mirror
/
esp-idf
kopia lustrzana https://github.com/espressif/esp-idf
1
0
Forkuj 0
Kod Zgłoszenia Projekty Wydania Wiki Aktywność

example/http_server: add basic authenticated example to HTTP server 

Closes https://github.com/espressif/esp-idf/issues/5646
pull/6718/head
Liu Han 2020-11-27 18:17:04 +08:00 zatwierdzone przez bot
rodzic 0bbc721a63
commit 94512a76b7
3 zmienionych plików z 153 dodań i 1 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

29
examples/protocols/http_server/simple/main/Kconfig.projbuild 100644
Wyświetl plik

@ -0,0 +1,29 @@
menu "Example Configuration"
config EXAMPLE_BASIC_AUTH
bool "Basic Authentication"
default n
help
Basic Authentication is a method for an HTTP user agent (e.g. a web browser)
to provide a user name and password when making a request. It is the simplest
technique for enforcing access controls to web resources. because it doesn't
require cookies, session identifiers, or login pages; rather, it uses standard
fields in the HTTP header.
Note that, Basic Authentication is not encrypted channel and also easy to retrieve
credentials as they are sent in plain text format.
config EXAMPLE_BASIC_AUTH_USERNAME
string "Basic Authenticate User Name"
depends on EXAMPLE_BASIC_AUTH
default "ESP32"
help
The client's user name which used for basic authenticate.
config EXAMPLE_BASIC_AUTH_PASSWORD
string "Basic Authenticate Password"
depends on EXAMPLE_BASIC_AUTH
default "ESP32Webserver"
help
The client's password which used for basic authenticate.
endmenu

124
examples/protocols/http_server/simple/main/main.c
Wyświetl plik

@ -17,7 +17,7 @@
#include "esp_netif.h"
#include "esp_eth.h"
#include "protocol_examples_common.h"
#include "esp_tls_crypto.h"
#include <esp_http_server.h>
/* A simple example that demonstrates how to create GET and POST
@ -26,6 +26,125 @@
static const char *TAG = "example";
#if CONFIG_EXAMPLE_BASIC_AUTH
typedef struct {
char *username;
char *password;
} basic_auth_info_t;
#define HTTPD_401 "401 UNAUTHORIZED" /*!< HTTP Response 401 */
static char *http_auth_basic(const char *username, const char *password)
{
int out;
char *user_info = NULL;
char *digest = NULL;
size_t n = 0;
asprintf(&user_info, "%s:%s", username, password);
if (!user_info) {
ESP_LOGE(TAG, "No enough memory for user information");
return NULL;
}
esp_crypto_base64_encode(NULL, 0, &n, (const unsigned char *)user_info, strlen(user_info));
/* 6: The length of the "Basic " string
* n: Number of bytes for a base64 encode format
* 1: Number of bytes for a reserved which be used to fill zero
*/
digest = calloc(1, 6 + n + 1);
if (digest) {
strcpy(digest, "Basic ");
esp_crypto_base64_encode((unsigned char *)digest + 6, n, (size_t *)&out, (const unsigned char *)user_info, strlen(user_info));
}
free(user_info);
return digest;
}
/* An HTTP GET handler */
static esp_err_t basic_auth_get_handler(httpd_req_t *req)
{
char *buf = NULL;
size_t buf_len = 0;
basic_auth_info_t *basic_auth_info = req->user_ctx;
buf_len = httpd_req_get_hdr_value_len(req, "Authorization") + 1;
if (buf_len > 1) {
buf = calloc(1, buf_len);
if (!buf) {
ESP_LOGE(TAG, "No enough memory for basic authorization");
return ESP_ERR_NO_MEM;
}
if (httpd_req_get_hdr_value_str(req, "Authorization", buf, buf_len) == ESP_OK) {
ESP_LOGI(TAG, "Found header => Authorization: %s", buf);
} else {
ESP_LOGE(TAG, "No auth value received");
}
char *auth_credentials = http_auth_basic(basic_auth_info->username, basic_auth_info->password);
if (!auth_credentials) {
ESP_LOGE(TAG, "No enough memory for basic authorization credentials");
free(buf);
return ESP_ERR_NO_MEM;
}
if (strncmp(auth_credentials, buf, buf_len)) {
ESP_LOGE(TAG, "Not authenticated");
httpd_resp_set_status(req, HTTPD_401);
httpd_resp_set_type(req, "application/json");
httpd_resp_set_hdr(req, "Connection", "keep-alive");
httpd_resp_set_hdr(req, "WWW-Authenticate", "Basic realm=\"Hello\"");
httpd_resp_send(req, NULL, 0);
} else {
ESP_LOGI(TAG, "Authenticated!");
char *basic_auth_resp = NULL;
httpd_resp_set_status(req, HTTPD_200);
httpd_resp_set_type(req, "application/json");
httpd_resp_set_hdr(req, "Connection", "keep-alive");
asprintf(&basic_auth_resp, "{\"authenticated\": true,\"user\": \"%s\"}", basic_auth_info->username);
if (!basic_auth_resp) {
ESP_LOGE(TAG, "No enough memory for basic authorization response");
free(auth_credentials);
free(buf);
return ESP_ERR_NO_MEM;
}
httpd_resp_send(req, basic_auth_resp, strlen(basic_auth_resp));
free(basic_auth_resp);
}
free(auth_credentials);
free(buf);
} else {
ESP_LOGE(TAG, "No auth header received");
httpd_resp_set_status(req, HTTPD_401);
httpd_resp_set_type(req, "application/json");
httpd_resp_set_hdr(req, "Connection", "keep-alive");
httpd_resp_set_hdr(req, "WWW-Authenticate", "Basic realm=\"Hello\"");
httpd_resp_send(req, NULL, 0);
}
return ESP_OK;
}
static httpd_uri_t basic_auth = {
.uri = "/basic_auth",
.method = HTTP_GET,
.handler = basic_auth_get_handler,
};
static void httpd_register_basic_auth(httpd_handle_t server)
{
basic_auth_info_t *basic_auth_info = calloc(1, sizeof(basic_auth_info_t));
if (basic_auth_info) {
basic_auth_info->username = CONFIG_EXAMPLE_BASIC_AUTH_USERNAME;
basic_auth_info->password = CONFIG_EXAMPLE_BASIC_AUTH_PASSWORD;
basic_auth.user_ctx = basic_auth_info;
httpd_register_uri_handler(server, &basic_auth);
}
}
#endif
/* An HTTP GET handler */
static esp_err_t hello_get_handler(httpd_req_t *req)
{
@ -233,6 +352,9 @@ static httpd_handle_t start_webserver(void)
httpd_register_uri_handler(server, &hello);
httpd_register_uri_handler(server, &echo);
httpd_register_uri_handler(server, &ctrl);
#if CONFIG_EXAMPLE_BASIC_AUTH
httpd_register_basic_auth(server);
#endif
return server;
}

1
examples/protocols/http_server/simple/sdkconfig.ci.basic_auth 100644
Wyświetl plik

@ -0,0 +1 @@
CONFIG_EXAMPLE_BASIC_AUTH=y