Merge pull request oatpp#114 from bhorn/authorization-draft

Authorization

src/CMakeLists.txt

@@ -209,6 +209,8 @@ add_library(oatpp
         oatpp/web/server/api/ApiController.hpp
         oatpp/web/server/api/Endpoint.cpp
         oatpp/web/server/api/Endpoint.hpp
+        oatpp/web/server/handler/AuthorizationHandler.cpp
+        oatpp/web/server/handler/AuthorizationHandler.hpp
         oatpp/web/server/handler/ErrorHandler.cpp
         oatpp/web/server/handler/ErrorHandler.hpp
         oatpp/web/server/handler/Interceptor.cpp

src/oatpp/codegen/codegen_define_ApiClient_.hpp

@@ -52,12 +52,14 @@
 #define OATPP_MACRO_API_CLIENT_PARAM_NAME_STR(MACRO, TYPE, PARAM_LIST) OATPP_MACRO_FIRSTARG_STR PARAM_LIST
 #define OATPP_MACRO_API_CLIENT_PARAM(MACRO, TYPE, PARAM_LIST) (MACRO, TYPE, PARAM_LIST)
 
-#define HEADER(TYPE, ...)       OATPP_MACRO_API_CLIENT_PARAM(OATPP_MACRO_API_CLIENT_HEADER, TYPE, (__VA_ARGS__))
-#define PATH(TYPE, ...)         OATPP_MACRO_API_CLIENT_PARAM(OATPP_MACRO_API_CLIENT_PATH, TYPE, (__VA_ARGS__))
-#define QUERY(TYPE, ...)        OATPP_MACRO_API_CLIENT_PARAM(OATPP_MACRO_API_CLIENT_QUERY, TYPE, (__VA_ARGS__))
-#define BODY(TYPE, ...)         OATPP_MACRO_API_CLIENT_PARAM(OATPP_MACRO_API_CLIENT_BODY, TYPE, (__VA_ARGS__))
-#define BODY_DTO(TYPE, ...)     OATPP_MACRO_API_CLIENT_PARAM(OATPP_MACRO_API_CLIENT_BODY_DTO, TYPE, (__VA_ARGS__))
-#define BODY_STRING(TYPE, ...)  OATPP_MACRO_API_CLIENT_PARAM(OATPP_MACRO_API_CLIENT_BODY_STRING, TYPE, (__VA_ARGS__))
+#define HEADER(TYPE, ...)               OATPP_MACRO_API_CLIENT_PARAM(OATPP_MACRO_API_CLIENT_HEADER, TYPE, (__VA_ARGS__))
+#define PATH(TYPE, ...)                 OATPP_MACRO_API_CLIENT_PARAM(OATPP_MACRO_API_CLIENT_PATH, TYPE, (__VA_ARGS__))
+#define QUERY(TYPE, ...)                OATPP_MACRO_API_CLIENT_PARAM(OATPP_MACRO_API_CLIENT_QUERY, TYPE, (__VA_ARGS__))
+#define BODY(TYPE, ...)                 OATPP_MACRO_API_CLIENT_PARAM(OATPP_MACRO_API_CLIENT_BODY, TYPE, (__VA_ARGS__))
+#define BODY_DTO(TYPE, ...)             OATPP_MACRO_API_CLIENT_PARAM(OATPP_MACRO_API_CLIENT_BODY_DTO, TYPE, (__VA_ARGS__))
+#define BODY_STRING(TYPE, ...)          OATPP_MACRO_API_CLIENT_PARAM(OATPP_MACRO_API_CLIENT_BODY_STRING, TYPE, (__VA_ARGS__))
+#define AUTHORIZATION(TYPE, ...)        OATPP_MACRO_API_CLIENT_PARAM(OATPP_MACRO_API_CLIENT_AUTHORIZATION, TYPE, (__VA_ARGS__))
+#define AUTHORIZATION_BASIC(TYPE, ...)  OATPP_MACRO_API_CLIENT_PARAM(OATPP_MACRO_API_CLIENT_AUTHORIZATION_BASIC, TYPE, (__VA_ARGS__))
 
