Skip to content

Commit 7a1eaff

Browse files
xengine-qytxengine-qyt
committed
modify:http verification info
1 parent f6288cd commit 7a1eaff

5 files changed

Lines changed: 47 additions & 23 deletions

File tree

XEngine_Release/XEngine_Config/XEngine_Config.json

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -56,7 +56,10 @@
5656
},
5757
"XApiVer": {
5858
"bEnable": true,
59-
"nVerType": 1
59+
"tszUser": "xengine",
60+
"tszPass": "123123aa",
61+
"tszAPIUrl": "",
62+
"nVerType": 2
6063
},
6164
"XSql": {
6265
"nSQLType": 0,

XEngine_Source/AuthorizeModule_Configure/Config_Define.h

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -86,8 +86,11 @@ typedef struct
8686
}st_XCrypto;
8787
struct
8888
{
89-
bool bEnable; //是否启用HTTP接口权限验证
89+
XCHAR tszAPIUrl[XPATH_MID]; //验证API地址
90+
XCHAR tszUserName[128]; //验证用户名
91+
XCHAR tszUserPass[128]; //验证密码
9092
int nVType; //验证方法,1 基本,2摘要
93+
bool bEnable; //是否启用HTTP接口权限验证
9194
}st_XApiVer;
9295
struct
9396
{

XEngine_Source/AuthorizeModule_Configure/ModuleConfigure_Json/ModuleConfigure_Json.cpp

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -156,7 +156,7 @@ bool CModuleConfigure_Json::ModuleConfigure_Json_File(LPCXSTR lpszConfigFile, XE
156156
pSt_ServerConfig->st_XCrypto.bEnable = st_JsonXCrypto["bEnable"].asBool();
157157
pSt_ServerConfig->st_XCrypto.nPassword = st_JsonXCrypto["nPass"].asInt();
158158
//接口验证
159-
if (st_JsonRoot["XApiVer"].empty() || (2 != st_JsonRoot["XApiVer"].size()))
159+
if (st_JsonRoot["XApiVer"].empty() || (5 != st_JsonRoot["XApiVer"].size()))
160160
{
161161
Config_IsErrorOccur = true;
162162
Config_dwErrorCode = ERROR_AUTHORIZE_MODULE_CONFIGURE_XAPIVER;
@@ -165,6 +165,9 @@ bool CModuleConfigure_Json::ModuleConfigure_Json_File(LPCXSTR lpszConfigFile, XE
165165
Json::Value st_JsonXAPIVer = st_JsonRoot["XApiVer"];
166166
pSt_ServerConfig->st_XApiVer.bEnable = st_JsonXAPIVer["bEnable"].asBool();
167167
pSt_ServerConfig->st_XApiVer.nVType = st_JsonXAPIVer["nVerType"].asInt();
168+
_tcsxcpy(pSt_ServerConfig->st_XApiVer.tszUserName, st_JsonXAPIVer["tszUser"].asCString());
169+
_tcsxcpy(pSt_ServerConfig->st_XApiVer.tszUserPass, st_JsonXAPIVer["tszPass"].asCString());
170+
_tcsxcpy(pSt_ServerConfig->st_XApiVer.tszAPIUrl, st_JsonXAPIVer["tszAPIUrl"].asCString());
168171
//数据库配置
169172
if (st_JsonRoot["XSql"].empty() || (6 != st_JsonRoot["XSql"].size()))
170173
{

XEngine_Source/XEngine_APPService/XEngine_AuthorizeService/Authorize_HttpTask.cpp

Lines changed: 33 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -85,41 +85,56 @@ bool XEngine_Client_HttpTask(LPCXSTR lpszClientAddr, LPCXSTR lpszMsgBuffer, int
8585
if (st_AuthConfig.st_XApiVer.bEnable)
8686
{
8787
int nVType = 0;
88-
XCHAR tszUserName[64] = {};
89-
XCHAR tszUserPass[64] = {};
9088
RFCCOMPONENTS_HTTP_HDRPARAM st_HDRParam = {};
9189

9290
st_HDRParam.nHttpCode = 401;
9391
st_HDRParam.bIsClose = true;
94-
92+
//打包验证信息
93+
int nHDRLen = 0;
94+
XCHAR tszHDRBuffer[XPATH_MAX] = {};
95+
if (1 == st_AuthConfig.st_XApiVer.nVType)
96+
{
97+
Verification_HTTP_BasicServerPacket(tszHDRBuffer, &nHDRLen);
98+
}
99+
else
100+
{
101+
XCHAR tszNonceStr[64] = {};
102+
XCHAR tszOpaqueStr[64] = {};
103+
Verification_HTTP_DigestServerPacket(tszHDRBuffer, &nHDRLen, tszNonceStr, tszOpaqueStr);
104+
}
105+
//后去验证方法
95106
if (!Verification_HTTP_GetType(pptszListHdr, nHdrCount, &nVType))
96107
{
97-
int nHDRLen = 0;
98-
XCHAR tszHDRBuffer[XPATH_MAX] = {};
99-
if (1 == st_AuthConfig.st_XApiVer.nVType)
100-
{
101-
Verification_HTTP_BasicServerPacket(tszHDRBuffer, &nHDRLen);
102-
}
103-
else
104-
{
105-
XCHAR tszNonceStr[64] = {};
106-
XCHAR tszOpaqueStr[64] = {};
107-
Verification_HTTP_DigestServerPacket(tszHDRBuffer, &nHDRLen, tszNonceStr, tszOpaqueStr);
108-
}
109108
HttpProtocol_Server_SendMsgEx(xhHttpPacket, tszSDBuffer, &nSDLen, &st_HDRParam, NULL, 0, tszHDRBuffer);
110109
NetCore_TCPXCore_SendEx(xhHttpSocket, lpszClientAddr, tszSDBuffer, nSDLen);
111110
XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_ERROR, _X("HTTP客户端:%s,用户验证失败,验证方式:%d,错误:%lX"), lpszClientAddr, st_AuthConfig.st_XApiVer.nVType, AuthHelp_GetLastError());
112111
return false;
113112
}
113+
//验证方式是否一致
114+
if (st_AuthConfig.st_XApiVer.nVType != nVType)
115+
{
116+
HttpProtocol_Server_SendMsgEx(xhHttpPacket, tszSDBuffer, &nSDLen, &st_HDRParam, NULL, 0, tszHDRBuffer);
117+
NetCore_TCPXCore_SendEx(xhHttpSocket, lpszClientAddr, tszSDBuffer, nSDLen);
118+
XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_ERROR, _X("HTTP客户端:%s,用户验证失败,验证方式错误,请求:%d,需求:%d"), lpszClientAddr, nVType, st_AuthConfig.st_XApiVer.nVType);
119+
return false;
120+
}
121+
bool bRet = false;
114122
if (1 == nVType)
115123
{
116-
Verification_HTTP_Basic(tszUserName, tszUserPass, pptszListHdr, nHdrCount);
124+
bRet = Verification_HTTP_Basic(st_AuthConfig.st_XApiVer.tszUserName, st_AuthConfig.st_XApiVer.tszUserPass, pptszListHdr, nHdrCount);
117125
}
118126
else if (2 == nVType)
119127
{
120-
Verification_HTTP_Digest("123123aa", "123123", pSt_HTTPParament->tszHttpMethod, pptszListHdr, nHdrCount);
128+
bRet = Verification_HTTP_Digest(st_AuthConfig.st_XApiVer.tszUserName, st_AuthConfig.st_XApiVer.tszUserPass, pSt_HTTPParament->tszHttpMethod, pptszListHdr, nHdrCount);
129+
}
130+
if (!bRet)
131+
{
132+
HttpProtocol_Server_SendMsgEx(xhHttpPacket, tszSDBuffer, &nSDLen, &st_HDRParam, NULL, 0, tszHDRBuffer);
133+
NetCore_TCPXCore_SendEx(xhHttpSocket, lpszClientAddr, tszSDBuffer, nSDLen);
134+
XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_ERROR, _X("HTTP客户端:%s,用户验证失败,验证处理错误,可能用户密码登信息不匹配,类型:%d"), lpszClientAddr, nVType);
135+
return false;
121136
}
122-
XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_INFO, _X("HTTP客户端:%s,验证通过,用户名:%s,密码:%s"), lpszClientAddr, tszUserName, tszUserPass);
137+
XLOG_PRINT(xhLog, XENGINE_HELPCOMPONENTS_XLOG_IN_LOGLEVEL_INFO, _X("HTTP客户端:%s,HTTP验证类型:%d 通过"), lpszClientAddr, nVType);
123138
}
124139

125140
if (0 == _tcsxnicmp(lpszMethodPost, pSt_HTTPParament->tszHttpMethod, _tcsxlen(lpszMethodPost)))

XEngine_Source/XEngine_APPService/XEngine_AuthorizeService/Makefile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,9 +3,9 @@ PLATVER =
33
FILEEXT =
44
LIBFLAG =
55
LOADHDR = -I ./
6-
LOADSO = -L ../../XEngine_DependLibrary/XEngine_Module/jsoncpp -L ../../XEngine_DependLibrary/XEngine_Module/XEngine_InfoReport \
6+
LOADSO = -L ../../XEngine_DependLibrary/XEngine_Module/jsoncpp -L ../../XEngine_DependLibrary/XEngine_Module/XEngine_InfoReport -L ../../XEngine_DependLibrary/XEngine_Module/XEngine_Verification \
77
-L ../../AuthorizeModule_Session -L ../../AuthorizeModule_Database -L ../../AuthorizeModule_Protocol -L ../../AuthorizeModule_Configure -L ../../AuthorizeModule_Help -L ../../AuthorizeModule_CDKey
8-
LIB = -lXEngine_InfoReport -ljsoncpp \
8+
LIB = -lXEngine_InfoReport -ljsoncpp -lXEngine_Verification \
99
-lXEngine_BaseLib -lXEngine_Algorithm -lXEngine_Core -lXEngine_ManagePool -lXEngine_Cryption -lXClient_APIHelp -lNetHelp_APIAddr -lHelpComponents_Packets -lHelpComponents_DataBase -lHelpComponents_XLog -lRfcComponents_WSProtocol -lRfcComponents_HttpProtocol -lXEngine_ProcFile -lXEngine_SystemApi \
1010
-lAuthorizeModule_Session -lAuthorizeModule_Database -lAuthorizeModule_Protocol -lAuthorizeModule_Configure -lAuthorizeModule_Help -lAuthorizeModule_CDKey
1111
LIBEX =

0 commit comments

Comments
 (0)