// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
-#if NET_2_0
+
+#if SECURITY_DEP
+
using System.Collections.Specialized;
using System.IO;
using System.Security.Principal;
using System.Text;
+using System.Threading.Tasks;
+using System.Net.WebSockets;
+
namespace System.Net {
public sealed class HttpListenerContext {
HttpListenerRequest request;
public IPrincipal User {
get { return user; }
}
+
+ internal void ParseAuthentication (AuthenticationSchemes expectedSchemes) {
+ if (expectedSchemes == AuthenticationSchemes.Anonymous)
+ return;
+
+ // TODO: Handle NTLM/Digest modes
+ string header = request.Headers ["Authorization"];
+ if (header == null || header.Length < 2)
+ return;
+
+ string [] authenticationData = header.Split (new char [] {' '}, 2);
+ if (string.Compare (authenticationData [0], "basic", true) == 0) {
+ user = ParseBasicAuthentication (authenticationData [1]);
+ }
+ // TODO: throw if malformed -> 400 bad request
+ }
+
+ internal IPrincipal ParseBasicAuthentication (string authData) {
+ try {
+ // Basic AUTH Data is a formatted Base64 String
+ //string domain = null;
+ string user = null;
+ string password = null;
+ int pos = -1;
+ string authString = System.Text.Encoding.Default.GetString (Convert.FromBase64String (authData));
+
+ // The format is DOMAIN\username:password
+ // Domain is optional
+
+ pos = authString.IndexOf (':');
+
+ // parse the password off the end
+ password = authString.Substring (pos+1);
+
+ // discard the password
+ authString = authString.Substring (0, pos);
+
+ // check if there is a domain
+ pos = authString.IndexOf ('\\');
+
+ if (pos > 0) {
+ //domain = authString.Substring (0, pos);
+ user = authString.Substring (pos);
+ } else {
+ user = authString;
+ }
+
+ HttpListenerBasicIdentity identity = new HttpListenerBasicIdentity (user, password);
+ // TODO: What are the roles MS sets
+ return new GenericPrincipal (identity, new string [0]);
+ } catch (Exception) {
+ // Invalid auth data is swallowed silently
+ return null;
+ }
+ }
+
+ [MonoTODO]
+ public Task<HttpListenerWebSocketContext> AcceptWebSocketAsync (string subProtocol)
+ {
+ throw new NotImplementedException ();
+ }
+
+ [MonoTODO]
+ public Task<HttpListenerWebSocketContext> AcceptWebSocketAsync (string subProtocol, TimeSpan keepAliveInterval)
+ {
+ throw new NotImplementedException ();
+ }
+
+ [MonoTODO]
+ public Task<HttpListenerWebSocketContext> AcceptWebSocketAsync (string subProtocol, int receiveBufferSize, TimeSpan keepAliveInterval)
+ {
+ throw new NotImplementedException ();
+ }
+
+ [MonoTODO]
+ public Task<HttpListenerWebSocketContext> AcceptWebSocketAsync (string subProtocol, int receiveBufferSize, TimeSpan keepAliveInterval, ArraySegment<byte> internalBuffer)
+ {
+ throw new NotImplementedException ();
+ }
}
}
#endif
projects / mono.git / blobdiff