More digest authentication work ...basically functional now.

git-svn-id: svn+ssh://svn.gna.org/svn/gnustep/libs/base/trunk@23093 72102866-910b-0410-8b05-ffd578937521
2025-04-23 00:41:02 +00:00 · 2006-06-20 16:42:08 +00:00 · 2006-06-20 16:42:08 +00:00 · 334a957eb5
commit 334a957eb5
parent f405c0e088
4 changed files with 88 additions and 15 deletions
--- a/2
+++ b/2
@ -6,6 +6,8 @@
 	* Source/GSHTTPURLHandle.m: use GSHTTPAuthentication
 	Change class name to something more intuitive and add class methods
 	for mapping domains/URLs to protection space objects.
+	Update code to used cache protection space info to put digest
+	authorisation in place without waiting for challenge.

 2006-06-19  Richard Frith-Macdonald <rfm@gnu.org>

--- a/Source/GSFileHandle.m
+++ b/Source/GSFileHandle.m
@ -18,7 +18,8 @@

   You should have received a copy of the GNU Library General Public
   License along with this library; if not, write to the Free
-   Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02111 USA.
+   Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+   Boston, MA 02111 USA.
   */

 #define	_FILE_OFFSET_BITS 64
--- a/Source/GSHTTPAuthentication.m
+++ b/Source/GSHTTPAuthentication.m
@ -145,7 +145,7 @@ static GSMimeParser		*mimeParser = nil;
        {
 	  method = NSURLAuthenticationMethodHTTPBasic;
 	}
-      else if ([sc scanString: @"Digest" intoString: 0] == NO)
+      else if ([sc scanString: @"Digest" intoString: 0] == YES)
        {
 	  method = NSURLAuthenticationMethodHTTPDigest;
 	}
@ -171,10 +171,14 @@ static GSMimeParser		*mimeParser = nil;
 	    {
 	      realm = val;
 	    }
+	  if ([sc scanString: @"," intoString: 0] == NO)
+	    {
+	      break;	// No more in list.
+	    }
 	}
      if (realm == nil)
        {
-	  return nil;		// No real to authenticate in
+	  return nil;		// No realm to authenticate in
 	}

      /*
@ -240,10 +244,11 @@ static GSMimeParser		*mimeParser = nil;
  while (count-- > 0)
    {
      NSString	*key = [keys objectAtIndex: count];
+      unsigned	kl = [key length];

-      if (found == nil || [key length] > [found length])
+      if (found == nil || kl > [found length])
        {
-	  if ([path hasPrefix: key] == YES)
+	  if (kl == 0 || [path hasPrefix: key] == YES)
 	    {
 	      found = key;
 	    }
@ -278,18 +283,20 @@ static GSMimeParser		*mimeParser = nil;
  while ((domain = [e nextObject]) != nil)
    {
      NSURL			*u;
+      NSString			*path;
      NSNumber			*port;
      NSString			*scheme;
      NSString			*server;
      NSMutableDictionary	*sDict;

      u = [NSURL URLWithString: domain];
-      if (u == nil)
+      scheme = [u scheme];
+      if (scheme == nil)
        {
          u = [NSURL URLWithString: domain relativeToURL: base];
+          scheme = [u scheme];
 	}
      port = [u port];
-      scheme = [u scheme];
      if ([port intValue] == 80 && [scheme isEqualToString: @"http"])
        {
 	  port = nil;
@ -298,6 +305,11 @@ static GSMimeParser		*mimeParser = nil;
        {
 	  port = nil;
 	}
+      path = [u path];
+      if (path == nil)
+        {
+	  path = @"";
+	}
      if ([port intValue] == 0)
        {
          server = [NSString stringWithFormat: @"%@://%@",
--- a/Source/GSHTTPURLHandle.m
+++ b/Source/GSHTTPURLHandle.m
@ -419,19 +419,77 @@ static void debugWrite(GSHTTPURLHandle *handle, NSData *data)
    {
      if ([u user] != nil)
 	{
-	  NSString	*auth;
+	  NSString		*auth = nil;
+	  NSURLProtectionSpace	*space;

-	  if ([[u password] length] > 0)
+	  /*
+	   * If the URL we are loading is in a digest authentication space
+	   * we try to create an authorization header using any existing
+	   * cached information so that we can avoid the wasteful
+	   * challenge/response dialogue.
+	   */
+	  space = [GSHTTPAuthentication protectionSpaceForURL: u];
+	  if (space != nil && [[space authenticationMethod] isEqual:
+	    NSURLAuthenticationMethodHTTPDigest] == YES)
 	    {
-	      auth = [NSString stringWithFormat: @"%@:%@",
-		[u user], [u password]];
+	      NSURLCredential		*cred;
+	      GSHTTPAuthentication	*digest;
+	      NSString			*method;
+
+	      /*
+	       * Create credential from user and password
+	       * stored in the URL.
+	       */
+	      cred = [[NSURLCredential alloc]
+		initWithUser: [u user]
+		password: [u password]
+		persistence: NSURLCredentialPersistenceForSession];
+
+	      /*
+	       * Get the digest object and ask it for a header
+	       * to use for authorisation.
+	       */
+	      digest = [GSHTTPAuthentication
+		digestWithCredential: cred
+		inProtectionSpace: space];
+	      RELEASE(cred);
+
+	      method = [request objectForKey: GSHTTPPropertyMethodKey];
+	      if (method == nil)
+		{
+		  if ([wData length] > 0)
+		    {
+		      method = @"POST";
+		    }
+		  else
+		    {
+		      method = @"GET";
+		    }
+		}
+	      auth = [digest authorizationForAuthentication: nil
+						     method: method
+						       path: [u path]];
 	    }
-	  else
+
+	  if (auth == nil)
 	    {
-	      auth = [NSString stringWithFormat: @"%@", [u user]];
+	      /*
+	       * Not able to do a digest authentication,
+	       * so do a basic authentication in case the
+	       * server accepts it.
+	       */
+	      if ([[u password] length] > 0)
+		{
+		  auth = [NSString stringWithFormat: @"%@:%@",
+		    [u user], [u password]];
+		}
+	      else
+		{
+		  auth = [NSString stringWithFormat: @"%@", [u user]];
+		}
+	      auth = [NSString stringWithFormat: @"Basic %@",
+		[GSMimeDocument encodeBase64String: auth]];
 	    }
-	  auth = [NSString stringWithFormat: @"Basic %@",
-	    [GSMimeDocument encodeBase64String: auth]];
 	  NSMapInsert(wProperties, (void*)@"Authorization", (void*)auth);
 	}
    }