mirror of
https://gitee.com/zyjblog/oatpp.git
synced 2024-12-22 22:16:37 +08:00
Quick draft for an additional AUTHORIZATION-Macro which is inspired by spring.io's @Authenticate annotation.
Supports custom Objects and Handler so its easy to use and yields an object reflecting the authenticated user, so no extra work in the endpoint-code needs to be done (like in spring.io).
This commit is contained in:
parent
0a7d8eee85
commit
04d5fc7441
@ -3,6 +3,8 @@ cmake_minimum_required(VERSION 3.1 FATAL_ERROR)
|
||||
file(STRINGS "${CMAKE_CURRENT_LIST_DIR}/src/oatpp/core/base/Environment.hpp" OATPP_VERSION_MACRO REGEX "#define OATPP_VERSION \"[0-9]+.[0-9]+.[0-9]+\"$")
|
||||
string(REGEX REPLACE "#define OATPP_VERSION \"([0-9]+.[0-9]+.[0-9]+)\"$" "\\1" oatpp_VERSION "${OATPP_VERSION_MACRO}")
|
||||
|
||||
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fmacro-backtrace-limit=0")
|
||||
|
||||
###################################################################################################
|
||||
## These variables are passed to oatpp-module-install.cmake script
|
||||
## use these variables to configure module installation
|
||||
@ -17,7 +19,7 @@ set(OATPP_THIS_MODULE_DIRECTORIES oatpp oatpp-test) ## list of directories to in
|
||||
|
||||
project(oatpp VERSION ${OATPP_THIS_MODULE_VERSION} LANGUAGES CXX)
|
||||
|
||||
option(BUILD_SHARED_LIBS "Build shared libraries" OFF)
|
||||
option(BUILD_SHARED_LIBS "Build shared libraries" OFF)
|
||||
option(OATPP_INSTALL "Create installation target for oat++" ON)
|
||||
option(OATPP_BUILD_TESTS "Create test target for oat++" ON)
|
||||
|
||||
|
@ -209,6 +209,8 @@ add_library(oatpp
|
||||
oatpp/web/server/api/ApiController.hpp
|
||||
oatpp/web/server/api/Endpoint.cpp
|
||||
oatpp/web/server/api/Endpoint.hpp
|
||||
oatpp/web/server/handler/AuthorizationHandler.cpp
|
||||
oatpp/web/server/handler/AuthorizationHandler.hpp
|
||||
oatpp/web/server/handler/ErrorHandler.cpp
|
||||
oatpp/web/server/handler/ErrorHandler.hpp
|
||||
oatpp/web/server/handler/Interceptor.cpp
|
||||
|
@ -52,12 +52,13 @@
|
||||
#define OATPP_MACRO_API_CLIENT_PARAM_NAME_STR(MACRO, TYPE, PARAM_LIST) OATPP_MACRO_FIRSTARG_STR PARAM_LIST
|
||||
#define OATPP_MACRO_API_CLIENT_PARAM(MACRO, TYPE, PARAM_LIST) (MACRO, TYPE, PARAM_LIST)
|
||||
|
||||
#define HEADER(TYPE, ...) OATPP_MACRO_API_CLIENT_PARAM(OATPP_MACRO_API_CLIENT_HEADER, TYPE, (__VA_ARGS__))
|
||||
#define PATH(TYPE, ...) OATPP_MACRO_API_CLIENT_PARAM(OATPP_MACRO_API_CLIENT_PATH, TYPE, (__VA_ARGS__))
|
||||
#define QUERY(TYPE, ...) OATPP_MACRO_API_CLIENT_PARAM(OATPP_MACRO_API_CLIENT_QUERY, TYPE, (__VA_ARGS__))
|
||||
#define BODY(TYPE, ...) OATPP_MACRO_API_CLIENT_PARAM(OATPP_MACRO_API_CLIENT_BODY, TYPE, (__VA_ARGS__))
|
||||
#define BODY_DTO(TYPE, ...) OATPP_MACRO_API_CLIENT_PARAM(OATPP_MACRO_API_CLIENT_BODY_DTO, TYPE, (__VA_ARGS__))
|
||||
#define BODY_STRING(TYPE, ...) OATPP_MACRO_API_CLIENT_PARAM(OATPP_MACRO_API_CLIENT_BODY_STRING, TYPE, (__VA_ARGS__))
|
||||
#define HEADER(TYPE, ...) OATPP_MACRO_API_CLIENT_PARAM(OATPP_MACRO_API_CLIENT_HEADER, TYPE, (__VA_ARGS__))
|
||||
#define PATH(TYPE, ...) OATPP_MACRO_API_CLIENT_PARAM(OATPP_MACRO_API_CLIENT_PATH, TYPE, (__VA_ARGS__))
|
||||
#define QUERY(TYPE, ...) OATPP_MACRO_API_CLIENT_PARAM(OATPP_MACRO_API_CLIENT_QUERY, TYPE, (__VA_ARGS__))
|
||||
#define BODY(TYPE, ...) OATPP_MACRO_API_CLIENT_PARAM(OATPP_MACRO_API_CLIENT_BODY, TYPE, (__VA_ARGS__))
|
||||
#define BODY_DTO(TYPE, ...) OATPP_MACRO_API_CLIENT_PARAM(OATPP_MACRO_API_CLIENT_BODY_DTO, TYPE, (__VA_ARGS__))
|
||||
#define BODY_STRING(TYPE, ...) OATPP_MACRO_API_CLIENT_PARAM(OATPP_MACRO_API_CLIENT_BODY_STRING, TYPE, (__VA_ARGS__))
|
||||
#define AUTHORIZATION(TYPE, ...) OATPP_MACRO_API_CLIENT_PARAM(OATPP_MACRO_API_CLIENT_AUTHORIZATION, TYPE, (__VA_ARGS__))
|
||||
|
||||
//////////////////////////////////////////////////////////////////////////
|
||||
|
||||
@ -132,6 +133,11 @@ __body = oatpp::web::protocol::http::outgoing::DtoBody::createShared(OATPP_MACRO
|
||||
#define OATPP_MACRO_API_CLIENT_BODY_STRING(TYPE, PARAM_LIST) \
|
||||
__body = oatpp::web::protocol::http::outgoing::BufferBody::createShared(OATPP_MACRO_FIRSTARG PARAM_LIST);
|
||||
|
||||
// AUTHORIZATION MACRO
|
||||
|
||||
#define OATPP_MACRO_API_CLIENT_AUTHORIZATION(TYPE, NAME) \
|
||||
__headers->put("Authorization", String("Basic ")+oatpp::encoding::Base64::encode(NAME));
|
||||
|
||||
// FOR EACH
|
||||
|
||||
#define OATPP_MACRO_API_CLIENT_PARAM_DECL(INDEX, COUNT, X) \
|
||||
|
@ -74,6 +74,9 @@ OATPP_MACRO_API_CONTROLLER_PARAM(OATPP_MACRO_API_CONTROLLER_BODY_STRING, OATPP_M
|
||||
#define BODY_DTO(TYPE, ...) \
|
||||
