Changeset 5883 for pjproject

Timestamp:

Sep 7, 2018 2:56:38 AM (6 years ago)

Author:

ming

Message:

Fixed #2148: Add parsing support for the OAuth 2.0 authentication mechanism

Thanks to Joshua Colp for the patch submission.

Location:

pjproject/trunk/pjsip

Files:

• include/pjsip/sip_auth_msg.h (modified) (2 diffs)
• include/pjsip/sip_auth_parser.h (modified) (1 diff)
• src/pjsip/sip_auth_client.c (modified) (1 diff)
• src/pjsip/sip_auth_msg.c (modified) (2 diffs)
• src/pjsip/sip_auth_parser.c (modified) (1 diff)

pjproject/trunk/pjsip/include/pjsip/sip_auth_msg.h

@@ -90 +90 @@
 
 /**
+ * This structure describe credential used in Authorization and
+ * Proxy-Authorization header for OAuth authentication scheme.
+ */
+struct pjsip_oauth_credential
+{
+    pj_str_t    realm;          /**< Realm of the credential    */
+    pjsip_param other_param;    /**< Other parameters.          */
+    pj_str_t    username;       /**< Username parameter.        */
+    pj_str_t    token;          /**< Token parameter.           */
+};
+
+/**
+ * @see pjsip_oauth_credential
+ */
+typedef struct pjsip_oauth_credential pjsip_oauth_credential;
+
+/**
  * This structure describes SIP Authorization header (and also SIP
  * Proxy-Authorization header).
@@ -107 +124 @@
         pjsip_digest_credential digest; /**< Digest credentials.    */
         pjsip_pgp_credential    pgp;    /**< PGP credentials.       */
+        pjsip_oauth_credential  oauth;  /**< OAuth credentials.     */
     } credential;
 };

pjproject/trunk/pjsip/include/pjsip/sip_auth_parser.h

@@ -65 +65 @@
                         pjsip_DIGEST_STR,   /**< "digest" string const.     */
                         pjsip_PGP_STR,      /**< "pgp" string const.        */
+                        pjsip_BEARER_STR,   /**< "bearer" string const.     */
                         pjsip_MD5_STR,      /**< "md5" string const.        */
                         pjsip_AUTH_STR;     /**< "auth" string const.       */

pjproject/trunk/pjsip/src/pjsip/sip_auth_client.c

@@ -960 +960 @@
                 hs = pjsip_authorization_hdr_create(tdata->pool);
                 pj_strdup(tdata->pool, &hs->scheme, &c->scheme);
-                pj_strdup(tdata->pool, &hs->credential.digest.username,
-                          &c->username);
-                pj_strdup(tdata->pool, &hs->credential.digest.realm,
-                          &c->realm);
-                pj_strdup(tdata->pool, &hs->credential.digest.uri, &uri);
-                pj_strdup(tdata->pool, &hs->credential.digest.algorithm,
-                          &sess->pref.algorithm);
+                if (pj_stricmp(&c->scheme, &pjsip_BEARER_STR)==0) {
+                        pj_strdup(tdata->pool, &hs->credential.oauth.username,
+                                  &c->username);
+                        pj_strdup(tdata->pool, &hs->credential.oauth.realm,
+                                  &c->realm);
+                        pj_strdup(tdata->pool, &hs->credential.oauth.token,
+                                  &c->data);
+                } else { //if (pj_stricmp(&c->scheme, &pjsip_DIGEST_STR)==0)
+                        pj_strdup(tdata->pool, &hs->credential.digest.username,
+                                  &c->username);
+                        pj_strdup(tdata->pool, &hs->credential.digest.realm,
+                                  &c->realm);
+                        pj_strdup(tdata->pool,&hs->credential.digest.uri, &uri);
+                        pj_strdup(tdata->pool, &hs->credential.digest.algorithm,
+                                  &sess->pref.algorithm);
+                }
 
                 pjsip_msg_add_hdr(tdata->msg, (pjsip_hdr*)hs);

pjproject/trunk/pjsip/src/pjsip/sip_auth_msg.c

@@ -104 +104 @@
 }
 
+static int print_oauth_credential(pjsip_oauth_credential *cred, char *buf,
+                                  pj_size_t size)
+{
+    pj_ssize_t printed;
+    char *startbuf = buf;
+    char *endbuf = buf + size;
+
+    copy_advance_pair_quote_cond_always(buf, "token=", 6, cred->token,
+                                        '"', '"');
+    copy_advance_pair_quote_cond_always(buf, ", username=", 11, cred->username,
+                                        '"', '"');
+    copy_advance_pair_quote_cond_always(buf, ", realm=", 8, cred->realm,
+                                        '"', '"');
+
+    return (int) (buf-startbuf);
+}
+
 static int pjsip_authorization_hdr_print( pjsip_authorization_hdr *hdr,
                                           char *buf, pj_size_t size)
@@ -126 +143 @@
         printed = print_pgp_credential(&hdr->credential.pgp, buf, endbuf - buf);
     } 
+    else if (pj_stricmp(&hdr->scheme, &pjsip_BEARER_STR) == 0)
+    {
+        printed = print_oauth_credential(&hdr->credential.oauth, buf,
+                                         endbuf - buf);
+    }
     else {
         pj_assert(0);

pjproject/trunk/pjsip/src/pjsip/sip_auth_parser.c

@@ -60 +60 @@
                 pjsip_PGP_STR =             { "PGP", 3 },
                 pjsip_QUOTED_PGP_STR =      { "\"PGP\"", 5 },
+                pjsip_BEARER_STR =          { "Bearer", 6 },
                 pjsip_MD5_STR =             { "md5", 3 },
                 pjsip_QUOTED_MD5_STR =      { "\"md5\"", 5},