Commit 19a05c90 authored by Kyle L. Huff's avatar Kyle L. Huff Committed by Steve Holme
Browse files

sasl: added basic SASL XOAUTH2 support 

Added the ability to generated a base64 encoded XOAUTH2 token
containing: "user=<username>^Aauth=Bearer <bearer token>^A^A"
as per RFC6749 "OAuth 2.0 Authorization Framework".
parent bb552933

lib/curl_sasl.c

+35 −0
Original line number Diff line number Diff line
@@ -22,6 +22,7 @@ 
 * RFC2831 DIGEST-MD5 authentication

 * RFC4422 Simple Authentication and Security Layer (SASL)

 * RFC4616 PLAIN authentication

 * RFC6749 OAuth 2.0 Authorization Framework

 *

 ***************************************************************************/
@@ -477,6 +478,40 @@ CURLcode Curl_sasl_create_ntlm_type3_message(struct SessionHandle *data, 
}

#endif /* USE_NTLM */



/*

 * Curl_sasl_create_xoauth2_message()

 *

 * This is used to generate an already encoded XOAUTH2 message ready

 * for sending to the recipient.

 *

 * Parameters:

 *

 * data    [in]     - The session handle.

 * user    [in]     - The user name.

 * bearer  [in]     - The XOAUTH Bearer token.

 * outptr  [in/out] - The address where a pointer to newly allocated memory

 *                    holding the result will be stored upon completion.

 * outlen  [out]    - The length of the output message.

 *

 * Returns CURLE_OK on success.

 */

CURLcode Curl_sasl_create_xoauth2_message(struct SessionHandle *data,

                                          const char *user,

                                          const char *bearer,

                                          char **outptr, size_t *outlen)

{

  char *xoauth;



  xoauth = aprintf("user=%s\1auth=Bearer %s\1\1", user, bearer);



  if(!xoauth)

    return CURLE_OUT_OF_MEMORY;



  /* Base64 encode the reply */

  return Curl_base64_encode(data, xoauth, strlen(xoauth), outptr,

                            outlen);

}



/*

 * Curl_sasl_cleanup()

 *

lib/curl_sasl.h

+8 −0
Original line number Diff line number Diff line
@@ -32,6 +32,7 @@ 
#define SASL_MECH_GSSAPI        (1 << 4)

#define SASL_MECH_EXTERNAL      (1 << 5)

#define SASL_MECH_NTLM          (1 << 6)

#define SASL_MECH_XOAUTH2       (1 << 7)



/* Authentication mechanism values */

#define SASL_AUTH_NONE          0
@@ -85,6 +86,13 @@ CURLcode Curl_sasl_create_ntlm_type3_message(struct SessionHandle *data, 


#endif /* USE_NTLM */



/* This is used to generate a base64 encoded XOAUTH2 authentication message

   containing the user name and bearer token */

CURLcode Curl_sasl_create_xoauth2_message(struct SessionHandle *data,

                                          const char *user,

                                          const char *bearer,

                                          char **outptr, size_t *outlen);



/* This is used to cleanup any libraries or curl modules used by the sasl

   functions */

void Curl_sasl_cleanup(struct connectdata *conn, unsigned int authused);