OATPP_MACRO_API_CONTROLLER_PARAM(OATPP_MACRO_API_CONTROLLER_BODY_DTO, OATPP_MACRO_API_CONTROLLER_BODY_DTO_INFO, TYPE, (__VA_ARGS__))
|
||||
|
||||
#define AUTHORIZATION(TYPE, ...) \
|
||||
OATPP_MACRO_API_CONTROLLER_PARAM(OATPP_MACRO_API_CONTROLLER_AUTHORIZATION, OATPP_MACRO_API_CONTROLLER_AUTHORIZATION_INFO, TYPE, (__VA_ARGS__))
|
||||
|
||||
//////////////////////////////////////////////////////////////////////////
|
||||
|
||||
#define OATPP_MACRO_API_CONTROLLER_MACRO_SELECTOR(MACRO, TYPE, ...) \
|
||||
@ -249,6 +252,59 @@ if(!OATPP_MACRO_FIRSTARG PARAM_LIST) { \
|
||||
info->body.name = OATPP_MACRO_FIRSTARG_STR PARAM_LIST; \
|
||||
info->body.type = TYPE::Class::getType();
|
||||
|
||||
// AUTHORIZATION MACRO // ------------------------------------------------------
|
||||
|
||||
#define OATPP_MACRO_API_CONTROLLER_AUTHORIZATION_1(TYPE, NAME) \
|
||||
auto __param_str_val_##NAME = __request->getHeader(oatpp::web::protocol::http::Header::AUTHORIZATION); \
|
||||
if(!__param_str_val_##NAME){ \
|
||||
auto error = ApiController::handleError(Status::CODE_401, "Missing HEADER parameter 'Authorization'"); \
|
||||
error->putHeader(oatpp::web::protocol::http::Header::WWW_AUTHENTICATE, "Basic realm=\"API\""); \
|
||||
return error; \
|
||||
} \
|
||||
std::shared_ptr<oatpp::web::server::handler::AuthorizationObject> __param_aosp_val_##NAME = authorize(__param_str_val_##NAME); \
|
||||
if(__param_aosp_val_##NAME.get() == nullptr) { \
|
||||
auto error = ApiController::handleError(Status::CODE_401, "Unauthorized"); \
|
||||
error->putHeader(oatpp::web::protocol::http::Header::WWW_AUTHENTICATE, "Basic realm=\"API\""); \
|
||||
return error; \
|
||||
} \
|
||||
TYPE NAME = std::dynamic_pointer_cast<TYPE::element_type>(__param_aosp_val_##NAME); \
|
||||
if(NAME.get() == nullptr) { \
|
||||
return ApiController::handleError(Status::CODE_500, "Unable to cast authorization result to '" #TYPE "'"); \
|
||||
}
|
||||
|
||||
|
||||
#define OATPP_MACRO_API_CONTROLLER_AUTHORIZATION_2(TYPE, NAME, REALM) \
|
||||
auto __param_str_val_##NAME = __request->getHeader(oatpp::web::protocol::http::Header::AUTHORIZATION); \
|
||||
if(!__param_str_val_##NAME){ \
|
||||
auto error = ApiController::handleError(Status::CODE_401, "Missing HEADER parameter 'Authorization'"); \
|
||||
error->putHeader(oatpp::web::protocol::http::Header::WWW_AUTHENTICATE, "Basic realm=\"" #REALM "\""); \
|
||||
return error; \
|
||||
} \
|
||||
std::shared_ptr<oatpp::web::server::handler::AuthorizationObject> __param_aosp_val_##NAME = authorize(__param_str_val_##NAME); \
|
||||
if(__param_aosp_val_##NAME.get() == nullptr) { \
|
||||
auto error = ApiController::handleError(Status::CODE_401, "Unauthorized"); \
|
||||
error->putHeader(oatpp::web::protocol::http::Header::WWW_AUTHENTICATE, "Basic realm=\"" #REALM "\""); \
|
||||
return error; \
|
||||
} \
|
||||
TYPE NAME = std::dynamic_pointer_cast<TYPE::element_type>(__param_aosp_val_##NAME); \
|
||||
if(NAME.get() == nullptr) { \
|
||||
return ApiController::handleError(Status::CODE_500, "Unable to cast authorization result to '" #TYPE "'"); \
|
||||
}
|
||||
|
||||
#define OATPP_MACRO_API_CONTROLLER_AUTHORIZATION(TYPE, PARAM_LIST) \
|
||||
OATPP_MACRO_API_CONTROLLER_MACRO_SELECTOR(OATPP_MACRO_API_CONTROLLER_AUTHORIZATION_, TYPE, OATPP_MACRO_UNFOLD_VA_ARGS PARAM_LIST)
|
||||
|
||||
// __INFO
|
||||
|
||||
#define OATPP_MACRO_API_CONTROLLER_AUTHORIZATION_INFO_1(TYPE, NAME) \
|
||||
info->headers.add(oatpp::web::protocol::http::Header::AUTHORIZATION, oatpp::String::Class::getType());
|
||||
|
||||
#define OATPP_MACRO_API_CONTROLLER_AUTHORIZATION_INFO_2(TYPE, NAME, REALM) \
|
||||
info->headers.add(oatpp::web::protocol::http::Header::AUTHORIZATION, oatpp::String::Class::getType());
|
||||
|
||||
#define OATPP_MACRO_API_CONTROLLER_AUTHORIZATION_INFO(TYPE, PARAM_LIST) \
|
||||
OATPP_MACRO_API_CONTROLLER_MACRO_SELECTOR(OATPP_MACRO_API_CONTROLLER_AUTHORIZATION_INFO_, TYPE, OATPP_MACRO_UNFOLD_VA_ARGS PARAM_LIST)
|
||||
|
||||
// FOR EACH // ------------------------------------------------------
|
||||
|
||||
#define OATPP_MACRO_API_CONTROLLER_FOR_EACH_PARAM_DECL_FIRST(INDEX, COUNT, X) \
|
||||
|
@ -55,7 +55,7 @@
|
||||
#undef BODY
|
||||
#undef BODY_DTO
|
||||
#undef BODY_STRING
|
||||
|
||||
#undef AUTHORIZATION
|
||||
//
|
||||
|
||||
#undef OATPP_MACRO_API_CONTROLLER_MACRO_SELECTOR
|
||||
@ -97,6 +97,10 @@
|
||||
|
||||
#undef OATPP_MACRO_API_CLIENT_BODY_STRING
|
||||
|
||||
// AUTHORIZATION MACRO
|
||||
|
||||
#undef OATPP_MACRO_API_CLIENT_AUTHORIZATION
|
||||
|
||||
// FOR EACH
|
||||
|
||||
#undef OATPP_MACRO_API_CLIENT_PARAM_DECL
|
||||
|
@ -57,6 +57,7 @@