 //////////////////////////////////////////////////////////////////////////
 
@@ -132,6 +134,22 @@ __body = oatpp::web::protocol::http::outgoing::DtoBody::createShared(OATPP_MACRO
 #define OATPP_MACRO_API_CLIENT_BODY_STRING(TYPE, PARAM_LIST) \
 __body = oatpp::web::protocol::http::outgoing::BufferBody::createShared(OATPP_MACRO_FIRSTARG PARAM_LIST);
 
+// AUTHORIZATION MACRO
+
+#define OATPP_MACRO_API_CLIENT_AUTHORIZATION_2(TYPE, TOKEN, SCHEME) \
+__headers->put("Authorization", String(SCHEME " ") + String(TOKEN));
+
+#define OATPP_MACRO_API_CLIENT_AUTHORIZATION(TYPE, PARAM_LIST) \
+OATPP_MACRO_API_CONTROLLER_MACRO_SELECTOR(OATPP_MACRO_API_CLIENT_AUTHORIZATION_, TYPE, OATPP_MACRO_UNFOLD_VA_ARGS PARAM_LIST)
+
+// AUTHORIZATION_BASIC MACRO
+
+#define OATPP_MACRO_API_CLIENT_AUTHORIZATION_BASIC_1(TYPE, TOKEN) \
+__headers->put("Authorization", String("Basic ") + oatpp::encoding::Base64::encode(TOKEN));
+
+#define OATPP_MACRO_API_CLIENT_AUTHORIZATION_BASIC(TYPE, PARAM_LIST) \
+OATPP_MACRO_API_CONTROLLER_MACRO_SELECTOR(OATPP_MACRO_API_CLIENT_AUTHORIZATION_BASIC_, TYPE, OATPP_MACRO_UNFOLD_VA_ARGS PARAM_LIST)
+
 // FOR EACH
 
 #define OATPP_MACRO_API_CLIENT_PARAM_DECL(INDEX, COUNT, X) \

src/oatpp/codegen/codegen_define_ApiController_.hpp

@@ -74,6 +74,9 @@ OATPP_MACRO_API_CONTROLLER_PARAM(OATPP_MACRO_API_CONTROLLER_BODY_STRING, OATPP_M
 #define BODY_DTO(TYPE, ...) \
 OATPP_MACRO_API_CONTROLLER_PARAM(OATPP_MACRO_API_CONTROLLER_BODY_DTO, OATPP_MACRO_API_CONTROLLER_BODY_DTO_INFO, TYPE, (__VA_ARGS__))
 
+#define AUTHORIZATION(TYPE, ...) \
+OATPP_MACRO_API_CONTROLLER_PARAM(OATPP_MACRO_API_CONTROLLER_AUTHORIZATION, OATPP_MACRO_API_CONTROLLER_AUTHORIZATION_INFO, TYPE, (__VA_ARGS__))
+
 //////////////////////////////////////////////////////////////////////////
 
 #define OATPP_MACRO_API_CONTROLLER_MACRO_SELECTOR(MACRO, TYPE, ...) \
@@ -249,6 +252,47 @@ if(!OATPP_MACRO_FIRSTARG PARAM_LIST) { \
 info->body.name = OATPP_MACRO_FIRSTARG_STR PARAM_LIST; \
 info->body.type = TYPE::Class::getType();
 
