xmrig/src/common/api/HttpRequest.cpp

176 lines
4.9 KiB
C++
Raw Normal View History

2018-03-27 07:01:38 +00:00
/* XMRig
* Copyright 2010 Jeff Garzik <jgarzik@pobox.com>
* Copyright 2012-2014 pooler <pooler@litecoinpool.org>
* Copyright 2014 Lucas Jones <https://github.com/lucasjones>
* Copyright 2014-2016 Wolf9466 <https://github.com/OhGodAPet>
* Copyright 2016 Jay D Dee <jayddee246@gmail.com>
* Copyright 2017-2018 XMR-Stak <https://github.com/fireice-uk>, <https://github.com/psychocrypt>
* Copyright 2016-2018 XMRig <https://github.com/xmrig>, <support@xmrig.com>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <microhttpd.h>
#include <string.h>
2018-04-13 00:12:53 +00:00
#include "common/api/HttpBody.h"
#include "common/api/HttpRequest.h"
#include "common/api/HttpReply.h"
2018-03-27 07:01:38 +00:00
#ifndef MHD_HTTP_PAYLOAD_TOO_LARGE
# define MHD_HTTP_PAYLOAD_TOO_LARGE 413
#endif
xmrig::HttpRequest::HttpRequest(MHD_Connection *connection, const char *url, const char *method, const char *uploadData, size_t *uploadSize, void **cls) :
m_fulfilled(true),
m_restricted(true),
m_uploadData(uploadData),
m_url(url),
m_body(static_cast<HttpBody*>(*cls)),
m_method(Unsupported),
m_connection(connection),
m_uploadSize(uploadSize),
m_cls(cls)
{
if (strcmp(method, MHD_HTTP_METHOD_OPTIONS) == 0) {
m_method = Options;
}
else if (strcmp(method, MHD_HTTP_METHOD_GET) == 0) {
m_method = Get;
}
else if (strcmp(method, MHD_HTTP_METHOD_PUT) == 0) {
m_method = Put;
}
}
xmrig::HttpRequest::~HttpRequest()
{
if (m_fulfilled) {
delete m_body;
}
}
bool xmrig::HttpRequest::match(const char *path) const
{
return strcmp(m_url, path) == 0;
}
bool xmrig::HttpRequest::process(const char *accessToken, bool restricted, xmrig::HttpReply &reply)
{
m_restricted = restricted || !accessToken;
if (m_body) {
if (*m_uploadSize != 0) {
if (!m_body->write(m_uploadData, *m_uploadSize)) {
*m_cls = nullptr;
m_fulfilled = true;
reply.status = MHD_HTTP_PAYLOAD_TOO_LARGE;
return false;
}
*m_uploadSize = 0;
m_fulfilled = false;
return true;
}
m_fulfilled = true;
return true;
}
reply.status = auth(accessToken);
if (reply.status != MHD_HTTP_OK) {
return false;
}
if (m_restricted && m_method != Get) {
reply.status = MHD_HTTP_FORBIDDEN;
return false;
}
if (m_method == Get) {
return true;
}
const char *contentType = MHD_lookup_connection_value(m_connection, MHD_HEADER_KIND, "Content-Type");
if (!contentType || strcmp(contentType, "application/json") != 0) {
reply.status = MHD_HTTP_UNSUPPORTED_MEDIA_TYPE;
return false;
}
m_body = new xmrig::HttpBody();
m_fulfilled = false;
*m_cls = m_body;
return true;
}
const char *xmrig::HttpRequest::body() const
{
return m_body ? m_body->data() : nullptr;
}
int xmrig::HttpRequest::end(const HttpReply &reply)
{
if (reply.buf) {
return end(reply.status, MHD_create_response_from_buffer(reply.size ? reply.size : strlen(reply.buf), (void*) reply.buf, MHD_RESPMEM_MUST_FREE));
}
return end(reply.status, nullptr);
}
int xmrig::HttpRequest::end(int status, MHD_Response *rsp)
{
if (!rsp) {
rsp = MHD_create_response_from_buffer(0, nullptr, MHD_RESPMEM_PERSISTENT);
}
MHD_add_response_header(rsp, "Content-Type", "application/json");
MHD_add_response_header(rsp, "Access-Control-Allow-Origin", "*");
MHD_add_response_header(rsp, "Access-Control-Allow-Methods", "GET, PUT");
MHD_add_response_header(rsp, "Access-Control-Allow-Headers", "Authorization");
const int ret = MHD_queue_response(m_connection, status, rsp);
MHD_destroy_response(rsp);
return ret;
}
int xmrig::HttpRequest::auth(const char *accessToken)
{
if (!accessToken) {
return MHD_HTTP_OK;
}
const char *header = MHD_lookup_connection_value(m_connection, MHD_HEADER_KIND, "Authorization");
if (accessToken && !header) {
return MHD_HTTP_UNAUTHORIZED;
}
const size_t size = strlen(header);
if (size < 8 || strlen(accessToken) != size - 7 || memcmp("Bearer ", header, 7) != 0) {
return MHD_HTTP_FORBIDDEN;
}
return strncmp(accessToken, header + 7, strlen(accessToken)) == 0 ? MHD_HTTP_OK : MHD_HTTP_FORBIDDEN;
}