|
||||
#undef QUERY
|
||||
#undef BODY_STRING
|
||||
#undef BODY_DTO
|
||||
#undef AUTHORIZATION
|
||||
|
||||
// INIT // ------------------------------------------------------
|
||||
|
||||
@ -126,6 +127,16 @@
|
||||
|
||||
#undef OATPP_MACRO_API_CONTROLLER_BODY_DTO_INFO
|
||||
|
||||
// AUTHORIZATION MACRO // ------------------------------------------------------
|
||||
#undef OATPP_MACRO_API_CONTROLLER_AUTHORIZATION_1
|
||||
#undef OATPP_MACRO_API_CONTROLLER_AUTHORIZATION_2
|
||||
#undef OATPP_MACRO_API_CONTROLLER_AUTHORIZATION
|
||||
|
||||
// __INFO
|
||||
#undef OATPP_MACRO_API_CONTROLLER_AUTHORIZATION_INFO_1
|
||||
#undef OATPP_MACRO_API_CONTROLLER_AUTHORIZATION_INFO_2
|
||||
#undef OATPP_MACRO_API_CONTROLLER_AUTHORIZATION_INFO
|
||||
|
||||
// FOR EACH // ------------------------------------------------------
|
||||
|
||||
#undef OATPP_MACRO_API_CONTROLLER_FOR_EACH_PARAM_DECL
|
||||
|
@ -109,6 +109,7 @@ const char* const Header::Value::CONTENT_TYPE_APPLICATION_JSON = "application/js
|
||||
|
||||
const char* const Header::ACCEPT = "Accept";
|
||||
const char* const Header::AUTHORIZATION = "Authorization";
|
||||
const char* const Header::WWW_AUTHENTICATE = "WWW-Authenticate";
|
||||
const char* const Header::CONNECTION = "Connection";
|
||||
const char* const Header::TRANSFER_ENCODING = "Transfer-Encoding";
|
||||
const char* const Header::CONTENT_ENCODING = "Content-Encoding";
|
||||
|
@ -452,6 +452,7 @@ public:
|
||||
public:
|
||||
static const char* const ACCEPT; // "Accept"
|
||||
static const char* const AUTHORIZATION; // "Authorization"
|
||||
static const char* const WWW_AUTHENTICATE; // "WWW-Authenticate"
|
||||
static const char* const CONNECTION; // "Connection"
|
||||
static const char* const TRANSFER_ENCODING; // "Transfer-Encoding"
|
||||
static const char* const CONTENT_ENCODING; // "Content-Encoding"
|
||||
|
@ -23,6 +23,7 @@
|
||||
***************************************************************************/
|
||||
|
||||
#include "./ApiController.hpp"
|
||||
#include <oatpp/web/server/handler/ErrorHandler.hpp>
|
||||
|
||||
namespace oatpp { namespace web { namespace server { namespace api {
|
||||
|
||||
@ -51,13 +52,25 @@ std::shared_ptr<ApiController::OutgoingResponse> ApiController::handleError(cons
|
||||
if(m_errorHandler) {
|
||||
return m_errorHandler->handleError(status, message);
|
||||
}
|
||||
throw oatpp::web::protocol::http::HttpError(status, message);
|
||||
//throw oatpp::web::protocol::http::HttpError(status, message);
|
||||
return handler::DefaultErrorHandler::handleDefaultError(status, message);
|
||||
}
|
||||
|
||||
std::shared_ptr<handler::AuthorizationObject> ApiController::authorize(const String &authHeader) const {
|
||||
if(m_authorizationHandler) {
|
||||
return m_authorizationHandler->handleAuthorization(authHeader);
|
||||
}
|
||||
return handler::DefaultAuthorizationHandler::defaultAuthorizationObject(authHeader);
|
||||
}
|
||||
|
||||
void ApiController::setErrorHandler(const std::shared_ptr<handler::ErrorHandler>& errorHandler){
|
||||
m_errorHandler = errorHandler;
|
||||
}
|
||||
|
||||
void ApiController::setAuthorizationHandler(const std::shared_ptr<handler::AuthorizationHandler> &authorizationHandler){
|
||||
m_authorizationHandler = authorizationHandler;
|
||||
}
|
||||
|
||||
const std::shared_ptr<oatpp::data::mapping::ObjectMapper>& ApiController::getDefaultObjectMapper() const {
|
||||
return m_defaultObjectMapper;
|
||||
}
|
||||
|
@ -28,6 +28,7 @@
|
||||
#include "./Endpoint.hpp"
|
||||
|
||||
#include "oatpp/web/server/handler/ErrorHandler.hpp"
|
||||
#include "oatpp/web/server/handler/AuthorizationHandler.hpp"
|
||||
#include "oatpp/web/server/HttpConnectionHandler.hpp"
|
||||
#include "oatpp/web/url/mapping/Router.hpp"
|
||||
#include "oatpp/web/protocol/http/incoming/Response.hpp"
|
||||
@ -210,6 +211,7 @@ protected:
|
||||
protected:
|
||||
std::shared_ptr<Endpoints> m_endpoints;
|
||||
std::shared_ptr<handler::ErrorHandler> m_errorHandler;
|
||||
std::shared_ptr<handler::AuthorizationHandler> m_authorizationHandler;
|
||||
std::shared_ptr<oatpp::data::mapping::ObjectMapper> m_defaultObjectMapper;
|
||||
std::unordered_map<std::string, std::shared_ptr<Endpoint::Info>> m_endpointInfo;
|
||||
public:
|
||||
@ -259,12 +261,25 @@ public:
|
||||
* Currently return Response created by ErrorHandler or throws HttpError if ErrorHandler is null
|
||||
*/
|
||||
std::shared_ptr<OutgoingResponse> handleError(const Status& status, const oatpp::String& message) const;
|
||||
|
||||
/**
|
||||
* [under discussion]
|
||||
* Do not use it directly. This method is under discussion.
