HttpAuthentication.h revision 895fa41e
1/*
2 * Copyright 2010-2014 Haiku Inc. All rights reserved.
3 * Distributed under the terms of the MIT License.
4 */
5#ifndef _B_HTTP_AUTHENTICATION_H_
6#define _B_HTTP_AUTHENTICATION_H_
7
8
9#include <Locker.h>
10#include <String.h>
11#include <Url.h>
12
13// HTTP authentication method
14enum BHttpAuthenticationMethod {
15	B_HTTP_AUTHENTICATION_NONE = 0,
16		// No authentication
17	B_HTTP_AUTHENTICATION_BASIC = 1,
18		// Basic base64 authentication method (unsecure)
19	B_HTTP_AUTHENTICATION_DIGEST = 2,
20		// Digest authentication
21	B_HTTP_AUTHENTICATION_IE_DIGEST = 4
22		// Slightly modified digest authentication to mimic old IE one
23};
24
25
26enum BHttpAuthenticationAlgorithm {
27	B_HTTP_AUTHENTICATION_ALGORITHM_NONE,
28	B_HTTP_AUTHENTICATION_ALGORITHM_MD5,
29	B_HTTP_AUTHENTICATION_ALGORITHM_MD5_SESS
30};
31
32
33enum BHttpAuthenticationQop {
34	B_HTTP_QOP_NONE,
35	B_HTTP_QOP_AUTH,
36	B_HTTP_QOP_AUTHINT
37};
38
39
40class BHttpAuthentication {
41public:
42								BHttpAuthentication();
43								BHttpAuthentication(const BString& username,
44									const BString& password);
45
46	// Field modification
47			void				SetUserName(const BString& username);
48			void				SetPassword(const BString& password);
49			void				SetMethod(
50									BHttpAuthenticationMethod type);
51			status_t			Initialize(const BString& wwwAuthenticate);
52
53	// Field access
54			const BString&		UserName() const;
55			const BString&		Password() const;
56			BHttpAuthenticationMethod Method() const;
57
58			BString				Authorization(const BUrl& url,
59									const BString& method) const;
60
61	// Base64 encoding
62	// TODO: Move to a common place. We may have multiple implementations
63	// in the Haiku tree...
64	static	BString				Base64Encode(const BString& string);
65	static	BString				Base64Decode(const BString& string);
66
67
68private:
69			BString				_DigestResponse(const BString& uri,
70									const BString& method) const;
71			// TODO: Rename these? _H seems to return a hash value,
72			// _KD returns a hash value of the "data" prepended by
73			// the "secret" string...
74			BString				_H(const BString& value) const;
75			BString				_KD(const BString& secret,
76									const BString& data) const;
77
78private:
79			BHttpAuthenticationMethod fAuthenticationMethod;
80			BString				fUserName;
81			BString				fPassword;
82
83			BString				fRealm;
84			BString				fDigestNonce;
85	mutable	BString				fDigestCnonce;
86	mutable int					fDigestNc;
87			BString				fDigestOpaque;
88			bool				fDigestStale;
89			BHttpAuthenticationAlgorithm fDigestAlgorithm;
90			BHttpAuthenticationQop fDigestQop;
91
92			BString				fAuthorizationString;
93
94	mutable	BLocker				fLock;
95};
96
97#endif // _B_HTTP_AUTHENTICATION_H_
98