UserRequest.h
Go to the documentation of this file.
1/*
2 * Copyright (C) 1996-2023 The Squid Software Foundation and contributors
3 *
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
7 */
8
9#ifndef SQUID_AUTH_USERREQUEST_H
10#define SQUID_AUTH_USERREQUEST_H
11
12#if USE_AUTH
13
14#include "AccessLogEntry.h"
15#include "auth/AuthAclState.h"
16#include "auth/Scheme.h"
17#include "auth/User.h"
18#include "dlink.h"
19#include "helper/forward.h"
20#include "HttpHeader.h"
21#include "ip/Address.h"
22
23class ConnStateData;
24class HttpReply;
25class HttpRequest;
26
30// XXX: Keep in sync with all others: bzr grep 'define MAX_AUTHTOKEN_LEN'
31#define MAX_AUTHTOKEN_LEN 65535
32
38{
40
41public:
42 AuthUserIP(const Ip::Address &ip, time_t t) : ipaddr(ip), ip_expiretime(t) {}
43
45
48
54};
55
56// TODO: make auth schedule AsyncCalls?
57typedef void AUTHCB(void*);
58
59namespace Auth
60{
61
62// NP: numeric values specified for old code backward compatibility.
63// remove after transition is complete
68 CRED_ERROR = -2
69};
70
78{
79public:
81
83 ~UserRequest() override;
84 void *operator new(size_t byteCount);
85 void operator delete(void *address);
86
87public:
94
108
115 virtual int authenticated() const = 0;
116
127 bool valid() const;
128
129 virtual void authenticate(HttpRequest * request, ConnStateData * conn, Http::HdrType type) = 0;
130
131 /* template method - what needs to be done next? advertise schemes, challenge, handle error, nothing? */
133
134 /* add the [Proxy-]Authentication-Info header */
135 virtual void addAuthenticationInfoHeader(HttpReply * rep, int accel);
136
137 /* add the [Proxy-]Authentication-Info trailer */
138 virtual void addAuthenticationInfoTrailer(HttpReply * rep, int accel);
139
140 virtual void releaseAuthServer();
141
142 // User credentials object this UserRequest is managing
143 virtual User::Pointer user() {return _auth_user;}
144 virtual const User::Pointer user() const {return _auth_user;}
145 virtual void user(User::Pointer aUser) {_auth_user=aUser;}
146
166
168 static void AddReplyAuthHeader(HttpReply * rep, UserRequest::Pointer auth_user_request, HttpRequest * request, int accelerated, int internal);
169
180 void start(HttpRequest *request, AccessLogEntry::Pointer &al, AUTHCB *handler, void *data);
181
182 char const * denyMessage(char const * const default_message = nullptr) const;
183
185 void setDenyMessage(char const *);
186
188 char const * getDenyMessage() const;
189
198 char const *username() const;
199
200 Scheme::Pointer scheme() const;
201
202 virtual const char * connLastHeader();
203
207 virtual const char *credentialsStr() = 0;
208
210
212 void denyMessageFromHelper(char const *proto, const Helper::Reply &reply);
213
214protected:
220 virtual void startHelperLookup(HttpRequest *request, AccessLogEntry::Pointer &al, AUTHCB *handler, void *data) = 0;
221
222private:
223
224 static AuthAclState authenticate(UserRequest::Pointer * auth_user_request, Http::HdrType headertype, HttpRequest * request, ConnStateData * conn, Ip::Address &src_addr, AccessLogEntry::Pointer &al);
225
227 char *message;
228
235};
236
237} // namespace Auth
238
239/* AuthUserRequest */
240
247
251
252#endif /* USE_AUTH */
253#endif /* SQUID_AUTHUSERREQUEST_H */
254
AuthAclState
Definition: AuthAclState.h:14
#define RefCountable
The locking interface for use on Reference-Counted classes.
