diff options
author | 2017-07-19 10:26:41 -0700 | |
---|---|---|
committer | 2017-07-19 10:26:41 -0700 | |
commit | f7350ea6b7b58d632bf4a8aafaa0354e022d9c0b (patch) | |
tree | bf1ca22ba21e82f0290f76d064df03e139614d5c /src/core/ext | |
parent | 19fc5526b2604b3dace6ebfa7f6ffb786fd6bba2 (diff) |
Adding connect auth feature. Proxy-Authorization header is being inserted when user creds are present in uri
Diffstat (limited to 'src/core/ext')
-rw-r--r-- | src/core/ext/filters/client_channel/http_proxy.c | 53 |
1 files changed, 41 insertions, 12 deletions
diff --git a/src/core/ext/filters/client_channel/http_proxy.c b/src/core/ext/filters/client_channel/http_proxy.c index cfb5ec6f00..faa4b3c319 100644 --- a/src/core/ext/filters/client_channel/http_proxy.c +++ b/src/core/ext/filters/client_channel/http_proxy.c @@ -30,13 +30,17 @@ #include "src/core/ext/filters/client_channel/uri_parser.h" #include "src/core/lib/channel/channel_args.h" #include "src/core/lib/support/env.h" +#include "src/core/lib/support/string.h" +#include "src/core/lib/slice/b64.h" -static char* grpc_get_http_proxy_server(grpc_exec_ctx* exec_ctx) { +static void grpc_get_http_proxy_server(grpc_exec_ctx* exec_ctx, + char **name_to_resolve, + char **user_cred) { + *name_to_resolve = NULL; char* uri_str = gpr_getenv("http_proxy"); - if (uri_str == NULL) return NULL; + if (uri_str == NULL) return; grpc_uri* uri = grpc_uri_parse(exec_ctx, uri_str, false /* suppress_errors */); - char* proxy_name = NULL; if (uri == NULL || uri->authority == NULL) { gpr_log(GPR_ERROR, "cannot parse value of 'http_proxy' env var"); goto done; @@ -45,15 +49,18 @@ static char* grpc_get_http_proxy_server(grpc_exec_ctx* exec_ctx) { gpr_log(GPR_ERROR, "'%s' scheme not supported in proxy URI", uri->scheme); goto done; } - if (strchr(uri->authority, '@') != NULL) { - gpr_log(GPR_ERROR, "userinfo not supported in proxy URI"); - goto done; + char *user_cred_end = strchr(uri->authority, '@'); + if (user_cred_end != NULL) { + *name_to_resolve = gpr_strdup(user_cred_end + 1); + *user_cred_end = '\0'; + *user_cred = gpr_strdup(uri->authority); + gpr_log(GPR_INFO, "userinfo found in proxy URI"); + } else { + *name_to_resolve = gpr_strdup(uri->authority); } - proxy_name = gpr_strdup(uri->authority); done: gpr_free(uri_str); grpc_uri_destroy(uri); - return proxy_name; } static bool proxy_mapper_map_name(grpc_exec_ctx* exec_ctx, @@ -62,7 +69,8 @@ static bool proxy_mapper_map_name(grpc_exec_ctx* exec_ctx, const grpc_channel_args* args, char** name_to_resolve, grpc_channel_args** new_args) { - *name_to_resolve = grpc_get_http_proxy_server(exec_ctx); + char *user_cred = NULL; + grpc_get_http_proxy_server(exec_ctx, name_to_resolve, &user_cred); if (*name_to_resolve == NULL) return false; grpc_uri* uri = grpc_uri_parse(exec_ctx, server_uri, false /* suppress_errors */); @@ -71,19 +79,40 @@ static bool proxy_mapper_map_name(grpc_exec_ctx* exec_ctx, "'http_proxy' environment variable set, but cannot " "parse server URI '%s' -- not using proxy", server_uri); - if (uri != NULL) grpc_uri_destroy(uri); + if (uri != NULL) { + gpr_free(user_cred); + grpc_uri_destroy(uri); + } return false; } if (strcmp(uri->scheme, "unix") == 0) { gpr_log(GPR_INFO, "not using proxy for Unix domain socket '%s'", server_uri); + gpr_free(user_cred); grpc_uri_destroy(uri); return false; } - grpc_arg new_arg = grpc_channel_arg_string_create( + + grpc_arg args_to_add[2]; + args_to_add[0] = grpc_channel_arg_string_create( GRPC_ARG_HTTP_CONNECT_SERVER, uri->path[0] == '/' ? uri->path + 1 : uri->path); - *new_args = grpc_channel_args_copy_and_add(args, &new_arg, 1); + + if(user_cred != NULL) { + /* Use base64 encoding for user credentials */ + char *encoded_user_cred = + grpc_base64_encode(user_auth, strlen(user_cred), 0, 0); + char *header; + gpr_asprintf(&header, "Proxy-Authorization:Basic %s", encoded_user_cred); + gpr_free(encoded_user_cred); + args_to_add[1] = grpc_channel_arg_string_create( + GRPC_ARG_HTTP_CONNECT_HEADERS, header); + *new_args = grpc_channel_args_copy_and_add(args, args_to_add, 2); + gpr_free(header); + } else { + *new_args = grpc_channel_args_copy_and_add(args, args_to_add, 1); + } + gpr_free(user_cred); grpc_uri_destroy(uri); return true; } |