diff -r 000000000000 -r b16258d2340f httpfilters/httpfilterauthentication/Inc/HttpFilterDigestAuthentication.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/httpfilters/httpfilterauthentication/Inc/HttpFilterDigestAuthentication.h Tue Feb 02 01:09:52 2010 +0200 @@ -0,0 +1,239 @@ +/* +* Copyright (c) 2003 Nokia Corporation and/or its subsidiary(-ies). +* All rights reserved. +* This component and the accompanying materials are made available +* under the terms of "Eclipse Public License v1.0" +* which accompanies this distribution, and is available +* at the URL "http://www.eclipse.org/legal/epl-v10.html". +* +* Initial Contributors: +* Nokia Corporation - initial contribution. +* +* Contributors: +* +* Description: Digest Authentication filter. +* +*/ + + + +#ifndef HTTPFILTERDIGESTAUTHENTICATION_H +#define HTTPFILTERDIGESTAUTHENTICATION_H + +// INCLUDES +#include "HttpFilterAuthentication.h" + +// CONSTANTS + +// MACROS + +// DATA TYPES + +// FUNCTION PROTOTYPES + +// FORWARD DECLARATIONS + +// CLASS DECLARATION +class CMD5; + +/** +* Digest Authentication Filter implementation class. +* +* @lib cannot link with Ecom plugins +* @since 2.0 +*/ + +class CHttpFilterDigestAuthentication : public CHttpFilterAuthentication + { + enum + { + KAlgUnknown, + KAlgMd5, + KAlgMd5Sess + }; + + enum + { + KQopNone, + KQopAuth = 1, + KQopAuthInt = 2 + }; + + public: // Constructors and destructor + + /** + * Two-phased constructor. This function replaces NewL + */ + static CHttpFilterDigestAuthentication* InstallFilterL( TAny* aAuthenticationParams ); + + /** + * Destructor. + */ + virtual ~CHttpFilterDigestAuthentication(); + + public: // Functions from base classes + + + /** + * From MHTTPFilterBase Process a transaction event. + * @since 2.0 + * @param aTransaction The transaction for which an event occured + * @param aEvent The event to be processed + * @return void + */ + virtual void MHFRunL( RHTTPTransaction aTransaction, const THTTPEvent& aEvent ); + + protected: + + /** + * C++ default constructor. + */ + CHttpFilterDigestAuthentication( RHTTPSession* aSession, TBool aIsProxy ); + + /** + * By default Symbian 2nd phase constructor is private. + */ + void ConstructL( RHTTPSession aSession ); + + /** + * Parse "Authentication-Info" field in response header. + */ + void ParseAuthenticationInfoL( RHTTPTransaction aTransaction ); + + /** + * Provides a central point for all Tranaction handling. + */ + void DHandleTransactionL( RHTTPTransaction aTransaction ); + + /** + * Function to handle Submit events. We need to remove any + * username and password from the URI. + */ + void DSubmitL( RHTTPTransaction aTransaction ); + + /** + * Search list for matching credentials. + */ + TInt DFindCredentials( const RString& aRealm, const TUriC8& aURI ) ; + + /** + * Searches list for credentials that can be used with this URI + * without knowing the realm. + */ + TInt DFindCredentialsForURI( const TUriC8& aURI ) ; + + /** + * Find the Authentication header. + */ + TInt DFindHeaderPartToUseL( RHTTPTransaction aTransaction ) ; + + /** + * Find credentials from the transaction's properties. + */ + void DGetCredentialsFromPropertiesL( RHTTPTransaction& aTransaction ); + + /** + * Remove credentials from the list. + */ + void DRemoveCredentialsFromList( TInt aCredId ); + + /** + * Add new credential to list + */ + void DAddCredentialsToListL( RString aUsernameStr, + RString aPasswordStr, + RString aRealmStr, + RStringF aUriStr, + RString aOpaque, + RString aNonce, + TInt aQop, + TInt aAuthAlg); + + /** + * Encodes digest authentication + */ + void EncodeDigestAuthL( TInt aCred, RHTTPTransaction aTransaction ); + + /** + * Calculate H(A1). See section 3.2.2.2 + */ + TInt HA1L( int aAlgorithm, + const RString& aUsername, + const RString& aPW, + const RString& aRealm, + const RString& aNonceValue, + TDesC8& aCNonce, + TDes8& aResult); + + + /** + * Calculate H(A2). See section 3.2.2.3 + */ + TInt HA2L(const RStringF& aMethod, const RString& aRequestUri, TDes8& aResult); + + /** + * Calculate a hash and in the form of a 32 character hex result. + */ + void Hash(const TDesC8& aMessage, TDes8& aHash); + + /** + * Generate a cnonce value + */ + void GenerateCNonce( TDes8& aNonce ); + + /** + * Returns the requested uri + * that can be used in uri field or request header + * + * @param aTransaction current transaction + * @return requested URI + */ + RString RequestUriL( RHTTPTransaction& aTransaction ); + + /** + * Check and return QoP from the response header. + * @param aHeader authentication header + * @param aWwwAuthHeader authentication header name + * @param aHeaderPart which authentication header field in the response header + * @return one of KQopXXX enum. KQopAuth is prefered. + */ + TInt CheckQop( RHTTPHeaders& headers, + RStringF& aWwwAuthHeader, + TInt aHeaderPart ); + + + private: // Data + // Container for holding an internal storage of credentials + + class TDCredentials + { + public: + RStringToken iUser; ///< username + RStringToken iPassword; ///< password + RStringTokenF iURI; ///< uri + RStringToken iRealm; ///< Realm used - there may be multiple for each host + RStringToken iOpaque; + RStringToken iNonce; + TInt iQop; + TInt iAlgorithm; + TInt iNc; // nonce-count + }; + + // Internal list of valid credentials + RArray iDCredentials; + + RStringF iOpaqueStr; + RStringF iNonceStr; + RStringF iQopStr; + RStringF iStaleStr; + RStringF iAuthInfo; + RStringF iMd5Str; + RStringF iMd5SessStr; + RStringF iQopAuthStr; + TInt64 iSeed; + CMD5* iMD5Calculator; + }; + +#endif // HTTPFILTERDIGESTAUTHENTICATION_H + +// End of File