MCPcopy Create free account
hub / github.com/apache/httpd / get_basic_auth

Function get_basic_auth

modules/aaa/mod_auth_basic.c:248–286  ·  view source on GitHub ↗

Source from the content-addressed store, hash-verified

246}
247
248static int get_basic_auth(request_rec *r, const char **user,
249 const char **pw)
250{
251 const char *auth_line;
252 char *decoded_line;
253
254 /* Get the appropriate header */
255 auth_line = apr_table_get(r->headers_in, (PROXYREQ_PROXY == r->proxyreq)
256 ? "Proxy-Authorization"
257 : "Authorization");
258
259 if (!auth_line) {
260 note_basic_auth_failure(r);
261 return HTTP_UNAUTHORIZED;
262 }
263
264 if (ap_cstr_casecmp(ap_getword(r->pool, &auth_line, ' '), "Basic")) {
265 /* Client tried to authenticate using wrong auth scheme */
266 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01614)
267 "client used wrong authentication scheme: %s", r->uri);
268 note_basic_auth_failure(r);
269 return HTTP_UNAUTHORIZED;
270 }
271
272 /* Skip leading spaces. */
273 while (*auth_line == ' ' || *auth_line == '\t') {
274 auth_line++;
275 }
276
277 decoded_line = ap_pbase64decode(r->pool, auth_line);
278
279 *user = ap_getword_nulls(r->pool, (const char**)&decoded_line, ':');
280 *pw = decoded_line;
281
282 /* set the user, even though the user is unauthenticated at this point */
283 r->user = (char *) *user;
284
285 return OK;
286}
287
288/* Determine user ID, and check if it really is that user, for HTTP
289 * basic authentication...

Callers 1

authenticate_basic_userFunction · 0.85

Calls 5

note_basic_auth_failureFunction · 0.85
ap_cstr_casecmpFunction · 0.85
ap_getwordFunction · 0.85
ap_pbase64decodeFunction · 0.85
ap_getword_nullsFunction · 0.85

Tested by

no test coverage detected