[http] Handle parsing of WWW-Authenticate header within authentication scheme

Allow individual authentication schemes to parse WWW-Authenticate headers that do not comply with RFC2617. Signed-off-by: Michael Brown <mcb30@ipxe.org>
2025-12-19 19:49:45 +03:00 · 2017-11-11 22:05:53 +00:00
parent c49acbb4d2
commit 96bd872c03
4 changed files with 157 additions and 75 deletions
--- a/src/include/ipxe/http.h
+++ b/src/include/ipxe/http.h
@@ -150,14 +150,18 @@ struct http_request_content {
 	size_t len;
 };

-/** HTTP request authentication descriptor */
-struct http_request_auth {
-	/** Authentication scheme (if any) */
-	struct http_authentication *auth;
+/** HTTP request Basic authentication descriptor */
+struct http_request_auth_basic {
 	/** Username */
 	const char *username;
 	/** Password */
 	const char *password;
+};
+
+/** HTTP request Digest authentication descriptor */
+struct http_request_auth_digest {
+	/** Username */
+	const char *username;
 	/** Quality of protection */
 	const char *qop;
 	/** Algorithm */
@@ -168,6 +172,19 @@ struct http_request_auth {
 	char response[ HTTP_DIGEST_RESPONSE_LEN + 1 /* NUL */ ];
 };

+/** HTTP request authentication descriptor */
+struct http_request_auth {
+	/** Authentication scheme (if any) */
+	struct http_authentication *auth;
+	/** Per-scheme information */
+	union {
+		/** Basic authentication descriptor */
+		struct http_request_auth_basic basic;
+		/** Digest authentication descriptor */
+		struct http_request_auth_digest digest;
+	};
+};
+
 /** An HTTP request
 *
 * This represents a single request to be sent to a server, including
@@ -235,10 +252,12 @@ struct http_response_content {
 	struct http_content_encoding *encoding;
 };

-/** HTTP response authorization descriptor */
-struct http_response_auth {
-	/** Authentication scheme (if any) */
-	struct http_authentication *auth;
+/** HTTP response Basic authorization descriptor */
+struct http_response_auth_basic {
+};
+
+/** HTTP response Digest authorization descriptor */
+struct http_response_auth_digest {
 	/** Realm */
 	const char *realm;
 	/** Quality of protection */
@@ -251,6 +270,19 @@ struct http_response_auth {
 	const char *opaque;
 };

+/** HTTP response authorization descriptor */
+struct http_response_auth {
+	/** Authentication scheme (if any) */
+	struct http_authentication *auth;
+	/** Per-scheme information */
+	union {
+		/** Basic authorization descriptor */
+		struct http_response_auth_basic basic;
+		/** Digest authorization descriptor */
+		struct http_response_auth_digest digest;
+	};
+};
+
 /** An HTTP response
 *
 * This represents a single response received from the server,
@@ -461,6 +493,13 @@ struct http_content_encoding {
 struct http_authentication {
 	/** Name (e.g. "Digest") */
 	const char *name;
+	/** Parse remaining "WWW-Authenticate" header line
+	 *
+	 * @v http		HTTP transaction
+	 * @v line		Remaining header line
+	 * @ret rc		Return status code
+	 */
+	int ( * parse ) ( struct http_transaction *http, char *line );
 	/** Perform authentication
 	 *
 	 * @v http		HTTP transaction