From e6e9a49d66681ed042ec9abb0a84bef2cd80a546 Mon Sep 17 00:00:00 2001 From: sebgod Date: Thu, 19 Dec 2013 10:45:19 +0100 Subject: [PATCH 1/2] added Authorization Info to request context --- src/httpsys.cc | 39 +++++++++++++++++++++++++++++++++++++-- src/httpsys.h | 1 + 2 files changed, 38 insertions(+), 2 deletions(-) diff --git a/src/httpsys.cc b/src/httpsys.cc index ed77183..2b69784 100644 --- a/src/httpsys.cc +++ b/src/httpsys.cc @@ -67,6 +67,11 @@ Handle v8validFrom; Handle v8validTo; Handle v8fingerprint; Handle v8encoded; +Handle v8clientAuthorization; +Handle v8authStatus; +Handle v8authType; +Handle v8authFlags; +Handle v8authAccessToken; // Maps HTTP_HEADER_ID enum to v8 string // http://msdn.microsoft.com/en-us/library/windows/desktop/aa364526(v=vs.85).aspx @@ -281,12 +286,12 @@ void httpsys_new_request_callback(uv_async_t* handle, int status) if (S_OK != overlappedResult) { // Async completion failed - notify JavaScript - + httpsys_notify_error( uv_httpsys, HTTPSYS_ERROR_NEW_REQUEST, (unsigned int)overlappedResult); - + httpsys_free(uv_httpsys, TRUE); uv_httpsys = NULL; } @@ -374,6 +379,17 @@ void httpsys_new_request_callback(uv_async_t* handle, int status) httpsys_create_client_cert_info(request->pSslInfo->pClientCertInfo)); } + // Add Client Authorization info + + for(USHORT i = 0; i < request->RequestInfoCount;++i) + { + if(request->pRequestInfo[i].InfoType != HttpRequestInfoTypeAuth) continue; + HTTP_REQUEST_AUTH_INFO *authInfo = (HTTP_REQUEST_AUTH_INFO *)request->pRequestInfo[i].pInfo; + if (authInfo) + req->Set(v8clientAuthorization, httpsys_create_client_auth_info(authInfo)); + break; + } + // Invoke the JavaScript callback passing event as the only paramater Handle result = httpsys_make_callback(event); @@ -401,6 +417,20 @@ void httpsys_new_request_callback(uv_async_t* handle, int status) } } +Handle httpsys_create_client_auth_info(PHTTP_REQUEST_AUTH_INFO info) +{ + HandleScope scope; + + Handle authInfo = Object::New(); + + authInfo->Set(v8authStatus, Integer::New(info->AuthStatus)); + authInfo->Set(v8authType, Integer::New(info->AuthType)); + authInfo->Set(v8authFlags, Integer::New(info->Flags)); + authInfo->Set(v8authAccessToken, Number::New(static_cast((intptr_t)(info->AccessToken)))); + + return scope.Close(authInfo); +} + Handle httpsys_create_client_cert_info(PHTTP_SSL_CLIENT_CERT_INFO info) { HandleScope scope; @@ -1682,6 +1712,11 @@ void init(Handle target) v8validTo = Persistent::New(String::NewSymbol("valid_to")); v8fingerprint = Persistent::New(String::NewSymbol("fingerprint")); v8encoded = Persistent::New(String::NewSymbol("encoded")); + v8clientAuthorization = Persistent::New(String::NewSymbol("clientAuthorization")); + v8authAccessToken = Persistent::New(String::NewSymbol("authAccessToken")); + v8authFlags = Persistent::New(String::NewSymbol("authFlags")); + v8authType = Persistent::New(String::NewSymbol("authType")); + v8authStatus = Persistent::New(String::NewSymbol("authStatus")); // Capture the constructor function of JavaScript Buffer implementation diff --git a/src/httpsys.h b/src/httpsys.h index 12e46ef..7d8f069 100644 --- a/src/httpsys.h +++ b/src/httpsys.h @@ -99,6 +99,7 @@ HRESULT httpsys_uv_httpsys_init(uv_httpsys_t* uv_httpsys, uv_async_cb callback); HRESULT httpsys_uv_httpsys_close(uv_httpsys_t* uv_httpsys); void httpsys_close_uv_async_cb(uv_handle_t* uv_handle); Handle httpsys_create_client_cert_info(PHTTP_SSL_CLIENT_CERT_INFO info); +Handle httpsys_create_client_auth_info(PHTTP_REQUEST_AUTH_INFO info); // HTTP processing state machine actions and events From c5481703051ccaea01756ba19a939bfb99b080fc Mon Sep 17 00:00:00 2001 From: sebgod Date: Thu, 2 Jan 2014 15:21:13 +0100 Subject: [PATCH 2/2] add HTTP_SERVER_AUTHENTICATION_INFO group property hard-code authConfig.AuthSchemes = HTTP_AUTH_ENABLE_NEGOTIATE for now. need to use environment variable --- lib/ServerRequest.js | 5 +++++ src/httpsys.cc | 13 +++++++++++-- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/lib/ServerRequest.js b/lib/ServerRequest.js index 5f4ad09..e5a5efe 100644 --- a/lib/ServerRequest.js +++ b/lib/ServerRequest.js @@ -19,6 +19,11 @@ function ServerRequest(socket) { events.EventEmitter.call(this); this.socket = this.connection = socket; + var clientAuthorizationInfo = this.socket._requestContext.req.clientAuthorization; + if (clientAuthorizationInfo) { + delete this.socket._requestContext.req.clientAuthorizationInfo; + } + var clientCertInfo = this.socket._requestContext.req.clientCertInfo; if (clientCertInfo) { delete this.socket._requestContext.req.clientCertInfo; diff --git a/src/httpsys.cc b/src/httpsys.cc index 2b69784..668fcd7 100644 --- a/src/httpsys.cc +++ b/src/httpsys.cc @@ -365,7 +365,7 @@ void httpsys_new_request_callback(uv_async_t* handle, int status) req->Set(v8httpVersionMajor, Integer::NewFromUnsigned(request->Version.MajorVersion)); req->Set(v8httpVersionMinor, Integer::NewFromUnsigned(request->Version.MinorVersion)); - + // Add URL information req->Set(v8url, String::New(request->pRawUrl, request->RawUrlLength)); @@ -1076,7 +1076,16 @@ Handle httpsys_listen(const Arguments& args) &requestQueueLength, sizeof(requestQueueLength), 0, - NULL)); + NULL)); + + // Enable Negotiate Authentication + + HTTP_SERVER_AUTHENTICATION_INFO authConfig = {0}; + authConfig.Flags.Present = 1; + authConfig.AuthSchemes = HTTP_AUTH_ENABLE_NEGOTIATE; + + CheckError(HttpSetUrlGroupProperty(uv_httpsys_server->groupId, + HttpServerAuthenticationProperty, &authConfig,sizeof(HTTP_SERVER_AUTHENTICATION_INFO))); // Bind the request queue with the URL group to enable receiving // HTTP traffic on the request queue.