+// AUTHORIZATION MACRO // ------------------------------------------------------
+
+#define OATPP_MACRO_API_CONTROLLER_AUTHORIZATION_1(TYPE, NAME) \
+auto __param_str_val_##NAME = __request->getHeader(oatpp::web::protocol::http::Header::AUTHORIZATION); \
+std::shared_ptr<oatpp::web::server::handler::AuthorizationObject> __param_aosp_val_##NAME = ApiController::handleDefaultAuthorization(__param_str_val_##NAME); \
+TYPE NAME = std::static_pointer_cast<TYPE::element_type>(__param_aosp_val_##NAME);
+
+#define OATPP_MACRO_API_CONTROLLER_AUTHORIZATION_2(TYPE, NAME, AUTH_HANDLER) \
+auto __param_str_val_##NAME = __request->getHeader(oatpp::web::protocol::http::Header::AUTHORIZATION); \
+std::shared_ptr<oatpp::web::server::handler::AuthorizationHandler> __auth_handler_##NAME = AUTH_HANDLER; \
+std::shared_ptr<oatpp::web::server::handler::AuthorizationObject> __param_aosp_val_##NAME = __auth_handler_##NAME->handleAuthorization(__param_str_val_##NAME); \
+TYPE NAME = std::static_pointer_cast<TYPE::element_type>(__param_aosp_val_##NAME);
+
+#define OATPP_MACRO_API_CONTROLLER_AUTHORIZATION(TYPE, PARAM_LIST) \
+OATPP_MACRO_API_CONTROLLER_MACRO_SELECTOR(OATPP_MACRO_API_CONTROLLER_AUTHORIZATION_, TYPE, OATPP_MACRO_UNFOLD_VA_ARGS PARAM_LIST)
+
+// __INFO
+
+#define OATPP_MACRO_API_CONTROLLER_AUTHORIZATION_INFO_1(TYPE, NAME) \
+auto __param_obj_##NAME = ApiController::getDefaultAuthorizationHandler(); \
+if(__param_obj_##NAME) { \
+  info->headers.add(oatpp::web::protocol::http::Header::AUTHORIZATION, oatpp::String::Class::getType()); \
+  info->headers[oatpp::web::protocol::http::Header::AUTHORIZATION].description = __param_obj_##NAME ->getScheme(); \
+  info->authorization = __param_obj_##NAME ->getScheme(); \
+} else { \
+  throw oatpp::web::protocol::http::HttpError(Status::CODE_500, "No authorization handler set up in controller before controller was added to router or swagger-doc."); \
+}
+
+#define OATPP_MACRO_API_CONTROLLER_AUTHORIZATION_INFO_2(TYPE, NAME, AUTH_HANDLER) \
+std::shared_ptr<oatpp::web::server::handler::AuthorizationHandler> __auth_handler_##NAME = AUTH_HANDLER; \
+if(__auth_handler_##NAME) { \
+  info->headers.add(oatpp::web::protocol::http::Header::AUTHORIZATION, oatpp::String::Class::getType()); \
+  info->headers[oatpp::web::protocol::http::Header::AUTHORIZATION].description = __auth_handler_##NAME->getScheme(); \
+  info->authorization = __auth_handler_##NAME->getScheme(); \
+} else { \
+  throw oatpp::web::protocol::http::HttpError(Status::CODE_500, "Invalid authorization handler given (or not set up) in AUTHORIZATION(TYPE, NAME, AUTH_HANDLER) before controller was added to router or swagger-doc."); \
+}
+
+#define OATPP_MACRO_API_CONTROLLER_AUTHORIZATION_INFO(TYPE, PARAM_LIST) \
+OATPP_MACRO_API_CONTROLLER_MACRO_SELECTOR(OATPP_MACRO_API_CONTROLLER_AUTHORIZATION_INFO_, TYPE, OATPP_MACRO_UNFOLD_VA_ARGS PARAM_LIST)
+
 // FOR EACH // ------------------------------------------------------
 
 #define OATPP_MACRO_API_CONTROLLER_FOR_EACH_PARAM_DECL_FIRST(INDEX, COUNT, X) \
@@ -304,19 +348,19 @@ std::shared_ptr<Endpoint::Info> Z__EDNPOINT_INFO_GET_INSTANCE_##NAME() { \
 
