
// Copyright (C) 2007-2008 Atomic Labs, Inc. (http://www.atomiclabs.com)
//
// Distributed under the Boost Software License, Version 1.0.
// See http://www.boost.org/LICENSE_1_0.txt
//
#ifndef __PION_HTTPAUTH_HEADER__
#define __PION_HTTPAUTH_HEADER__
#include <set>
#include <boost/noncopyable.hpp>
#include <boost/shared_ptr.hpp>
#include <pion/PionConfig.hpp>
#include <pion/PionLogger.hpp>
#include <pion/PionException.hpp>
#include <pion/net/PionUser.hpp>
#include <pion/net/TCPConnection.hpp>
#include <pion/net/HTTPRequest.hpp>
namespace pion { // begin namespace pion
namespace net { // begin namespace net (Pion Network Library)
///
/// HTTPAuth: a base class for handling HTTP Authentication and session management
///
class PION_NET_API HTTPAuth :
private boost::noncopyable
{
public:
/// exception thrown if the service does not recognize a configuration option
class UnknownOptionException : public PionException {
public:
UnknownOptionException(const std::string& name)
: PionException("Option not recognized by authentication service: ", name) {}
};
/// default constructor
HTTPAuth(PionUserManagerPtr userManager)
: m_logger(PION_GET_LOGGER("pion.net.HTTPAuth")),
m_user_manager(userManager)
{}
/// virtual destructor
virtual ~HTTPAuth() {}
/**
* attempts to validate authentication of a new HTTP request.
* If request valid, pointer to user identity object (if any) will be preserved in
* the request and return "true".
* If request not authenticated, appropriate response is sent over tcp_conn
* and return "false";
*
* @param request the new HTTP request to handle
* @param tcp_conn the TCP connection that has the new request
*
* @return true if request valid and user identity inserted into request
*/
virtual bool handleRequest(HTTPRequestPtr& request, TCPConnectionPtr& tcp_conn) = 0;
/**
* sets a configuration option
*
* @param name the name of the option to change
* @param value the value of the option
*/
virtual void setOption(const std::string& name, const std::string& value) {
throw UnknownOptionException(name);
}
/**
* adds a resource that requires authentication
*
* @param resource the resource name or uri-stem that requires authentication
*/
void addRestrict(const std::string& resource);
/**
* adds a resource that does NOT require authentication
*
* @param resource the resource name or uri-stem that does not require authentication
*/
void addPermit(const std::string& resource);
/**
* used to add a new user
*
* @ return false if user with such name already exists
*/
virtual bool addUser(std::string const &username, std::string const &password) {
return m_user_manager->addUser(username, password);
}
/**
* update password for given user
*
* @return false if user with such a name doesn't exist
*/
virtual bool updateUser(std::string const &username, std::string const &password) {
return m_user_manager->updateUser(username, password);
}
/**
* used to remove given user
*
* @return false if no user with such username
*/
virtual bool removeUser(std::string const &username) {
return m_user_manager->removeUser(username);
};
/**
* Used to locate user object by username
*/
virtual PionUserPtr getUser(std::string const &username) {
return m_user_manager->getUser(username);
}
protected:
/// data type for a set of resources to be authenticated
typedef std::set<std::string> AuthResourceSet;
/**
* check if given HTTP request requires authentication
*
* @param http_request the HTTP request to check
*/
bool needAuthentication(HTTPRequestPtr const& http_request) const;
/**
* tries to find a resource in a given collection
*
* @param resource_set the collection of resource to look in
* @param resource the resource to look for
*
* @return true if the resource was found
*/
bool findResource(const AuthResourceSet& resource_set,
const std::string& resource) const;
/// sets the logger to be used
inline void setLogger(PionLogger log_ptr) { m_logger = log_ptr; }
/// primary logging interface used by this class
mutable PionLogger m_logger;
/// container used to manager user objects
PionUserManagerPtr m_user_manager;
/// collection of resources that require authentication
AuthResourceSet m_restrict_list;
/// collection of resources that do NOT require authentication
AuthResourceSet m_white_list;
/// mutex used to protect access to the resources
mutable boost::mutex m_resource_mutex;
};
/// data type for a HTTPAuth pointer
typedef boost::shared_ptr<HTTPAuth> HTTPAuthPtr;
} // end namespace net
} // end namespace pion
#endif
|