From a2bed507d5b8567491e37e02ea05780ad8a9f3ba Mon Sep 17 00:00:00 2001 From: Brad Fitzpatrick Date: Sun, 13 Jun 2010 21:51:18 -0700 Subject: [PATCH] start of some ghetto HTTP Basic Auth --- camlistored/camlistored.go | 25 +++++++++++++++++++++++++ camlistored/test-put.pl | 2 +- 2 files changed, 26 insertions(+), 1 deletion(-) diff --git a/camlistored/camlistored.go b/camlistored/camlistored.go index 4bd608665..2a9b1e95a 100644 --- a/camlistored/camlistored.go +++ b/camlistored/camlistored.go @@ -5,6 +5,7 @@ package main import "crypto/sha1" +import "encoding/base64" import "flag" import "fmt" import "hash" @@ -20,6 +21,7 @@ var storageRoot *string = flag.String("root", "/tmp/camliroot", "Root directory var sharedSecret string var kGetPutPattern *regexp.Regexp = regexp.MustCompile(`^/camli/(sha1)-([a-f0-9]+)$`) +var kBasicAuthPattern *regexp.Regexp = regexp.MustCompile(`^Basic ([a-zA-Z0-9\+/=]+)`) type ObjectRef struct { hashName string @@ -75,6 +77,22 @@ func serverError(conn *http.Conn, err os.Error) { fmt.Fprintf(conn, "Server error: %s\n", err) } +func putAllowed(req *http.Request) bool { + auth, present := req.Header["Authorization"] + if !present { + return false + } + matches := kBasicAuthPattern.MatchStrings(auth) + if len(matches) != 2 { + return false + } + var outBuf []byte = make([]byte, base64.StdEncoding.DecodedLen(len(matches[1]))) + bytes, err := base64.StdEncoding.Decode(outBuf, []uint8(matches[1])) + fmt.Println("Decoded bytes:", bytes, " error: ", err) + fmt.Println("Got userPass:", string(outBuf)) + return false +} + func handleCamli(conn *http.Conn, req *http.Request) { if (req.Method == "PUT") { handlePut(conn, req) @@ -143,6 +161,13 @@ func handlePut(conn *http.Conn, req *http.Request) { return } + if !putAllowed(req) { + conn.SetHeader("WWW-Authenticate", "Basic realm=\"camlistored\"") + conn.WriteHeader(http.StatusUnauthorized) + fmt.Fprintf(conn, "Authentication required.") + return + } + // TODO(bradfitz): authn/authz checks here. hashedDirectory := objRef.DirectoryName() diff --git a/camlistored/test-put.pl b/camlistored/test-put.pl index a42c1a15f..ace71c091 100755 --- a/camlistored/test-put.pl +++ b/camlistored/test-put.pl @@ -16,6 +16,6 @@ $url =~ s!/$!!; $url .= "/camli/sha1-$sha1"; print "PUT'ing to $url ...\n"; -system("curl", "-T", $file, $url) and die "Curl failed."; +system("curl", "-u", "test:foo", "-T", $file, $url) and die "Curl failed.";