 #define OATPP_MACRO_API_CONTROLLER_ENDPOINT_DECL_0(NAME, METHOD, PATH)  \
 \
-std::shared_ptr<Endpoint::Info> Z__CREATE_ENDPOINT_INFO_##NAME() { \
+EndpointInfoBuilder Z__CREATE_ENDPOINT_INFO_##NAME = [this](){ \
   auto info = Z__EDNPOINT_INFO_GET_INSTANCE_##NAME(); \
   info->name = #NAME; \
   info->path = PATH; \
   info->method = METHOD; \
   return info; \
-} \
+}; \
 \
 const std::shared_ptr<Endpoint> Z__ENDPOINT_##NAME = createEndpoint(m_endpoints, \
                                                         this, \
                                                         Z__ENDPOINT_METHOD_##NAME(this), \
                                                         nullptr, \
-                                                        Z__CREATE_ENDPOINT_INFO_##NAME());
+                                                        Z__CREATE_ENDPOINT_INFO_##NAME);
 
 #define OATPP_MACRO_API_CONTROLLER_ENDPOINT_0(NAME, METHOD, PATH) \
 OATPP_MACRO_API_CONTROLLER_ENDPOINT_DECL_DEFAULTS(NAME, METHOD, PATH) \
@@ -335,20 +379,20 @@ std::shared_ptr<oatpp::web::protocol::http::outgoing::Response> NAME()
 
 #define OATPP_MACRO_API_CONTROLLER_ENDPOINT_DECL_1(NAME, METHOD, PATH, ...)  \
 \
-std::shared_ptr<Endpoint::Info> Z__CREATE_ENDPOINT_INFO_##NAME() { \
-  auto info = Z__EDNPOINT_INFO_GET_INSTANCE_##NAME(); \
+EndpointInfoBuilder Z__CREATE_ENDPOINT_INFO_##NAME = [this](){ \
+auto info = Z__EDNPOINT_INFO_GET_INSTANCE_##NAME(); \
   info->name = #NAME; \
   info->path = PATH; \
   info->method = METHOD; \
   OATPP_MACRO_FOREACH(OATPP_MACRO_API_CONTROLLER_FOR_EACH_PARAM_INFO, __VA_ARGS__) \
   return info; \
-} \
+}; \
 \
 const std::shared_ptr<Endpoint> Z__ENDPOINT_##NAME = createEndpoint(m_endpoints, \
                                                         this, \
                                                         Z__ENDPOINT_METHOD_##NAME(this), \
                                                         nullptr, \
-                                                        Z__CREATE_ENDPOINT_INFO_##NAME());
+                                                        Z__CREATE_ENDPOINT_INFO_##NAME);
 
 #define OATPP_MACRO_API_CONTROLLER_ENDPOINT_1(NAME, METHOD, PATH, ...) \
 OATPP_MACRO_API_CONTROLLER_ENDPOINT_DECL_DEFAULTS(NAME, METHOD, PATH) \
@@ -421,19 +465,19 @@ std::shared_ptr<Endpoint::Info> Z__EDNPOINT_INFO_GET_INSTANCE_##NAME() { \
  */
 #define OATPP_MACRO_API_CONTROLLER_ENDPOINT_ASYNC_DECL(NAME, METHOD, PATH)  \
 \
-std::shared_ptr<Endpoint::Info> Z__CREATE_ENDPOINT_INFO_##NAME() { \
+EndpointInfoBuilder Z__CREATE_ENDPOINT_INFO_##NAME = [this](){ \
   auto info = Z__EDNPOINT_INFO_GET_INSTANCE_##NAME(); \
   info->name = #NAME; \
   info->path = PATH; \
   info->method = METHOD; \
   return info; \
-} \
+}; \
 \
 const std::shared_ptr<Endpoint> Z__ENDPOINT_##NAME = createEndpoint(m_endpoints, \
                                                                     this, \
                                                                     nullptr, \
                                                                     Z__ENDPOINT_METHOD_##NAME(this), \
-                                                                    Z__CREATE_ENDPOINT_INFO_##NAME());
+                                                                    Z__CREATE_ENDPOINT_INFO_##NAME);
 
