1/*
2 * Copyright 2010-2023 Haiku Inc. All rights reserved.
3 * Distributed under the terms of the MIT License.
4 */
5#ifndef _B_HTTP_AUTHENTICATION_H_
6#define _B_HTTP_AUTHENTICATION_H_
7
8
9#include <Locker.h>
10#include <String.h>
11#include <Url.h>
12
13
14namespace BPrivate {
15
16namespace Network {
17
18
19// HTTP authentication method
20enum BHttpAuthenticationMethod {
21	B_HTTP_AUTHENTICATION_NONE = 0,
22		// No authentication
23	B_HTTP_AUTHENTICATION_BASIC = 1,
24		// Basic base64 authentication method (unsecure)
25	B_HTTP_AUTHENTICATION_DIGEST = 2,
26		// Digest authentication
27	B_HTTP_AUTHENTICATION_IE_DIGEST = 4,
28		// Slightly modified digest authentication to mimic old IE one
29	B_HTTP_AUTHENTICATION_BEARER = 5
30		// Bearer authentication used to convey a token
31};
32
33
34enum BHttpAuthenticationAlgorithm {
35	B_HTTP_AUTHENTICATION_ALGORITHM_NONE,
36	B_HTTP_AUTHENTICATION_ALGORITHM_MD5,
37	B_HTTP_AUTHENTICATION_ALGORITHM_MD5_SESS
38};
39
40
41enum BHttpAuthenticationQop {
42	B_HTTP_QOP_NONE,
43	B_HTTP_QOP_AUTH,
44	B_HTTP_QOP_AUTHINT
45};
46
47
48class BHttpAuthentication {
49public:
50								BHttpAuthentication();
51								BHttpAuthentication(const BString& username,
52									const BString& password);
53								BHttpAuthentication(
54									const BHttpAuthentication& other);
55								BHttpAuthentication& operator=(
56									const BHttpAuthentication& other);
57
58	// Field modification
59			void				SetUserName(const BString& username);
60			void				SetPassword(const BString& password);
61			void				SetToken(const BString& token);
62			void				SetMethod(
63									BHttpAuthenticationMethod type);
64			status_t			Initialize(const BString& wwwAuthenticate);
65
66	// Field access
67			const BString&		UserName() const;
68			const BString&		Password() const;
69			const BString&		Token() const;
70			BHttpAuthenticationMethod Method() const;
71
72			BString				Authorization(const BUrl& url,
73									const BString& method) const;
74
75	// Base64 encoding
76	// TODO: Move to a common place. We may have multiple implementations
77	// in the Haiku tree...
78	static	BString				Base64Encode(const BString& string);
79	static	BString				Base64Decode(const BString& string);
80
81
82private:
83			BString				_DigestResponse(const BString& uri,
84									const BString& method) const;
85			// TODO: Rename these? _H seems to return a hash value,
86			// _KD returns a hash value of the "data" prepended by
87			// the "secret" string...
88			BString				_H(const BString& value) const;
89			BString				_KD(const BString& secret,
90									const BString& data) const;
91
92private:
93			BHttpAuthenticationMethod fAuthenticationMethod;
94			BString				fUserName;
95			BString				fPassword;
96			BString				fToken;
97
98			BString				fRealm;
99			BString				fDigestNonce;
100	mutable	BString				fDigestCnonce;
101	mutable int					fDigestNc;
102			BString				fDigestOpaque;
103			bool				fDigestStale;
104			BHttpAuthenticationAlgorithm fDigestAlgorithm;
105			BHttpAuthenticationQop fDigestQop;
106
107			BString				fAuthorizationString;
108
109	mutable	BLocker				fLock;
110};
111
112
113} // namespace Network
114
115} // namespace BPrivate
116
117
118#endif // _B_HTTP_AUTHENTICATION_H_
119