|
||||
* Currently return DTO created by AuthorizationHandler or DefaultAuthorizationHandler if ErrorHandler is null
|
||||
*/
|
||||
std::shared_ptr<handler::AuthorizationObject> authorize(const String &authHeader) const;
|
||||
|
||||
/**
|
||||
* [under discussion]
|
||||
* Set error handler to handle calls to handleError
|
||||
*/
|
||||
void setErrorHandler(const std::shared_ptr<handler::ErrorHandler>& errorHandler);
|
||||
|
||||
/**
|
||||
* [under discussion]
|
||||
* Set authorization handler to handle calls to handleAuthorization
|
||||
*/
|
||||
void setAuthorizationHandler(const std::shared_ptr<handler::AuthorizationHandler>& authorizationHandler);
|
||||
|
||||
const std::shared_ptr<oatpp::data::mapping::ObjectMapper>& getDefaultObjectMapper() const;
|
||||
|
||||
|
63
src/oatpp/web/server/handler/AuthorizationHandler.cpp
Normal file
63
src/oatpp/web/server/handler/AuthorizationHandler.cpp
Normal file
@ -0,0 +1,63 @@
|
||||
/***************************************************************************
|
||||
*
|
||||
* Project _____ __ ____ _ _
|
||||
* ( _ ) /__\ (_ _)_| |_ _| |_
|
||||
* )(_)( /(__)\ )( (_ _)(_ _)
|
||||
* (_____)(__)(__)(__) |_| |_|
|
||||
*
|
||||
*
|
||||
* Copyright 2018-present, Leonid Stryzhevskyi <lganzzzo@gmail.com>
|
||||
* Benedikt-Alexander Mokroß <bam@icognize.de>
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
***************************************************************************/
|
||||
|
||||
#include <oatpp/encoding/Base64.hpp>
|
||||
#include "AuthorizationHandler.hpp"
|
||||
|
||||
namespace oatpp { namespace web { namespace server { namespace handler {
|
||||
|
||||
const char* const AuthorizationObject::Class::CLASS_NAME = "AuthorizationObject";
|
||||
|
||||
std::shared_ptr<handler::AuthorizationObject>
|
||||
DefaultAuthorizationHandler::handleAuthorization(const oatpp::String &header) {
|
||||
return defaultAuthorizationObject(header);
|
||||
}
|
||||
|
||||
std::shared_ptr<handler::AuthorizationObject> DefaultAuthorizationHandler::defaultAuthorizationObject(const oatpp::String &header) {
|
||||
if(!header->startsWith("Basic ")) {
|
||||
return nullptr;
|
||||
}
|
||||
|
||||
oatpp::String auth = oatpp::encoding::Base64::decode(header->c_str()+6, header->getSize() - 6);
|
||||
const char *pauth = auth->c_str();
|
||||
const char *delim = (char*)memchr(pauth, ':', auth->getSize());
|
||||
if(delim == nullptr) {
|
||||
return nullptr;
|
||||
}
|
||||
size_t delimPos = delim - pauth;
|
||||
std::unique_ptr<v_char8[]> dauth(new v_char8[auth->getSize()+1]);
|
||||
memset(dauth.get(), 0, auth->getSize()+1);
|
||||
memcpy(dauth.get(), auth->c_str(), auth->getSize());
|
||||
dauth.get()[delimPos] = 0;
|
||||
|
||||
auto dto = std::make_shared<handler::DefaultAuthorizationObject>();
|
||||
|
||||
dto->user = (const char*)&dauth[0];
|
||||
dto->password = (const char*)&dauth[delimPos + 1];
|
||||
|
||||
return dto;
|
||||
}
|
||||
|
||||
}}}}
|
127
src/oatpp/web/server/handler/AuthorizationHandler.hpp
Normal file
127
src/oatpp/web/server/handler/AuthorizationHandler.hpp
Normal file
@ -0,0 +1,127 @@
|
||||
/***************************************************************************
|
||||
*
|
||||
* Project _____ __ ____ _ _
|
||||
* ( _ ) /__\ (_ _)_| |_ _| |_
|
||||
* )(_)( /(__)\ )( (_ _)(_ _)
|
||||
* (_____)(__)(__)(__) |_| |_|
|
||||
*
|
||||
*
|
||||
* Copyright 2018-present, Leonid Stryzhevskyi <lganzzzo@gmail.com>
|
||||
* Benedikt-Alexander Mokroß <bam@icognize.de>
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
***************************************************************************/
|
||||
|
||||
#ifndef oatpp_web_server_handler_AuthorizationHandler_hpp
|
||||
#define oatpp_web_server_handler_AuthorizationHandler_hpp
|
||||
|
||||
#include <oatpp/web/protocol/http/incoming/Request.hpp>
|
||||
#include "oatpp/web/protocol/http/Http.hpp"
|
||||
#include "oatpp/core/macro/codegen.hpp"
|
||||
#include "oatpp/core/data/mapping/type/Type.hpp"
|
||||
|
||||
|
||||
namespace oatpp { namespace web { namespace server { namespace handler {
|
||||
|
||||
/**
|
||||
* The AuthorizationObject superclass, all AuthorizationObjects have to implement this interface
|
||||
*/
|
||||
class AuthorizationObject : public oatpp::base::Countable {
|
||||
|
||||
public:
|
||||
|
||||
class Class {
|
||||
|
||||
static const char *const CLASS_NAME;
|
||||
public:
|
||||
static oatpp::data::mapping::type::Type *getType() {
|
||||
static oatpp::data::mapping::type::Type type(CLASS_NAME, nullptr);
|
||||
return &type;
|
||||
}
|
||||
|
||||
};
|
||||
|
||||
oatpp::String user;
|
||||
oatpp::String password;
|
||||
|
||||
protected:
|
||||
AuthorizationObject() = default;
|
||||
|
||||
};
|
||||
|
||||
/**
|
||||
* The default AuthorizationObject as generated by DefaultAuthorizationHandler
|
||||
*/
|
||||
class DefaultAuthorizationObject : public AuthorizationObject {
|
||||
public:
|
||||
DefaultAuthorizationObject() = default;
|
||||
};
|
||||
|
||||
/**
|
||||
* Authorization Handler.
|
||||
*/
|
||||
class AuthorizationHandler {
|
||||
public:
|
||||
|
||||
/**
|
||||
* Implement this method! Return nullptr if authorization should be denied.
|
||||
* @param header - &id:oatpp::String;.
|
||||
* @return - &id:std::shared_ptr<oatpp::web::server::handler::AuthorizationObject>;.
|
||||
*/
|
||||
virtual
|
||||
std::shared_ptr<handler::AuthorizationObject>
|
||||
handleAuthorization(const oatpp::String &header) = 0;
|
||||
|
||||
};
|
||||
|
||||
/**
|
||||
* Default Authorization Handler.
|
||||
*/
|
||||
class DefaultAuthorizationHandler : public oatpp::base::Countable, public AuthorizationHandler {
|
||||
public:
|
||||
/**
|
||||
* Constructor.
|
||||
*/
|
||||
DefaultAuthorizationHandler() = default;
|
||||
public:
|
||||
|
||||
/**
|
||||
* Create shared DefaultAuthorizationHandler.
|
||||
* @return - `std::shared_ptr` to DefaultAuthorizationHandler.
