http_auth::basic_authentication_decode (public)

 http_auth::basic_authentication_decode authorization

Defined in packages/acs-tcl/tcl/http-auth-procs.tcl

Implements decoding of authorization header as defined in RFC 7617 "username" containing a colon character is invalid (see RFC 7617, Section 2).

Parameters:
authorization - content of "Authorization:" reply header field, such as e.g. "Basic 29234k3j49a"

Partial Call Graph (max 5 caller/called nodes):
%3 http_auth::set_user_id http_auth::set_user_id (public) http_auth::basic_authentication_decode http_auth::basic_authentication_decode http_auth::set_user_id->http_auth::basic_authentication_decode oacs_dav::set_user_id oacs_dav::set_user_id (public) oacs_dav::set_user_id->http_auth::basic_authentication_decode xo::ProtocolHandler instproc set_user_id xo::ProtocolHandler instproc set_user_id (public) xo::ProtocolHandler instproc set_user_id->http_auth::basic_authentication_decode

Testcases:
No testcase defined.
Source code:
    set decoded [ns_uudecode [lindex [split $authorization " "] 1]]
    #
    # $decoded should be of the form "user:password".
    #
    # The pair is invalid at least in the following situations:
    # - the username contains a colon
    # - the username is empty
    # - $decoded contains no colon
    #
    set delimiterPos [string first : $decoded]
    if {$delimiterPos > 0} {
        set user [string range $decoded 0 $delimiterPos-1]
        set password [string range $decoded $delimiterPos+1 end]
    } else {
        ns_log warning "protocol-handler: invalid user/password pair provided: $decoded"
        set password ""
        set user ""
    }
    return [list password $password user $user]
XQL Not present:
Generic, PostgreSQL, Oracle
[ hide source ] | [ make this the default ]
Show another procedure: