start of some ghetto HTTP Basic Auth

camlistored/camlistored.go

@@ -5,6 +5,7 @@
 package main
 
 import "crypto/sha1"
+import "encoding/base64"
 import "flag"
 import "fmt"
 import "hash"
@@ -20,6 +21,7 @@ var storageRoot *string = flag.String("root", "/tmp/camliroot", "Root directory
 var sharedSecret string
 
 var kGetPutPattern *regexp.Regexp = regexp.MustCompile(`^/camli/(sha1)-([a-f0-9]+)$`)
+var kBasicAuthPattern *regexp.Regexp = regexp.MustCompile(`^Basic ([a-zA-Z0-9\+/=]+)`)
 
 type ObjectRef struct {
 	hashName string
@@ -75,6 +77,22 @@ func serverError(conn *http.Conn, err os.Error) {
 	fmt.Fprintf(conn, "Server error: %s\n", err)
 }
 
+func putAllowed(req *http.Request) bool {
+	auth, present := req.Header["Authorization"]
+	if !present {
+		return false
+	}
+	matches := kBasicAuthPattern.MatchStrings(auth)
+	if len(matches) != 2 {
+		return false
+	}
+	var outBuf []byte = make([]byte, base64.StdEncoding.DecodedLen(len(matches[1])))
+	bytes, err := base64.StdEncoding.Decode(outBuf, []uint8(matches[1]))
+	fmt.Println("Decoded bytes:", bytes, " error: ", err)
+	fmt.Println("Got userPass:", string(outBuf))
+	return false
+}
+
 func handleCamli(conn *http.Conn, req *http.Request) {
 	if (req.Method == "PUT") {
 		handlePut(conn, req)
@@ -143,6 +161,13 @@ func handlePut(conn *http.Conn, req *http.Request) {
 		return
 	}
 
+	if !putAllowed(req) {
+		conn.SetHeader("WWW-Authenticate", "Basic realm=\"camlistored\"")
+		conn.WriteHeader(http.StatusUnauthorized)
+		fmt.Fprintf(conn, "Authentication required.")
+		return
+	}
+
 	// TODO(bradfitz): authn/authz checks here.
 
 	hashedDirectory := objRef.DirectoryName()

camlistored/test-put.pl

@@ -16,6 +16,6 @@ $url =~ s!/$!!;
 $url .= "/camli/sha1-$sha1";
 
 print "PUT'ing to $url ...\n";
-system("curl", "-T", $file, $url) and die "Curl failed.";
+system("curl", "-u", "test:foo", "-T", $file, $url) and die "Curl failed.";