|
||||
*/
|
||||
static std::shared_ptr<DefaultAuthorizationHandler> createShared() {
|
||||
return std::make_shared<DefaultAuthorizationHandler>();
|
||||
}
|
||||
|
||||
/**
|
||||
* Implementation of &l:AuthorizationHandler::handleAuthorization ();
|
||||
* @param header - &id:oatpp::String;.
|
||||
* @return - &id:std::shared_ptr<oatpp::web::server::handler::AuthorizationObject>;.
|
||||
*/
|
||||
std::shared_ptr<handler::AuthorizationObject>
|
||||
handleAuthorization(const oatpp::String &header) override;
|
||||
|
||||
/**
|
||||
* Static implementation of &l:AuthorizationHandler::handleAuthorization () for convenience usage.
|
||||
* @param header - &id:oatpp::String;.
|
||||
* @return - &id:std::shared_ptr<oatpp::web::server::handler::AuthorizationObject>;.
|
||||
*/
|
||||
static std::shared_ptr<handler::AuthorizationObject>
|
||||
defaultAuthorizationObject(const oatpp::String &header);
|
||||
|
||||
};
|
||||
|
||||
}}}}
|
||||
|
||||
#endif /* oatpp_web_server_handler_ErrorHandler_hpp */
|
@ -31,20 +31,26 @@ namespace oatpp { namespace web { namespace server { namespace handler {
|
||||
|
||||
std::shared_ptr<protocol::http::outgoing::Response>
|
||||
DefaultErrorHandler::handleError(const protocol::http::Status& status, const oatpp::String& message) {
|
||||
|
||||
return handleDefaultError(status, message);
|
||||
|
||||
}
|
||||
|
||||
std::shared_ptr<protocol::http::outgoing::Response>
|
||||
DefaultErrorHandler::handleDefaultError(const oatpp::web::protocol::http::Status &status, const oatpp::String &message){
|
||||
|
||||
auto stream = oatpp::data::stream::ChunkedBuffer::createShared();
|
||||
*stream << "server=" << protocol::http::Header::Value::SERVER << "\n";
|
||||
*stream << "code=" << status.code << "\n";
|
||||
*stream << "description=" << status.description << "\n";
|
||||
*stream << "message=" << message << "\n";
|
||||
auto response = protocol::http::outgoing::Response::createShared
|
||||
(status, protocol::http::outgoing::ChunkedBufferBody::createShared(stream));
|
||||
|
||||
(status, protocol::http::outgoing::ChunkedBufferBody::createShared(stream));
|
||||
|
||||
response->putHeader(protocol::http::Header::SERVER, protocol::http::Header::Value::SERVER);
|
||||
response->putHeader(protocol::http::Header::CONNECTION, protocol::http::Header::Value::CONNECTION_CLOSE);
|
||||
|
||||
|
||||
return response;
|
||||
|
||||
|
||||
}
|
||||
|
||||
}}}}
|
||||
|
@ -76,7 +76,15 @@ public:
|
||||
*/
|
||||
std::shared_ptr<protocol::http::outgoing::Response>
|
||||
handleError(const protocol::http::Status& status, const oatpp::String& message) override;
|
||||
|
||||
|
||||
/**
|
||||
* Implementation of &l:ErrorHandler::handleError ();
|
||||
* @param status - &id:oatpp::web::protocol::http::Status;.
|
||||
* @param message - &id:oatpp::String;.
|
||||
* @return - &id:oatpp::web::protocol::http::outgoing::Response;.
|
||||
*/
|
||||
static std::shared_ptr<protocol::http::outgoing::Response>
|
||||
handleDefaultError(const protocol::http::Status& status, const oatpp::String& message);
|
||||
};
|
||||
|
||||
}}}}
|
||||
|
@ -41,11 +41,14 @@ add_executable(oatppAllTests
|
||||
oatpp/web/mime/multipart/StatefulParserTest.hpp
|
||||
oatpp/web/server/api/ApiControllerTest.cpp
|
||||
oatpp/web/server/api/ApiControllerTest.hpp
|
||||
oatpp/web/server/handler/AuthorizationHandlerTest.cpp
|
||||
oatpp/web/server/handler/AuthorizationHandlerTest.hpp
|
||||
oatpp/web/FullAsyncTest.cpp
|
||||
oatpp/web/FullAsyncTest.hpp
|
||||
oatpp/web/FullTest.cpp
|
||||
oatpp/web/FullTest.hpp
|
||||
oatpp/web/app/Client.hpp
|
||||
oatpp/web/app/AuthorizationController.hpp
|
||||
oatpp/web/app/Controller.hpp
|
||||
oatpp/web/app/ControllerAsync.hpp
|
||||
oatpp/web/app/DTOs.hpp
|
||||
|
@ -4,6 +4,8 @@
|
||||
#include "oatpp/web/FullAsyncClientTest.hpp"
|
||||
#include "oatpp/web/server/api/ApiControllerTest.hpp"
|
||||
|
||||
#include "oatpp/web/server/handler/AuthorizationHandlerTest.hpp"
|
||||
|
||||
#include "oatpp/web/mime/multipart/StatefulParserTest.hpp"
|
||||
|
||||
#include "oatpp/network/virtual_/PipeTest.hpp"
|
||||
@ -47,65 +49,67 @@ void runTests() {
|
||||
|
||||
oatpp::base::Environment::printCompilationConfig();
|
||||
|
||||
OATPP_RUN_TEST(oatpp::test::base::RegRuleTest);
|
||||
OATPP_RUN_TEST(oatpp::test::base::CommandLineArgumentsTest);
|
||||
// OATPP_RUN_TEST(oatpp::test::base::RegRuleTest);
|
||||
// OATPP_RUN_TEST(oatpp::test::base::CommandLineArgumentsTest);
|
||||
//
|
||||
// OATPP_RUN_TEST(oatpp::test::memory::MemoryPoolTest);
|
||||
// OATPP_RUN_TEST(oatpp::test::memory::PerfTest);
|
||||
//
|
||||
// OATPP_RUN_TEST(oatpp::test::collection::LinkedListTest);
|
||||
//
|
||||
// OATPP_RUN_TEST(oatpp::test::core::data::share::MemoryLabelTest);
|
||||
// OATPP_RUN_TEST(oatpp::test::core::data::stream::ChunkedBufferTest);
|
||||
// OATPP_RUN_TEST(oatpp::test::core::data::mapping::type::TypeTest);
|
||||
//
|
||||
// OATPP_RUN_TEST(oatpp::test::async::LockTest);
|
||||
//
|
||||
// OATPP_RUN_TEST(oatpp::test::parser::CaretTest);
|
||||
// OATPP_RUN_TEST(oatpp::test::parser::json::mapping::DeserializerTest);
|
||||
// OATPP_RUN_TEST(oatpp::test::parser::json::mapping::DTOMapperPerfTest);
|
||||
// OATPP_RUN_TEST(oatpp::test::parser::json::mapping::DTOMapperTest);
