From 6da90de765356e13751b2a3f60febcc7f3034d65 Mon Sep 17 00:00:00 2001 From: Bernhard Kirchen Date: Sun, 12 May 2024 22:12:15 +0200 Subject: [PATCH] remove extraction of basic auth params from URL the extractUrlComponents method did extract username and password from the URL and encoded it for basic authentication. however, the respective result string was never used. we only perform basic authentication if the auth type is "basic" and if username and password were supplied through the respective inputs. --- include/PowerMeterHttpJson.h | 2 +- src/PowerMeterHttpJson.cpp | 10 ++++------ webapp/src/views/PowerMeterAdminView.vue | 4 ++-- 3 files changed, 7 insertions(+), 9 deletions(-) diff --git a/include/PowerMeterHttpJson.h b/include/PowerMeterHttpJson.h index 50bca8c5..e50fb78f 100644 --- a/include/PowerMeterHttpJson.h +++ b/include/PowerMeterHttpJson.h @@ -33,7 +33,7 @@ private: String httpResponse; bool httpRequest(int phase, const String& host, uint16_t port, const String& uri, bool https, PowerMeterHttpJsonConfig const& config); - bool extractUrlComponents(String url, String& _protocol, String& _hostname, String& _uri, uint16_t& uint16_t, String& _base64Authorization); + bool extractUrlComponents(String url, String& _protocol, String& _hostname, String& _uri, uint16_t& uint16_t); String extractParam(String& authReq, const String& param, const char delimit); String getcNonce(const int len); String getDigestAuth(String& authReq, const String& username, const String& password, const String& method, const String& uri, unsigned int counter); diff --git a/src/PowerMeterHttpJson.cpp b/src/PowerMeterHttpJson.cpp index 785775cc..6faeb71c 100644 --- a/src/PowerMeterHttpJson.cpp +++ b/src/PowerMeterHttpJson.cpp @@ -80,9 +80,8 @@ bool PowerMeterHttpJson::queryValue(int phase, PowerMeterHttpJsonConfig const& c String protocol; String host; String uri; - String base64Authorization; uint16_t port; - extractUrlComponents(config.HttpRequest.Url, protocol, host, uri, port, base64Authorization); + extractUrlComponents(config.HttpRequest.Url, protocol, host, uri, port); IPAddress ipaddr((uint32_t)0); //first check if "host" is already an IP adress @@ -267,7 +266,7 @@ bool PowerMeterHttpJson::tryGetFloatValueForPhase(int phase, String jsonPath, Un } //extract url component as done by httpClient::begin(String url, const char* expectedProtocol) https://github.com/espressif/arduino-esp32/blob/da6325dd7e8e152094b19fe63190907f38ef1ff0/libraries/HTTPClient/src/HTTPClient.cpp#L250 -bool PowerMeterHttpJson::extractUrlComponents(String url, String& _protocol, String& _host, String& _uri, uint16_t& _port, String& _base64Authorization) +bool PowerMeterHttpJson::extractUrlComponents(String url, String& _protocol, String& _host, String& _uri, uint16_t& _port) { // check for : (http: or https: int index = url.indexOf(':'); @@ -295,10 +294,9 @@ bool PowerMeterHttpJson::extractUrlComponents(String url, String& _protocol, Str // get Authorization index = host.indexOf('@'); if(index >= 0) { - // auth info - String auth = host.substring(0, index); + // basic authentication is only supported through setting username + // and password using the respective inputs, not embedded into the URL host.remove(0, index + 1); // remove auth part including @ - _base64Authorization = base64::encode(auth); } // get port diff --git a/webapp/src/views/PowerMeterAdminView.vue b/webapp/src/views/PowerMeterAdminView.vue index a7dbae77..9c787753 100644 --- a/webapp/src/views/PowerMeterAdminView.vue +++ b/webapp/src/views/PowerMeterAdminView.vue @@ -98,8 +98,8 @@