1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136
//! Challenge for the "Basic" HTTP Authentication Scheme.
use std::{borrow::Cow, fmt, str};
use actix_web::{
http::header::{HeaderValue, InvalidHeaderValue, TryIntoHeaderValue},
web::{BufMut, Bytes, BytesMut},
};
use super::Challenge;
use crate::utils;
/// Challenge for [`WWW-Authenticate`] header with HTTP Basic auth scheme,
/// described in [RFC 7617](https://tools.ietf.org/html/rfc7617)
///
/// # Examples
/// ```
/// # use actix_web::{web, App, HttpRequest, HttpResponse, HttpServer};
/// use actix_web_httpauth::headers::www_authenticate::basic::Basic;
/// use actix_web_httpauth::headers::www_authenticate::WwwAuthenticate;
///
/// fn index(_req: HttpRequest) -> HttpResponse {
/// let challenge = Basic::with_realm("Restricted area");
///
/// HttpResponse::Unauthorized()
/// .insert_header(WwwAuthenticate(challenge))
/// .finish()
/// }
/// ```
///
/// [`WWW-Authenticate`]: ../struct.WwwAuthenticate.html
#[derive(Eq, PartialEq, Ord, PartialOrd, Hash, Debug, Default, Clone)]
pub struct Basic {
// "realm" parameter is optional now: https://tools.ietf.org/html/rfc7235#appendix-A
pub(crate) realm: Option<Cow<'static, str>>,
}
impl Basic {
/// Creates new `Basic` challenge with an empty `realm` field.
///
/// # Examples
/// ```
/// # use actix_web_httpauth::headers::www_authenticate::basic::Basic;
/// let challenge = Basic::new();
/// ```
pub fn new() -> Basic {
Default::default()
}
/// Creates new `Basic` challenge from the provided `realm` field value.
///
/// # Examples
///
/// ```
/// # use actix_web_httpauth::headers::www_authenticate::basic::Basic;
/// let challenge = Basic::with_realm("Restricted area");
/// ```
///
/// ```
/// # use actix_web_httpauth::headers::www_authenticate::basic::Basic;
/// let my_realm = "Earth realm".to_string();
/// let challenge = Basic::with_realm(my_realm);
/// ```
pub fn with_realm<T>(value: T) -> Basic
where
T: Into<Cow<'static, str>>,
{
Basic {
realm: Some(value.into()),
}
}
}
#[doc(hidden)]
impl Challenge for Basic {
fn to_bytes(&self) -> Bytes {
// 5 is for `"Basic"`, 9 is for `"realm=\"\""`
let length = 5 + self.realm.as_ref().map_or(0, |realm| realm.len() + 9);
let mut buffer = BytesMut::with_capacity(length);
buffer.put(&b"Basic"[..]);
if let Some(ref realm) = self.realm {
buffer.put(&b" realm=\""[..]);
utils::put_quoted(&mut buffer, realm);
buffer.put_u8(b'"');
}
buffer.freeze()
}
}
impl fmt::Display for Basic {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> Result<(), fmt::Error> {
let bytes = self.to_bytes();
let repr = str::from_utf8(&bytes)
// Should not happen since challenges are crafted manually
// from a `&'static str` or `String`
.map_err(|_| fmt::Error)?;
f.write_str(repr)
}
}
impl TryIntoHeaderValue for Basic {
type Error = InvalidHeaderValue;
fn try_into_value(self) -> Result<HeaderValue, Self::Error> {
HeaderValue::from_maybe_shared(self.to_bytes())
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_plain_into_header_value() {
let challenge = Basic { realm: None };
let value = challenge.try_into_value();
assert!(value.is_ok());
let value = value.unwrap();
assert_eq!(value, "Basic");
}
#[test]
fn test_with_realm_into_header_value() {
let challenge = Basic {
realm: Some("Restricted area".into()),
};
let value = challenge.try_into_value();
assert!(value.is_ok());
let value = value.unwrap();
assert_eq!(value, "Basic realm=\"Restricted area\"");
}
}