|
||||
//
|
||||
// OATPP_RUN_TEST(oatpp::test::encoding::Base64Test);
|
||||
// OATPP_RUN_TEST(oatpp::test::encoding::UnicodeTest);
|
||||
//
|
||||
// OATPP_RUN_TEST(oatpp::test::network::UrlTest);
|
||||
// OATPP_RUN_TEST(oatpp::test::network::virtual_::PipeTest);
|
||||
// OATPP_RUN_TEST(oatpp::test::network::virtual_::InterfaceTest);
|
||||
//
|
||||
// OATPP_RUN_TEST(oatpp::test::web::mime::multipart::StatefulParserTest);
|
||||
//
|
||||
// OATPP_RUN_TEST(oatpp::test::web::server::api::ApiControllerTest);
|
||||
|
||||
OATPP_RUN_TEST(oatpp::test::memory::MemoryPoolTest);
|
||||
OATPP_RUN_TEST(oatpp::test::memory::PerfTest);
|
||||
|
||||
OATPP_RUN_TEST(oatpp::test::collection::LinkedListTest);
|
||||
|
||||
OATPP_RUN_TEST(oatpp::test::core::data::share::MemoryLabelTest);
|
||||
OATPP_RUN_TEST(oatpp::test::core::data::stream::ChunkedBufferTest);
|
||||
OATPP_RUN_TEST(oatpp::test::core::data::mapping::type::TypeTest);
|
||||
|
||||
OATPP_RUN_TEST(oatpp::test::async::LockTest);
|
||||
|
||||
OATPP_RUN_TEST(oatpp::test::parser::CaretTest);
|
||||
OATPP_RUN_TEST(oatpp::test::parser::json::mapping::DeserializerTest);
|
||||
OATPP_RUN_TEST(oatpp::test::parser::json::mapping::DTOMapperPerfTest);
|
||||
OATPP_RUN_TEST(oatpp::test::parser::json::mapping::DTOMapperTest);
|
||||
|
||||
OATPP_RUN_TEST(oatpp::test::encoding::Base64Test);
|
||||
OATPP_RUN_TEST(oatpp::test::encoding::UnicodeTest);
|
||||
|
||||
OATPP_RUN_TEST(oatpp::test::network::UrlTest);
|
||||
OATPP_RUN_TEST(oatpp::test::network::virtual_::PipeTest);
|
||||
OATPP_RUN_TEST(oatpp::test::network::virtual_::InterfaceTest);
|
||||
|
||||
OATPP_RUN_TEST(oatpp::test::web::mime::multipart::StatefulParserTest);
|
||||
|
||||
OATPP_RUN_TEST(oatpp::test::web::server::api::ApiControllerTest);
|
||||
OATPP_RUN_TEST(oatpp::test::web::server::handler::AuthorizationHandlerTest);
|
||||
|
||||
{
|
||||
|
||||
oatpp::test::web::FullTest test_virtual(0, 1000);
|
||||
test_virtual.run();
|
||||
// oatpp::test::web::FullTest test_virtual(0, 1000);
|
||||
// test_virtual.run();
|
||||
|
||||
oatpp::test::web::FullTest test_port(8000, 10);
|
||||
test_port.run();
|
||||
|
||||
}
|
||||
|
||||
{
|
||||
|
||||
oatpp::test::web::FullAsyncTest test_virtual(0, 1000);
|
||||
test_virtual.run();
|
||||
|
||||
oatpp::test::web::FullAsyncTest test_port(8000, 10);
|
||||
test_port.run();
|
||||
|
||||
}
|
||||
|
||||
{
|
||||
|
||||
oatpp::test::web::FullAsyncClientTest test_virtual(0, 1000);
|
||||
test_virtual.run(20);
|
||||
|
||||
oatpp::test::web::FullAsyncClientTest test_port(8000, 10);
|
||||
test_port.run(1);
|
||||
|
||||
}
|
||||
//
|
||||
// {
|
||||
//
|
||||
// oatpp::test::web::FullAsyncTest test_virtual(0, 1000);
|
||||
// test_virtual.run();
|
||||
//
|
||||
// oatpp::test::web::FullAsyncTest test_port(8000, 10);
|
||||
// test_port.run();
|
||||
//
|
||||
// }
|
||||
//
|
||||
// {
|
||||
//
|
||||
// oatpp::test::web::FullAsyncClientTest test_virtual(0, 1000);
|
||||
// test_virtual.run(20);
|
||||
//
|
||||
// oatpp::test::web::FullAsyncClientTest test_port(8000, 10);
|
||||
// test_port.run(1);
|
||||
//
|
||||
// }
|
||||
|
||||
}
|
||||
|
||||
|
@ -27,6 +27,7 @@
|
||||
#include "oatpp/web/app/Client.hpp"
|
||||
|
||||
#include "oatpp/web/app/Controller.hpp"
|
||||
#include "oatpp/web/app/AuthorizationController.hpp"
|
||||
|
||||
#include "oatpp/web/client/HttpRequestExecutor.hpp"
|
||||
|
||||
@ -138,6 +139,7 @@ void FullTest::onRun() {
|
||||
oatpp::test::web::ClientServerTestRunner runner;
|
||||
|
||||
runner.addController(app::Controller::createShared());
|
||||
runner.addController(app::AuthorizationController::createShared());
|
||||
|
||||
runner.run([this, &runner] {
|
||||
|
||||
@ -225,6 +227,55 @@ void FullTest::onRun() {
|
||||
OATPP_ASSERT(response->getStatusCode() == 200);
|
||||
}
|
||||
|
||||
{ // test simple authorization header
|
||||
auto response = client->defauthorization("foo:bar", connection);
|
||||
OATPP_ASSERT(response->getStatusCode() == 200);
|
||||
}
|
||||
|
||||
{ // test authorzation of unknown user in endpoint-code
|
||||
auto response = client->defauthorization("john:doe", connection);
|
||||
OATPP_ASSERT(response->getStatusCode() == 403);
|
||||
}
|
||||
|
||||
{ // test call of an endpoint that requiers authorization headers, but we don't send one
|
||||
auto response = client->defauthorizationWithoutHeader(connection);
|
||||
OATPP_ASSERT(response->getStatusCode() == 401);
|
||||
oatpp::String body = response->readBodyToString();
|
||||
OATPP_ASSERT(body == "server=oatpp/" OATPP_VERSION "\n"
|
||||
"code=401\n"
|
||||
"description=Unauthorized\n"
|
||||
"message=Missing HEADER parameter 'Authorization'\n");
|
||||
// should also add the WWW-Authenticate header when Authorization is missing
|
||||
auto header = response->getHeaders().find(oatpp::web::protocol::http::Header::WWW_AUTHENTICATE);
|
||||
OATPP_ASSERT(header != response->getHeaders().end())
|
||||
OATPP_ASSERT(header->second.toString()->startsWith("Basic realm="))
|
||||
}
|
||||
|
||||
{ // test custom authorization handler with default authorization object
|
||||
auto response = client->mydefauthorization("foo:bar", connection);
|
||||
OATPP_ASSERT(response->getStatusCode() == 200);
|
||||
}
|
||||
|
||||