Definition: Lock.h:66
int conn
the current server connection FD
Definition: Transport.cc:26
void authenticateAuthUserRequestRemoveIp(Auth::UserRequest::Pointer, Ip::Address const &)
Definition: UserRequest.cc:147
int authenticateAuthUserRequestIPCount(Auth::UserRequest::Pointer)
Definition: UserRequest.cc:165
void authenticateAuthUserRequestClearIp(Auth::UserRequest::Pointer)
Definition: UserRequest.cc:158
void AUTHCB(void *)
Definition: UserRequest.h:57
int authenticateUserAuthenticated(Auth::UserRequest::Pointer)
Definition: UserRequest.cc:176
Ip::Address ipaddr
IP address this user authenticated from.
Definition: UserRequest.h:47
dlink_node node
Definition: UserRequest.h:44
AuthUserIP(const Ip::Address &ip, time_t t)
Definition: UserRequest.h:42
time_t ip_expiretime
Definition: UserRequest.h:53
MEMPROXY_CLASS(AuthUserIP)
virtual void addAuthenticationInfoHeader(HttpReply *rep, int accel)
Definition: UserRequest.cc:197
static AuthAclState tryToAuthenticateAndSetAuthUser(UserRequest::Pointer *aUR, Http::HdrType, HttpRequest *, ConnStateData *, Ip::Address &, AccessLogEntry::Pointer &)
Definition: UserRequest.cc:437
const char * helperRequestKeyExtras(HttpRequest *, AccessLogEntry::Pointer &al)
Definition: UserRequest.cc:547
static void AddReplyAuthHeader(HttpReply *rep, UserRequest::Pointer auth_user_request, HttpRequest *request, int accelerated, int internal)
Add the appropriate [Proxy-]Authenticate header to the given reply.
Definition: UserRequest.cc:479
void setDenyMessage(char const *)
Definition: UserRequest.cc:114
void denyMessageFromHelper(char const *proto, const Helper::Reply &reply)
Sets the reason of 'authentication denied' helper response.
Definition: UserRequest.cc:564
virtual void startHelperLookup(HttpRequest *request, AccessLogEntry::Pointer &al, AUTHCB *handler, void *data)=0
Scheme::Pointer scheme() const
Definition: UserRequest.cc:541
virtual const char * credentialsStr()=0
virtual void releaseAuthServer()
Definition: UserRequest.cc:205
virtual int authenticated() const =0
virtual const User::Pointer user() const
Definition: UserRequest.h:144
virtual void addAuthenticationInfoTrailer(HttpReply *rep, int accel)
Definition: UserRequest.cc:201
virtual Direction module_direction()=0
bool valid() const
Definition: UserRequest.cc:53
char const * denyMessage(char const *const default_message=nullptr) const
Definition: UserRequest.cc:127
User::Pointer _auth_user
Definition: UserRequest.h:93
void start(HttpRequest *request, AccessLogEntry::Pointer &al, AUTHCB *handler, void *data)
Definition: UserRequest.cc:44
char const * getDenyMessage() const
Definition: UserRequest.cc:121
Direction direction()
Definition: UserRequest.cc:185
AuthAclState lastReply
Definition: UserRequest.h:234
virtual void user(User::Pointer aUser)
Definition: UserRequest.h:145
virtual const char * connLastHeader()
Definition: UserRequest.cc:209
char const * username() const
Definition: UserRequest.cc:32
virtual User::Pointer user()
Definition: UserRequest.h:143
virtual void authenticate(HttpRequest *request, ConnStateData *conn, Http::HdrType type)=0
RefCount< Auth::UserRequest > Pointer
Definition: UserRequest.h:80
~UserRequest() override
Definition: UserRequest.cc:100
HTTP Authentication.
Definition: Config.h:19
Direction
Definition: UserRequest.h:64
@ CRED_ERROR
ERROR in the auth module. Cannot determine the state of this request.
Definition: UserRequest.h:68
@ CRED_CHALLENGE
Client needs to be challenged. secure token.
Definition: UserRequest.h:65
@ CRED_LOOKUP
Credentials need to be validated with the backend helper.
Definition: UserRequest.h:67
@ CRED_VALID
Credentials are valid and a up to date. The OK/Failed state is accurate.
Definition: UserRequest.h:66
static void handler(int signo)
Definition: purge.cc:858

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors