Added AC_AUTHSCOPE_EXCEPTCP with AC_AUTHSCOPE enum.

enhance/v120
Hieromon Ikasamo 5 years ago
parent 48bf5cfd1e
commit 8c5e5a49ea
  1. 3
      src/AutoConnect.h
  2. 37
      src/AutoConnectAux.cpp
  3. 50
      src/AutoConnectPage.cpp
  4. 8
      src/AutoConnectTypes.h

@ -201,7 +201,7 @@ class AutoConnectConfig {
uint8_t tickerOn; /**< A signal for flicker turn on */ uint8_t tickerOn; /**< A signal for flicker turn on */
AC_OTA_t ota; /**< Attach built-in OTA */ AC_OTA_t ota; /**< Attach built-in OTA */
AC_AUTH_t auth; /**< Enable authentication */ AC_AUTH_t auth; /**< Enable authentication */
AC_AUTHSCOPE_t authScope; /**< certification scope */ uint16_t authScope; /**< Authetication scope */
String username; /**< User name for authentication */ String username; /**< User name for authentication */
String password; /**< Authentication password */ String password; /**< Authentication password */
String hostName; /**< host name */ String hostName; /**< host name */
@ -262,6 +262,7 @@ class AutoConnect {
AC_RECONNECT_SET, AC_RECONNECT_SET,
AC_RECONNECT_RESET AC_RECONNECT_RESET
} AC_STARECONNECT_t; } AC_STARECONNECT_t;
void _authentication(bool allow);
bool _config(void); bool _config(void);
bool _configSTA(const IPAddress& ip, const IPAddress& gateway, const IPAddress& netmask, const IPAddress& dns1, const IPAddress& dns2); bool _configSTA(const IPAddress& ip, const IPAddress& gateway, const IPAddress& netmask, const IPAddress& dns1, const IPAddress& dns2);
String _getBootUri(void); String _getBootUri(void);

@ -514,41 +514,12 @@ PageElement* AutoConnectAux::_setupPage(const String& uri) {
// Restore transfer mode by each page // Restore transfer mode by each page
mother->_responsePage->chunked(chunk); mother->_responsePage->chunked(chunk);
// Register authentication method // Register authentication
// HTTP authentication works only when connected to WiFi
if (WiFi.status() == WL_CONNECTED) {
// Determine the necessity of authentication from the conditions of // Determine the necessity of authentication from the conditions of
// AutoConnectConfig::authScope and derive the method. // AutoConnectConfig::authScope and derive the method.
const char* authUser = nullptr; bool auth = (mother->_apConfig.authScope & AC_AUTHSCOPE_AUX) ||
const char* authPass = nullptr; ((mother->_apConfig.authScope & AC_AUTHSCOPE_PARTIAL) && (_httpAuth != AC_AUTH_NONE));
HTTPAuthMethod method = DIGEST_AUTH; mother->_authentication(auth);
bool authCond = false;
if (mother->_apConfig.authScope == AC_AUTHSCOPE_PARTIAL) {
if (_httpAuth != AC_AUTH_NONE) {
authCond = true;
if (_httpAuth == AC_AUTH_BASIC)
method = BASIC_AUTH;
}
}
else {
if (mother->_apConfig.auth != AC_AUTH_NONE) {
authCond = true;
if (mother->_apConfig.auth == AC_AUTH_BASIC)
method = BASIC_AUTH;
}
}
if (authCond) {
authUser = mother->_apConfig.username.c_str();
authPass = mother->_apConfig.password.c_str();
}
// It entrusts authentication to PageBuilder.
// If WiFi is not connected, authUser will be null, and an authentication will not be issued.
String failsContent = String(FPSTR(AutoConnect::_ELM_HTML_HEAD)) + String(F("</head><body>" AUTOCONNECT_TEXT_AUTHFAILED "</body></html>"));
mother->_responsePage->authentication(authUser, authPass, method, AUTOCONNECT_AUTH_REALM, failsContent);
if (authUser)
AC_DBG_DUMB(",%s+%s/%s", method == BASIC_AUTH ? "BASIC" : "DIGEST", authUser, authPass);
}
} }
} }
return elm; return elm;