{ // test custom authorization handler with custom authorization object
|
||||
auto response = client->myauthorization("foo:bar", connection);
|
||||
OATPP_ASSERT(response->getStatusCode() == 200);
|
||||
}
|
||||
|
||||
{ // test custom authorization handler with custom authorization object with unknown credentials where the
|
||||
// handler returns nullptr
|
||||
auto response = client->myauthorization("john:doe", connection);
|
||||
oatpp::String body = response->readBodyToString();
|
||||
OATPP_ASSERT(response->getStatusCode() == 401);
|
||||
OATPP_ASSERT(body == "server=oatpp/" OATPP_VERSION "\n"
|
||||
"code=401\n"
|
||||
"description=Unauthorized\n"
|
||||
"message=Unauthorized\n");
|
||||
// should also add the WWW-Authenticate header when Authorization is missing or wrong
|
||||
auto header = response->getHeaders().find(oatpp::web::protocol::http::Header::WWW_AUTHENTICATE);
|
||||
OATPP_ASSERT(header != response->getHeaders().end())
|
||||
OATPP_ASSERT(header->second.toString()->startsWith("Basic realm="))
|
||||
}
|
||||
|
||||
{ // test Chunked body
|
||||
oatpp::String sample = "__abcdefghijklmnopqrstuvwxyz-0123456789";
|
||||
v_int32 numIterations = 10;
|
||||
|
113
test/oatpp/web/app/AuthorizationController.hpp
Normal file
113
test/oatpp/web/app/AuthorizationController.hpp
Normal file
@ -0,0 +1,113 @@
|
||||
/***************************************************************************
|
||||
*
|
||||
* Project _____ __ ____ _ _
|
||||
* ( _ ) /__\ (_ _)_| |_ _| |_
|
||||
* )(_)( /(__)\ )( (_ _)(_ _)
|
||||
* (_____)(__)(__)(__) |_| |_|
|
||||
*
|
||||
*
|
||||
* Copyright 2018-present, Leonid Stryzhevskyi <lganzzzo@gmail.com>
|
||||
* Benedikt-Alexander Mokroß <bam@icognize.de>
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
***************************************************************************/
|
||||
|
||||
#ifndef oatpp_test_web_app_AuthorizationController_hpp
|
||||
#define oatpp_test_web_app_AuthorizationController_hpp
|
||||
|
||||
#include "./DTOs.hpp"
|
||||
|
||||
#include "oatpp/web/mime/multipart/FileStreamProvider.hpp"
|
||||
#include "oatpp/web/mime/multipart/InMemoryPartReader.hpp"
|
||||
#include "oatpp/web/mime/multipart/Reader.hpp"
|
||||
|
||||
#include "oatpp/web/protocol/http/outgoing/MultipartBody.hpp"
|
||||
#include "oatpp/web/protocol/http/outgoing/ChunkedBody.hpp"
|
||||
|
||||
#include "oatpp/web/server/api/ApiController.hpp"
|
||||
#include "oatpp/parser/json/mapping/ObjectMapper.hpp"
|
||||
#include "oatpp/core/utils/ConversionUtils.hpp"
|
||||
#include "oatpp/core/macro/codegen.hpp"
|
||||
#include "oatpp/core/macro/component.hpp"
|
||||
|
||||
#include <sstream>
|
||||
|
||||
namespace oatpp { namespace test { namespace web { namespace app {
|
||||
|
||||
class MyAuthorizationObject : public oatpp::web::server::handler::AuthorizationObject {
|
||||
public:
|
||||
oatpp::Int64 id;
|
||||
};
|
||||
|
||||
class MyAuthorizationHandler : public oatpp::web::server::handler::AuthorizationHandler {
|
||||
public:
|
||||
std::shared_ptr<oatpp::web::server::handler::AuthorizationObject> handleAuthorization(const oatpp::String &header) override {
|
||||
auto def = oatpp::web::server::handler::DefaultAuthorizationHandler::defaultAuthorizationObject(header);
|
||||
auto my = std::make_shared<MyAuthorizationObject>();
|
||||
my->user = def->user;
|
||||
my->password = def->password;
|
||||
if(my->user != "foo" || my->password != "bar") {
|
||||
return nullptr;
|
||||
}
|
||||
my->id = 1337;
|
||||
return my;
|
||||
}
|
||||
};
|
||||
|
||||
class AuthorizationController : public oatpp::web::server::api::ApiController {
|
||||
private:
|
||||
static constexpr const char* TAG = "test::web::app::AuthorizationController";
|
||||
|
||||
public:
|
||||
AuthorizationController(const std::shared_ptr<ObjectMapper>& objectMapper)
|
||||
: oatpp::web::server::api::ApiController(objectMapper)
|
||||
{
|
||||
m_authorizationHandler = std::make_shared<MyAuthorizationHandler>();
|
||||
}
|
||||
public:
|
||||
|
||||
static std::shared_ptr<AuthorizationController> createShared(const std::shared_ptr<ObjectMapper>& objectMapper = OATPP_GET_COMPONENT(std::shared_ptr<ObjectMapper>)){
|
||||
return std::make_shared<AuthorizationController>(objectMapper);
|
||||
}
|
||||
|
||||
#include OATPP_CODEGEN_BEGIN(ApiController)
|
||||
|
||||
ENDPOINT("GET", "mydefauthorization", authorization,
|
||||
AUTHORIZATION(std::shared_ptr<oatpp::web::server::handler::AuthorizationObject>, authorizationHeader)) {
|
||||
auto dto = TestDto::createShared();
|
||||
dto->testValue = authorizationHeader->user + ":" + authorizationHeader->password;
|
||||
if(dto->testValue == "foo:bar") {
|
||||
return createDtoResponse(Status::CODE_200, dto);
|
||||
} else {
|
||||
return createDtoResponse(Status::CODE_401, dto);
|
||||
}
|
||||
}
|
||||
|
||||
ENDPOINT("GET", "myauthorization", myauthorization,
|
||||
AUTHORIZATION(std::shared_ptr<MyAuthorizationObject>, authorizationHeader)) {
|
||||
auto dto = TestDto::createShared();
|
||||
dto->testValue = authorizationHeader->user + ":" + authorizationHeader->password;
|
||||
if(dto->testValue == "foo:bar" && authorizationHeader->id == oatpp::Int64(1337)) {
|
||||
return createDtoResponse(Status::CODE_200, dto);
|
||||
} else {
|
||||
return createDtoResponse(Status::CODE_401, dto);
