From 662ea802f40062d6f095bdeea61e69d7b665de25 Mon Sep 17 00:00:00 2001 From: Magnus Ahltorp Date: Thu, 26 Feb 2015 16:50:41 +0100 Subject: Added authentication --- src/plop.erl | 44 ++++++++++++++++++++++++++++++++++++++------ 1 file changed, 38 insertions(+), 6 deletions(-) (limited to 'src/plop.erl') diff --git a/src/plop.erl b/src/plop.erl index f90d287..cfca343 100644 --- a/src/plop.erl +++ b/src/plop.erl @@ -194,6 +194,16 @@ storage_nodes_quorum() -> {ok, Value} = application:get_env(plop, storage_nodes_quorum), Value. +add_auth(Method, Path, Headers, Data) -> + AuthHeader = http_auth:create_auth(Method, Path, Data), + lager:debug("sent auth header: ~p", [AuthHeader]), + [{"X-Catlfish-Auth", AuthHeader} | Headers]. + +get_auth_header(Headers) -> + Result = binary_to_list(hackney_headers:get_value("X-Catlfish-Auth", Headers)), + lager:debug("received auth header: ~p", [Result]), + Result. + send_http_request(TreeLeafHash, URL, Headers, RequestBody) -> ParentPid = self(), RequestId = make_ref(), @@ -202,17 +212,39 @@ send_http_request(TreeLeafHash, URL, Headers, RequestBody) -> Starttime = os:timestamp(), ParsedURL = hackney_url:parse_url(URL), #hackney_url{path = Path} = ParsedURL, - lager:debug("leafhash ~s: sending http request to ~p", [mochihex:to_hex(TreeLeafHash), URL]), + lager:debug("leafhash ~s: sending http request to ~p", + [mochihex:to_hex(TreeLeafHash), URL]), {ok, ConnRef} = hackney:connect(ParsedURL, [{ssl_options, [{cacertfile, CACertFile}]}]), - lager:debug("leafhash ~s: connected to ~p", [mochihex:to_hex(TreeLeafHash), URL]), - {ok, StatusCode, RespHeaders, ClientRef} = hackney:send_request(ConnRef, {post, Path, Headers, RequestBody}), - lager:debug("leafhash ~s: received headers for ~p", [mochihex:to_hex(TreeLeafHash), URL]), + lager:debug("leafhash ~s: connected to ~p", + [mochihex:to_hex(TreeLeafHash), URL]), + {ok, StatusCode, RespHeaders, ClientRef} = + hackney:send_request(ConnRef, + {post, Path, + add_auth("POST", Path, Headers, + RequestBody), + RequestBody}), + lager:debug("leafhash ~s: received headers for ~p: ~p", + [mochihex:to_hex(TreeLeafHash), URL, RespHeaders]), {ok, Body} = hackney:body(ClientRef), Stoptime = os:timestamp(), hackney:close(ClientRef), - lager:debug("leafhash ~s: received body for ~p: time ~p", [mochihex:to_hex(TreeLeafHash), URL, timer:now_diff(Stoptime, Starttime)]), + lager:debug("leafhash ~s: received body for ~p: time ~p", + [mochihex:to_hex(TreeLeafHash), URL, timer:now_diff(Stoptime, Starttime)]), StatusLine = {none, StatusCode, none}, - ParentPid ! {http, {RequestId, {StatusLine, RespHeaders, Body}}} + AuthHeader = get_auth_header(hackney_headers:new(RespHeaders)), + case http_auth:verify_auth(AuthHeader, "REPLY", + binary_to_list(Path), Body) of + failure -> + lager:debug("auth check failed"), + drop; + success -> + lager:debug("auth check succeeded"), + ParentPid ! {http, {RequestId, + {StatusLine, RespHeaders, Body}}}; + noauth -> + lager:debug("no auth"), + drop + end end), RequestId. -- cgit v1.1