 /**
  * Codegen macoro to be used in `oatpp::web::server::api::ApiController` to generate Asynchronous Endpoint.

src/oatpp/codegen/codegen_undef_ApiClient_.hpp

@@ -55,7 +55,8 @@
 #undef BODY
 #undef BODY_DTO
 #undef BODY_STRING
-
+#undef AUTHORIZATION
+#undef AUTHORIZATION_BASIC
 //
 
 #undef OATPP_MACRO_API_CONTROLLER_MACRO_SELECTOR
@@ -97,6 +98,18 @@
 
 #undef OATPP_MACRO_API_CLIENT_BODY_STRING
 
+// AUTHORIZATION MACRO
+
+#undef OATPP_MACRO_API_CLIENT_AUTHORIZATION_2
+
+#undef OATPP_MACRO_API_CLIENT_AUTHORIZATION
+
+// AUTHORIZATION_BASIC MACRO
+
+#undef OATPP_MACRO_API_CLIENT_AUTHORIZATION_BASIC_1
+
+#undef OATPP_MACRO_API_CLIENT_AUTHORIZATION_BASIC
+
 // FOR EACH
 
 #undef OATPP_MACRO_API_CLIENT_PARAM_DECL

src/oatpp/codegen/codegen_undef_ApiController_.hpp

@@ -57,6 +57,7 @@
 #undef QUERY
 #undef BODY_STRING
 #undef BODY_DTO
+#undef AUTHORIZATION
 
 // INIT // ------------------------------------------------------
 
@@ -126,6 +127,16 @@
 
 #undef OATPP_MACRO_API_CONTROLLER_BODY_DTO_INFO
 
+// AUTHORIZATION MACRO // ------------------------------------------------------
+#undef OATPP_MACRO_API_CONTROLLER_AUTHORIZATION_1
+#undef OATPP_MACRO_API_CONTROLLER_AUTHORIZATION_2
+#undef OATPP_MACRO_API_CONTROLLER_AUTHORIZATION
+
+// __INFO
+#undef OATPP_MACRO_API_CONTROLLER_AUTHORIZATION_INFO_1
+#undef OATPP_MACRO_API_CONTROLLER_AUTHORIZATION_INFO_2
+#undef OATPP_MACRO_API_CONTROLLER_AUTHORIZATION_INFO
+
 // FOR EACH // ------------------------------------------------------
 
 #undef OATPP_MACRO_API_CONTROLLER_FOR_EACH_PARAM_DECL

src/oatpp/web/client/ApiClient.hpp

@@ -32,6 +32,8 @@
 #include "oatpp/web/protocol/http/outgoing/DtoBody.hpp"
 #include "oatpp/web/protocol/http/outgoing/BufferBody.hpp"
 
+#include "oatpp/encoding/Base64.hpp"
+
 #include "oatpp/core/data/stream/ChunkedBuffer.hpp"
 
 #include "oatpp/core/data/mapping/type/Primitive.hpp"
@@ -44,7 +46,6 @@
 
 #include "oatpp/core/base/Countable.hpp"
 
-
 #include <string>
 #include <list>
 #include <unordered_map>

src/oatpp/web/protocol/http/Http.cpp

@@ -109,6 +109,7 @@ const char* const Header::Value::CONTENT_TYPE_APPLICATION_JSON = "application/js
 
 const char* const Header::ACCEPT = "Accept";
 const char* const Header::AUTHORIZATION = "Authorization";
+const char* const Header::WWW_AUTHENTICATE = "WWW-Authenticate";
 const char* const Header::CONNECTION = "Connection";
 const char* const Header::TRANSFER_ENCODING = "Transfer-Encoding";
 const char* const Header::CONTENT_ENCODING = "Content-Encoding";