@ -1558,20 +1558,46 @@ PageElement* AutoConnect::_setupPage(String& uri) {
break; break;
} }
// Regiter authentication method // Regiter authentication
bool authCond = _apConfig.auth != AC_AUTH_NONE && // Determine the necessity of authentication from the AutoConnectConfig settings
_apConfig.authScope == AC_AUTHSCOPE_PORTAL && bool auth = (_apConfig.auth != AC_AUTH_NONE) &&
WiFi.status() == WL_CONNECTED && (_apConfig.authScope & AC_AUTHSCOPE_AC) &&
reqAuth; reqAuth;
if (authCond) { _authentication(auth);
HTTPAuthMethod auth = _apConfig.auth == AC_AUTH_BASIC ? BASIC_AUTH : DIGEST_AUTH;
String failsContent = String(FPSTR(AutoConnect::_ELM_HTML_HEAD)) + String(F("</head><body>" AUTOCONNECT_TEXT_AUTHFAILED "</body></html>"));
_responsePage->authentication(_apConfig.username.c_str(), _apConfig.password.c_str(), auth, AUTOCONNECT_AUTH_REALM, failsContent);
AC_DBG_DUMB(",%s+%s/%s", auth == BASIC_AUTH ? "BASIC" : "DIGEST", _apConfig.username.c_str(), _apConfig.password.c_str());
}
else
_responsePage->authentication(nullptr, nullptr);
} }
return elm; return elm;
} }
/**
* Allow the page set upped to authenticate.
* The argument parameter indicates that authentication is allowed with
* the condition of the AutoConnect.authScope setting.
* It determines to except authentication in the captive portal state
* when the EXCEPTCP is enabled.
* @param allow Indication of whether to authenticate with the page.
*/
void AutoConnect::_authentication(bool allow) {
const char* user = nullptr;
const char* password = nullptr;
HTTPAuthMethod method = _apConfig.auth == AC_AUTH_BASIC ? HTTPAuthMethod::BASIC_AUTH : HTTPAuthMethod::DIGEST_AUTH;
String fails;
// Enable authentication by setting of AC_AUTHSCOPE_DISCONNECTED even if WiFi is not connected.
if (WiFi.status() != WL_CONNECTED && (WiFi.getMode() & WIFI_AP)) {
String accUrl = _webServer->hostHeader();
if ((accUrl != WiFi.softAPIP().toString()) && !accUrl.endsWith(F(".local"))) {
if (_apConfig.authScope & AC_AUTHSCOPE_EXCEPTCP)
allow = false;
}
}
if (allow) {
// Regiter authentication method
user = _apConfig.username.c_str();
password = _apConfig.password.c_str();
fails = String(FPSTR(AutoConnect::_ELM_HTML_HEAD)) + String(F("</head><body>" AUTOCONNECT_TEXT_AUTHFAILED "</body></html>"));
AC_DBG_DUMB(",%s+%s/%s", method == HTTPAuthMethod::BASIC_AUTH ? "BASIC" : "DIGEST", user, password);
}
_responsePage->authentication(user, password, method, AUTOCONNECT_AUTH_REALM, fails);
}

@ -48,9 +48,11 @@ typedef enum AC_OTA {
/**< Scope of certification influence */ /**< Scope of certification influence */
typedef enum AC_AUTHSCOPE { typedef enum AC_AUTHSCOPE {
AC_AUTHSCOPE_PARTIAL, // Available for particular AUX-pages. AC_AUTHSCOPE_PARTIAL = 0x0001, // Available for particular AUX-pages.
AC_AUTHSCOPE_AUX, // All AUX-pages are affected by an authentication. AC_AUTHSCOPE_AUX = 0x0002, // All AUX-pages are affected by an authentication.
AC_AUTHSCOPE_PORTAL // All AutoConnect pages are affected by an authentication. AC_AUTHSCOPE_AC = 0x0004, // Allow authentication to AutoConnect pages.
AC_AUTHSCOPE_PORTAL = AC_AUTHSCOPE_AC | AC_AUTHSCOPE_AUX, // All AutoConnect pages are affected by an authentication.
AC_AUTHSCOPE_EXCEPTCP = 0x8000 // Ignore authentication even if AP only.
} AC_AUTHSCOPE_t; } AC_AUTHSCOPE_t;
/**< A type to enable authentication. */ /**< A type to enable authentication. */

Loading…
Cancel
Save