historical/toontown-classic.git/panda/include/httpDigestAuthorization.h
2024-01-16 11:20:27 -06:00

94 lines
2.8 KiB
C++

/**
* PANDA 3D SOFTWARE
* Copyright (c) Carnegie Mellon University. All rights reserved.
*
* All use of this software is subject to the terms of the revised BSD
* license. You should have received a copy of this license along
* with this source code in a file named "LICENSE."
*
* @file httpDigestAuthorization.h
* @author drose
* @date 2002-10-25
*/
#ifndef HTTPDIGESTAUTHORIZATION_H
#define HTTPDIGESTAUTHORIZATION_H
#include "pandabase.h"
// This module requires OpenSSL to compile, even though it doesn't actually
// use any OpenSSL code, because it is a support module for HTTPChannel, which
// *does* use OpenSSL code.
#ifdef HAVE_OPENSSL
#include "httpAuthorization.h"
/**
* Implements the "Digest" type of HTTP authorization. This is designed to be
* an improvement over "Basic" authorization, in that it does not send
* passwords over the net in cleartext, and it is harder to spoof.
*/
class HTTPDigestAuthorization : public HTTPAuthorization {
public:
HTTPDigestAuthorization(const Tokens &tokens, const URLSpec &url,
bool is_proxy);
virtual ~HTTPDigestAuthorization();
virtual const std::string &get_mechanism() const;
virtual bool is_valid();
virtual std::string generate(HTTPEnum::Method method, const std::string &request_path,
const std::string &username, const std::string &body);
public:
enum Algorithm {
A_unknown,
A_md5,
A_md5_sess,
};
enum Qop {
// These are used as a bitfield.
Q_unused = 0x000,
Q_auth = 0x001,
Q_auth_int = 0x002,
};
private:
static int match_qop_token(const std::string &token);
std::string calc_request_digest(const std::string &username, const std::string &password,
HTTPEnum::Method method,
const std::string &request_path, const std::string &body);
std::string calc_h(const std::string &data) const;
std::string calc_kd(const std::string &secret, const std::string &data) const;
std::string get_a1(const std::string &username, const std::string &password);
std::string get_a2(HTTPEnum::Method method, const std::string &request_path,
const std::string &body);
std::string get_hex_nonce_count() const;
static std::string calc_md5(const std::string &source);
INLINE static char hexdigit(int value);
std::string _cnonce;
std::string _nonce;
int _nonce_count;
std::string _opaque;
Algorithm _algorithm;
std::string _a1;
int _qop;
Qop _chosen_qop;
static const std::string _mechanism;
};
std::ostream &operator << (std::ostream &out, HTTPDigestAuthorization::Algorithm algorithm);
std::ostream &operator << (std::ostream &out, HTTPDigestAuthorization::Qop qop);
#include "httpDigestAuthorization.I"
#endif // HAVE_OPENSSL
#endif