|
||||
}
|
||||
}
|
||||
|
||||
#include OATPP_CODEGEN_END(ApiController)
|
||||
|
||||
};
|
||||
|
||||
}}}}
|
||||
|
||||
#endif /* oatpp_test_web_app_Controller_hpp */
|
@ -26,6 +26,7 @@
|
||||
#define oatpp_test_web_app_Client_hpp
|
||||
|
||||
#include "oatpp/web/protocol/http/outgoing/MultipartBody.hpp"
|
||||
#include "oatpp/encoding/Base64.hpp"
|
||||
#include "oatpp/web/client/ApiClient.hpp"
|
||||
#include "oatpp/core/macro/codegen.hpp"
|
||||
|
||||
@ -48,6 +49,10 @@ public:
|
||||
API_CALL("POST", "body", postBody, BODY_STRING(String, body))
|
||||
API_CALL("POST", "echo", echoBody, BODY_STRING(String, body))
|
||||
API_CALL("GET", "header-value-set", headerValueSet, HEADER(String, valueSet, "X-VALUE-SET"))
|
||||
API_CALL("GET", "defauthorization", defauthorization, AUTHORIZATION(String, authorization))
|
||||
API_CALL("GET", "defauthorization", defauthorizationWithoutHeader)
|
||||
API_CALL("GET", "mydefauthorization", mydefauthorization, AUTHORIZATION(String, authorization))
|
||||
API_CALL("GET", "myauthorization", myauthorization, AUTHORIZATION(String, authorization))
|
||||
API_CALL("GET", "chunked/{text-value}/{num-iterations}", getChunked, PATH(String, text, "text-value"), PATH(Int32, numIterations, "num-iterations"))
|
||||
API_CALL("POST", "test/multipart/{chunk-size}", multipartTest, PATH(Int32, chunkSize, "chunk-size"), BODY(std::shared_ptr<MultipartBody>, body))
|
||||
|
||||
|
@ -133,6 +133,17 @@ public:
|
||||
return createResponse(Status::CODE_200, "");
|
||||
}
|
||||
|
||||
ENDPOINT("GET", "defauthorization", authorization,
|
||||
AUTHORIZATION(std::shared_ptr<oatpp::web::server::handler::AuthorizationObject>, authorizationHeader)) {
|
||||
auto dto = TestDto::createShared();
|
||||
dto->testValue = authorizationHeader->user + ":" + authorizationHeader->password;
|
||||
if(dto->testValue == "foo:bar") {
|
||||
return createDtoResponse(Status::CODE_200, dto);
|
||||
} else {
|
||||
return createDtoResponse(Status::CODE_403, dto);
|
||||
}
|
||||
}
|
||||
|
||||
class ReadCallback : public oatpp::data::stream::ReadCallback {
|
||||
private:
|
||||
oatpp::String m_text;
|
||||
|
48
test/oatpp/web/server/handler/AuthorizationHandlerTest.cpp
Normal file
48
test/oatpp/web/server/handler/AuthorizationHandlerTest.cpp
Normal file
@ -0,0 +1,48 @@
|
||||
/***************************************************************************
|
||||
*
|
||||
* Project _____ __ ____ _ _
|
||||
* ( _ ) /__\ (_ _)_| |_ _| |_
|
||||
* )(_)( /(__)\ )( (_ _)(_ _)
|
||||
* (_____)(__)(__)(__) |_| |_|
|
||||
*
|
||||
*
|
||||
* Copyright 2018-present, Leonid Stryzhevskyi <lganzzzo@gmail.com>
|
||||
* Benedikt-Alexander Mokroß <bam@icognize.de>
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
***************************************************************************/
|
||||
|
||||
#include "AuthorizationHandlerTest.hpp"
|
||||
|
||||
#include "oatpp/web/server/handler/AuthorizationHandler.hpp"
|
||||
|
||||
namespace oatpp { namespace test { namespace web { namespace server { namespace handler {
|
||||
|
||||
void AuthorizationHandlerTest::onRun() {
|
||||
|
||||
oatpp::String user = "foo";
|
||||
oatpp::String password = "bar";
|
||||
oatpp::String header = "Basic Zm9vOmJhcg==";
|
||||
|
||||
{
|
||||
std::shared_ptr<oatpp::web::server::handler::DefaultAuthorizationHandler> default_authorization_handler = oatpp::web::server::handler::DefaultAuthorizationHandler::createShared();
|
||||
std::shared_ptr<oatpp::web::server::handler::AuthorizationObject> auth = default_authorization_handler->handleAuthorization(header);
|
||||
OATPP_LOGV(TAG, "header=\"%s\" -> user=\"%s\" password=\"%s\"", header->c_str(), auth->user->c_str(), auth->password->c_str());
|
||||
OATPP_ASSERT(auth->user->equals("foo"));
|
||||
OATPP_ASSERT(auth->password->equals("bar"));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}}}}}
|
42
test/oatpp/web/server/handler/AuthorizationHandlerTest.hpp
Normal file
42
test/oatpp/web/server/handler/AuthorizationHandlerTest.hpp
Normal file
@ -0,0 +1,42 @@
|
||||
/***************************************************************************
|
||||
*
|
||||
* Project _____ __ ____ _ _
|
||||
* ( _ ) /__\ (_ _)_| |_ _| |_
|
||||
* )(_)( /(__)\ )( (_ _)(_ _)
|
||||
* (_____)(__)(__)(__) |_| |_|
|
||||
*
|
||||
*
|
||||
* Copyright 2018-present, Leonid Stryzhevskyi <lganzzzo@gmail.com>
|
||||
* Benedikt-Alexander Mokroß <bam@icognize.de>
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
***************************************************************************/
|
||||
|
||||
#ifndef oatpp_test_encoding_AuthorizationHandlerTest_hpp
|
||||
#define oatpp_test_encoding_AuthorizationHandlerTest_hpp
|
||||
|
||||
#include <oatpp/web/server/handler/AuthorizationHandler.hpp>
|
||||
#include "oatpp-test/UnitTest.hpp"
|
||||
|
||||
namespace oatpp { namespace test { namespace web { namespace server { namespace handler {
|
||||
|
||||
class AuthorizationHandlerTest : public UnitTest{
|
||||
public:
|
||||
AuthorizationHandlerTest():UnitTest("TEST[web::server::handler::AuthorizationHandlerTest]"){}
|
||||
void onRun() override;
|
||||
};
|
||||
|
||||
}}}}}
|
||||
|
||||
#endif /* oatpp_test_encoding_Base64Test_hpp */
|
Loading…
Reference in New Issue
Block a user