1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
use rustc_serialize::base64::FromBase64;
use Request;
pub use self::json::get_json_input;
pub use self::post::get_post_input;
pub use self::session::{SessionsManager, Session, generate_session_id};
pub mod json;
pub mod post;
mod session;
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct HttpAuthCredentials {
pub login: String,
pub password: String,
}
pub fn get_basic_http_auth(request: &Request) -> Option<HttpAuthCredentials> {
let header = match request.header("Authorization") {
None => return None,
Some(h) => h,
};
let mut split = header.splitn(2, |c| c == ' ');
let authtype = match split.next() { None => return None, Some(t) => t };
if authtype != "Basic" {
return None;
}
let authvalue = match split.next() { None => return None, Some(v) => v };
let authvalue = match authvalue.from_base64() { Ok(v) => v, Err(_) => return None };
let mut split = authvalue.splitn(2, |&c| c == b':');
let login = match split.next() { Some(l) => l, None => return None };
let pass = match split.next() { Some(p) => p, None => return None };
let login = match String::from_utf8(login.to_owned()) { Ok(l) => l, Err(_) => return None };
let pass = match String::from_utf8(pass.to_owned()) { Ok(p) => p, Err(_) => return None };
Some(HttpAuthCredentials {
login: login,
password: pass,
})
}
pub fn get_cookies(request: &Request) -> Vec<(String, String)> {
let header = match request.header("Cookie") {
None => return Vec::new(),
Some(h) => h,
};
header
.split(|c| c == ';')
.filter_map(|cookie| {
let mut splits = cookie.splitn(2, |c| c == '=');
let key = match splits.next() { None => return None, Some(v) => v };
let value = match splits.next() { None => return None, Some(v) => v };
let key = key.trim().to_owned();
let value = value.trim().trim_matches(|c| c == '"').to_owned();
Some((key, value))
})
.collect()
}
#[cfg(test)]
mod test {
use Request;
use super::HttpAuthCredentials;
use super::get_basic_http_auth;
use super::get_cookies;
#[test]
fn basic_http_auth_no_header() {
let request = Request::fake_http("GET", "/", vec![], Vec::new());
assert_eq!(get_basic_http_auth(&request), None);
}
#[test]
fn basic_http_auth_wrong_header() {
let request = Request::fake_http("GET", "/",
vec![("Authorization".to_owned(),
"hello world".to_owned())],
Vec::new());
assert_eq!(get_basic_http_auth(&request), None);
let request = Request::fake_http("GET", "/",
vec![("Authorization".to_owned(),
"Basic \0\0".to_owned())],
Vec::new());
assert_eq!(get_basic_http_auth(&request), None);
}
#[test]
fn basic_http_auth_ok() {
let request = Request::fake_http("GET", "/",
vec![("Authorization".to_owned(),
"Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==".to_owned())],
Vec::new());
assert_eq!(get_basic_http_auth(&request), Some(HttpAuthCredentials {
login: "Aladdin".to_owned(),
password: "open sesame".to_owned(),
}));
}
#[test]
fn cookies_ok() {
let request = Request::fake_http("GET", "/",
vec![("Cookie".to_owned(),
"a=b; hello=world".to_owned())],
Vec::new());
assert_eq!(get_cookies(&request), vec![
("a".to_owned(), "b".to_owned()),
("hello".to_owned(), "world".to_owned())
]);
}
}