alex/esp-idf
alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2024-09-20 00:36:01 -04:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

example/http_server: add basic authenticated example to HTTP server

Browse Source 
Closes https://github.com/espressif/esp-idf/issues/5646
This commit is contained in:
Liu Han 2020-11-27 18:17:04 +08:00 committed by bot
parent 0bbc721a63
commit 94512a76b7
3 changed files with 153 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
examples/protocols/http_server/simple/main/Kconfig.projbuild Normal file
View File

@ -0,0 +1,29 @@
menu "Example Configuration"
config EXAMPLE_BASIC_AUTH
bool "Basic Authentication"
default n
help
Basic Authentication is a method for an HTTP user agent (e.g. a web browser)
to provide a user name and password when making a request. It is the simplest
technique for enforcing access controls to web resources. because it doesn't
require cookies, session identifiers, or login pages; rather, it uses standard
fields in the HTTP header.
Note that, Basic Authentication is not encrypted channel and also easy to retrieve
credentials as they are sent in plain text format.
config EXAMPLE_BASIC_AUTH_USERNAME
string "Basic Authenticate User Name"
depends on EXAMPLE_BASIC_AUTH
default "ESP32"
help
The client's user name which used for basic authenticate.
config EXAMPLE_BASIC_AUTH_PASSWORD
string "Basic Authenticate Password"
depends on EXAMPLE_BASIC_AUTH
default "ESP32Webserver"
help
The client's password which used for basic authenticate.
endmenu

124
examples/protocols/http_server/simple/main/main.c
View File

@ -17,7 +17,7 @@
#include "esp_netif.h"
#include "esp_eth.h"
#include "protocol_examples_common.h"
#include "esp_tls_crypto.h"
#include <esp_http_server.h>
/* A simple example that demonstrates how to create GET and POST
@ -26,6 +26,125 @@
static const char *TAG = "example";
#if CONFIG_EXAMPLE_BASIC_AUTH
typedef struct {
char *username;
char *password;
} basic_auth_info_t;
#define HTTPD_401 "401 UNAUTHORIZED" /*!< HTTP Response 401 */
static char *http_auth_basic(const char *username, const char *password)
{
int out;
char *user_info = NULL;
char *digest = NULL;
size_t n = 0;
asprintf(&user_info, "%s:%s", username, password);
if (!user_info) {
ESP_LOGE(TAG, "No enough memory for user information");
return NULL;
}
esp_crypto_base64_encode(NULL, 0, &n, (const unsigned char *)user_info, strlen(user_info));
/* 6: The length of the "Basic " string
* n: Number of bytes for a base64 encode format
* 1: Number of bytes for a reserved which be used to fill zero
*/
digest = calloc(1, 6 + n + 1);
if (digest) {
strcpy(digest, "Basic ");
esp_crypto_base64_encode((unsigned char *)digest + 6, n, (size_t *)&out, (const unsigned char *)user_info, strlen(user_info));
}
free(user_info);
return digest;
}
/* An HTTP GET handler */
static esp_err_t basic_auth_get_handler(httpd_req_t *req)
{
char *buf = NULL;
size_t buf_len = 0;
basic_auth_info_t *basic_auth_info = req->user_ctx;
buf_len = httpd_req_get_hdr_value_len(req, "Authorization") + 1;
if (buf_len > 1) {
buf = calloc(1, buf_len);
if (!buf) {
ESP_LOGE(TAG, "No enough memory for basic authorization");
return ESP_ERR_NO_MEM;
}
if (httpd_req_get_hdr_value_str(req, "Authorization", buf, buf_len) == ESP_OK) {
ESP_LOGI(TAG, "Found header => Authorization: %s", buf);
} else {
ESP_LOGE(TAG, "No auth value received");
}
char *auth_credentials = http_auth_basic(basic_auth_info->username, basic_auth_info->password);
if (!auth_credentials) {
ESP_LOGE(TAG, "No enough memory for basic authorization credentials");
free(buf);
return ESP_ERR_NO_MEM;
}
if (strncmp(auth_credentials, buf, buf_len)) {
ESP_LOGE(TAG, "Not authenticated");
httpd_resp_set_status(req, HTTPD_401);
httpd_resp_set_type(req, "application/json");
httpd_resp_set_hdr(req, "Connection", "keep-alive");
httpd_resp_set_hdr(req, "WWW-Authenticate", "Basic realm=\"Hello\"");
httpd_resp_send(req, NULL, 0);
} else {
ESP_LOGI(TAG, "Authenticated!");
char *basic_auth_resp = NULL;
httpd_resp_set_status(req, HTTPD_200);
httpd_resp_set_type(req, "application/json");
httpd_resp_set_hdr(req, "Connection", "keep-alive");
asprintf(&basic_auth_resp, "{\"authenticated\": true,\"user\": \"%s\"}", basic_auth_info->username);
if (!basic_auth_resp) {
ESP_LOGE(TAG, "No enough memory for basic authorization response");
free(auth_credentials);
free(buf);
return ESP_ERR_NO_MEM;
}
httpd_resp_send(req, basic_auth_resp, strlen(basic_auth_resp));
free(basic_auth_resp);
}
free(auth_credentials);
free(buf);
} else {
ESP_LOGE(TAG, "No auth header received");
httpd_resp_set_status(req, HTTPD_401);
httpd_resp_set_type(req, "application/json");
httpd_resp_set_hdr(req, "Connection", "keep-alive");
httpd_resp_set_hdr(req, "WWW-Authenticate", "Basic realm=\"Hello\"");
httpd_resp_send(req, NULL, 0);
}
return ESP_OK;
}
static httpd_uri_t basic_auth = {
.uri = "/basic_auth",
.method = HTTP_GET,
.handler = basic_auth_get_handler,
};
static void httpd_register_basic_auth(httpd_handle_t server)
{
basic_auth_info_t *basic_auth_info = calloc(1, sizeof(basic_auth_info_t));
if (basic_auth_info) {
basic_auth_info->username = CONFIG_EXAMPLE_BASIC_AUTH_USERNAME;
basic_auth_info->password = CONFIG_EXAMPLE_BASIC_AUTH_PASSWORD;
basic_auth.user_ctx = basic_auth_info;
httpd_register_uri_handler(server, &basic_auth);
}
}
#endif
/* An HTTP GET handler */
static esp_err_t hello_get_handler(httpd_req_t *req)
{
@ -233,6 +352,9 @@ static httpd_handle_t start_webserver(void)
httpd_register_uri_handler(server, &hello);
httpd_register_uri_handler(server, &echo);
httpd_register_uri_handler(server, &ctrl);
#if CONFIG_EXAMPLE_BASIC_AUTH
httpd_register_basic_auth(server);
#endif
return server;
}

1
examples/protocols/http_server/simple/sdkconfig.ci.basic_auth Normal file
View File

@ -0,0 +1 @@
CONFIG_EXAMPLE_BASIC_AUTH=y