Panda3D
|
00001 // Filename: httpDigestAuthorization.h 00002 // Created by: drose (25Oct02) 00003 // 00004 //////////////////////////////////////////////////////////////////// 00005 // 00006 // PANDA 3D SOFTWARE 00007 // Copyright (c) Carnegie Mellon University. All rights reserved. 00008 // 00009 // All use of this software is subject to the terms of the revised BSD 00010 // license. You should have received a copy of this license along 00011 // with this source code in a file named "LICENSE." 00012 // 00013 //////////////////////////////////////////////////////////////////// 00014 00015 #ifndef HTTPDIGESTAUTHORIZATION_H 00016 #define HTTPDIGESTAUTHORIZATION_H 00017 00018 #include "pandabase.h" 00019 00020 // This module requires OpenSSL to compile, even though it doesn't 00021 // actually use any OpenSSL code, because it is a support module for 00022 // HTTPChannel, which *does* use OpenSSL code. 00023 00024 #ifdef HAVE_OPENSSL 00025 00026 #include "httpAuthorization.h" 00027 00028 //////////////////////////////////////////////////////////////////// 00029 // Class : HTTPDigestAuthorization 00030 // Description : Implements the "Digest" type of HTTP authorization. 00031 // This is designed to be an improvement over "Basic" 00032 // authorization, in that it does not send passwords 00033 // over the net in cleartext, and it is harder to spoof. 00034 //////////////////////////////////////////////////////////////////// 00035 class HTTPDigestAuthorization : public HTTPAuthorization { 00036 public: 00037 HTTPDigestAuthorization(const Tokens &tokens, const URLSpec &url, 00038 bool is_proxy); 00039 virtual ~HTTPDigestAuthorization(); 00040 00041 virtual const string &get_mechanism() const; 00042 virtual bool is_valid(); 00043 00044 virtual string generate(HTTPEnum::Method method, const string &request_path, 00045 const string &username, const string &body); 00046 00047 public: 00048 enum Algorithm { 00049 A_unknown, 00050 A_md5, 00051 A_md5_sess, 00052 }; 00053 enum Qop { 00054 // These are used as a bitfield. 00055 Q_unused = 0x000, 00056 Q_auth = 0x001, 00057 Q_auth_int = 0x002, 00058 }; 00059 00060 private: 00061 static int match_qop_token(const string &token); 00062 00063 string calc_request_digest(const string &username, const string &password, 00064 HTTPEnum::Method method, 00065 const string &request_path, const string &body); 00066 string calc_h(const string &data) const; 00067 string calc_kd(const string &secret, const string &data) const; 00068 string get_a1(const string &username, const string &password); 00069 string get_a2(HTTPEnum::Method method, const string &request_path, 00070 const string &body); 00071 string get_hex_nonce_count() const; 00072 00073 static string calc_md5(const string &source); 00074 INLINE static char hexdigit(int value); 00075 00076 string _cnonce; 00077 string _nonce; 00078 int _nonce_count; 00079 string _opaque; 00080 00081 Algorithm _algorithm; 00082 string _a1; 00083 00084 int _qop; 00085 Qop _chosen_qop; 00086 00087 static const string _mechanism; 00088 }; 00089 00090 ostream &operator << (ostream &out, HTTPDigestAuthorization::Algorithm algorithm); 00091 ostream &operator << (ostream &out, HTTPDigestAuthorization::Qop qop); 00092 00093 #include "httpDigestAuthorization.I" 00094 00095 #endif // HAVE_OPENSSL 00096 00097 #endif 00098