Store Request Fields that are needed later
Because of recent changes to how dbus authentication is done, Requests
might be moved out before they can be used. This commit is an attempt
to mitigate the problem without needing to revert that patch.
This commit does two relatively distinct things.
First, it moves basic auth types to a model where they're timed out
instead of removed on destruction. This removes the need for a Request
object to track that state, and arguably gives better behavior, as
basic auth sessions will survive through the timeout.
To prevent lots of basic auth sessions getting created, a basic auth
session is reused if it was:
1. Created by basic auth previously.
2. Created by the same user.
3. Created from the same source IP address.
Second, both connection classes now store the accept, and origin headers
from the request in the connection class itself, removing the need for
them.
Tested: HTML page now loads when pointing at a redfish URL with a
browser.
Change-Id: I623b43cbcbb43d9e65b408853660be09a5edb2b3
Signed-off-by: Ed Tanous <ed@tanous.net>
diff --git a/http/complete_response_fields.hpp b/http/complete_response_fields.hpp
index bec33fc..a5468a4 100644
--- a/http/complete_response_fields.hpp
+++ b/http/complete_response_fields.hpp
@@ -18,13 +18,10 @@
namespace crow
{
-inline void completeResponseFields(const Request& req, Response& res)
+inline void completeResponseFields(std::string_view accepts, Response& res)
{
- BMCWEB_LOG_INFO("Response: {} {}", req.url().encoded_path(),
- res.resultInt());
- addSecurityHeaders(req, res);
-
- authentication::cleanupTempSession(req);
+ BMCWEB_LOG_INFO("Response: {}", res.resultInt());
+ addSecurityHeaders(res);
res.setHashAndHandleNotModified();
if (res.jsonValue.is_structured())
@@ -32,8 +29,7 @@
using http_helpers::ContentType;
std::array<ContentType, 3> allowed{ContentType::CBOR, ContentType::JSON,
ContentType::HTML};
- ContentType preferred =
- getPreferredContentType(req.getHeaderValue("Accept"), allowed);
+ ContentType preferred = getPreferredContentType(accepts, allowed);
if (preferred == ContentType::HTML)
{
diff --git a/http/http2_connection.hpp b/http/http2_connection.hpp
index a863636..84e666f 100644
--- a/http/http2_connection.hpp
+++ b/http/http2_connection.hpp
@@ -30,6 +30,7 @@
#include <chrono>
#include <functional>
#include <memory>
+#include <string>
#include <vector>
namespace crow
@@ -39,6 +40,7 @@
{
std::shared_ptr<Request> req = std::make_shared<Request>();
std::optional<bmcweb::HttpBody::reader> reqReader;
+ std::string accept;
Response res;
std::optional<bmcweb::HttpBody::writer> writer;
};
@@ -170,9 +172,8 @@
Http2StreamData& stream = it->second;
Response& res = stream.res;
res = std::move(completedRes);
- crow::Request& thisReq = *stream.req;
- completeResponseFields(thisReq, res);
+ completeResponseFields(stream.accept, res);
res.addHeader(boost::beast::http::field::date, getCachedDateStr());
res.preparePayload();
@@ -246,6 +247,9 @@
crow::Request& thisReq = *it->second.req;
thisReq.ioService = static_cast<decltype(thisReq.ioService)>(
&adaptor.get_executor().context());
+
+ it->second.accept = thisReq.getHeaderValue("Accept");
+
BMCWEB_LOG_DEBUG("Handling {} \"{}\"", logPtr(&thisReq),
thisReq.url().encoded_path());
diff --git a/http/http_connection.hpp b/http/http_connection.hpp
index fe015f9..2050afd 100644
--- a/http/http_connection.hpp
+++ b/http/http_connection.hpp
@@ -242,7 +242,7 @@
return;
}
req->session = userSession;
-
+ accept = req->getHeaderValue("Accept");
// Fetch the client IP address
req->ipAddress = ip;
@@ -373,7 +373,7 @@
res = std::move(thisRes);
res.keepAlive(keepAlive);
- completeResponseFields(*req, res);
+ completeResponseFields(accept, res);
res.addHeader(boost::beast::http::field::date, getCachedDateStr());
doWrite();
@@ -742,6 +742,8 @@
boost::beast::flat_static_buffer<8192> buffer;
std::shared_ptr<crow::Request> req;
+ std::string accept;
+
crow::Response res;
std::shared_ptr<persistent_data::UserSession> userSession;
diff --git a/http/mutual_tls.hpp b/http/mutual_tls.hpp
index 5acc87a..eb26b5a 100644
--- a/http/mutual_tls.hpp
+++ b/http/mutual_tls.hpp
@@ -128,5 +128,5 @@
std::string unsupportedClientId;
return persistent_data::SessionStore::getInstance().generateUserSession(
sslUser, clientIp, unsupportedClientId,
- persistent_data::PersistenceType::TIMEOUT);
+ persistent_data::SessionType::MutualTLS);
}