Re: [libmicrohttpd] Out of band authentication with libmicrohttpd

[Evgeny Grin]

Hi Daniel,

On 01.12.2016 3:04, Daniel Tweed, Mr wrote:
> I'm really new to libmicrohttpd and the examples/tutorial have been
> really helpful, but I can't figure out how to implement one specific
> thing I need.
> 
> What I am trying to achieved is:
> 
>  1.
>     Send http 102 to client who requested anydoc.html which requires
>     authentication
HTTP standards doesn't define response code 102.
See https://tools.ietf.org/html/rfc7231#section-6
and https://tools.ietf.org/html/rfc2616#section-6.1.1

>  2.
>     Some processing on the serverside, including out of band authentication
> 
>  3.
>     If authenticated, send response built from somedoc.html, otherwise
>     generic not auth message

HTTP use request-response logic. If you already responded (your code
102) to some request then you can't add another response later.

> I'm having a failure of understanding somewhere, in that I cannot seem
> to figure out how to send the 102 and save the connection details so
> that I can forward the response in step 3.   I had thought I could queue
> a response then either enter a wait loop or suspend the connection, but
> as far as I can tell I have to return from the
> |MHD_AcceptPolicyCallback| for the response to be sent.   Then I cannot
> figure out how to get back to the connection as I cannot suspend it and
> save the pointer. I have looked at the request completed call back but
> this still results in the 102 not being sent. 
> 
> I really can't figure out a process to achieve these steps from the
> examples or the manual.  I'm sure I'm either missing something about
> http processing or about libmicrohttpd any help or advice would be
> appreciated.  I'm happy to share anything that would make my question
> clearer, including more details on the overall application or specific
> code I am working with.

MHD_AcceptPolicyCallback could be used to choose whether to process
connection or does not process connection at all.

You should ether call MHD_queue_response() from your callback
MHD_AccessHandlerCallback specified in MHD_start_daemon() parameter or,
if your application need some time to generate response - call
MHD_suspend_connection(). When application is ready to generate response
- call MHD_resume_connection(), then MHD will call again your
MHD_AccessHandlerCallback where you can call MHD_queue_response() to
provide response to client.

If you need some kind of authorization, you can use MHD built-in functions.
See examples:
src/examples/authorization_example.c
src/examples/digest_auth_example.c
and
doc/examples/tlsauthentication.c


-- 
Best Wishes,
Evgeny Grin