src/oatpp/web/protocol/http/Http.hpp

@@ -39,6 +39,18 @@
 
 namespace oatpp { namespace web { namespace protocol { namespace http {
 
+/**
+ * Typedef for headers map. Headers map key is case-insensitive.
+ * `std::unordered_map` of &id:oatpp::data::share::StringKeyLabelCI_FAST; and &id:oatpp::data::share::StringKeyLabel;.
+ */
+typedef std::unordered_map<oatpp::data::share::StringKeyLabelCI_FAST, oatpp::data::share::StringKeyLabel> Headers;
+
+/**
+ * Typedef for query parameters map.
+ * `std::unordered_map` of &id:oatpp::data::share::StringKeyLabel; and &id:oatpp::data::share::StringKeyLabel;.
+ */
+typedef std::unordered_map<oatpp::data::share::StringKeyLabel, oatpp::data::share::StringKeyLabel> QueryParams;
+
 /**
  * Http status.
  */
@@ -397,6 +409,8 @@ class Status{
  * HttpError extends &id:oatpp::web::protocol::ProtocolError;<&l:Status;>.
  */
 class HttpError : public protocol::ProtocolError<Status> {
+private:
+  Headers m_headers;
 public:
 
   /**
@@ -416,6 +430,25 @@ class HttpError : public protocol::ProtocolError<Status> {
   HttpError(const Status& status, const oatpp::String& message)
     : protocol::ProtocolError<Status>(Info(0, status), message)
   {}
+
+  /**
+   * Constructor.
+   * @param status
+   * @param message
+   * @param headers
+   */
+  HttpError(const Status& status, const oatpp::String& message, const Headers& headers)
+    : protocol::ProtocolError<Status>(Info(0, status), message)
+    , m_headers(headers)
+  {}
+
+  /**
+   * Get headers map
+   * @return
+   */
+  const Headers& getHeaders() const {
+    return m_headers;
+  }
 
 };
 
@@ -452,6 +485,7 @@ class Header {
 public:
   static const char* const ACCEPT;              // "Accept"
   static const char* const AUTHORIZATION;       // "Authorization"
+  static const char* const WWW_AUTHENTICATE;    // "WWW-Authenticate"
   static const char* const CONNECTION;          // "Connection"
   static const char* const TRANSFER_ENCODING;   // "Transfer-Encoding"
   static const char* const CONTENT_ENCODING;    // "Content-Encoding"
@@ -601,18 +635,6 @@ struct HeaderValueData {
 
 };
 
-/**
- * Typedef for headers map. Headers map key is case-insensitive.
- * `std::unordered_map` of &id:oatpp::data::share::StringKeyLabelCI_FAST; and &id:oatpp::data::share::StringKeyLabel;.
- */
-typedef std::unordered_map<oatpp::data::share::StringKeyLabelCI_FAST, oatpp::data::share::StringKeyLabel> Headers;
-
-/**
- * Typedef for query parameters map.
- * `std::unordered_map` of &id:oatpp::data::share::StringKeyLabel; and &id:oatpp::data::share::StringKeyLabel;.
- */
-typedef std::unordered_map<oatpp::data::share::StringKeyLabel, oatpp::data::share::StringKeyLabel> QueryParams;
-
 /**
  * Oatpp Http parser.
  */

src/oatpp/web/server/HttpProcessor.cpp

@@ -83,7 +83,7 @@ HttpProcessor::processRequest(HttpRouter* router,
       response = route.getEndpoint()->handle(request);
     }
   } catch (oatpp::web::protocol::http::HttpError& error) {
-    return errorHandler->handleError(error.getInfo().status, error.getMessage());
+    return errorHandler->handleError(error.getInfo().status, error.getMessage(), error.getHeaders());
   } catch (std::exception& error) {
     return errorHandler->handleError(protocol::http::Status::CODE_500, error.what());
   } catch (...) {