remove extraction of basic auth params from URL

the extractUrlComponents method did extract username and password from the URL and encoded it for basic authentication. however, the respective result string was never used. we only perform basic authentication if the auth type is "basic" and if username and password were supplied through the respective inputs.
2024-05-12 22:12:15 +02:00 · 2024-05-12 22:12:15 +02:00 · 6da90de765
commit 6da90de765
parent 297b149f84
3 changed files with 7 additions and 9 deletions
--- a/include/PowerMeterHttpJson.h
+++ b/include/PowerMeterHttpJson.h
@ -33,7 +33,7 @@ private:
    String httpResponse;
    bool httpRequest(int phase, const String& host, uint16_t port, const String& uri, bool https, PowerMeterHttpJsonConfig const& config);
-    bool extractUrlComponents(String url, String& _protocol, String& _hostname, String& _uri, uint16_t& uint16_t, String& _base64Authorization);
+    bool extractUrlComponents(String url, String& _protocol, String& _hostname, String& _uri, uint16_t& uint16_t);
    String extractParam(String& authReq, const String& param, const char delimit);
    String getcNonce(const int len);
    String getDigestAuth(String& authReq, const String& username, const String& password, const String& method, const String& uri, unsigned int counter);
--- a/src/PowerMeterHttpJson.cpp
+++ b/src/PowerMeterHttpJson.cpp
@ -80,9 +80,8 @@ bool PowerMeterHttpJson::queryValue(int phase, PowerMeterHttpJsonConfig const& c
    String protocol;
    String host;
    String uri;
    String base64Authorization;
    uint16_t port;
-    extractUrlComponents(config.HttpRequest.Url, protocol, host, uri, port, base64Authorization);
+    extractUrlComponents(config.HttpRequest.Url, protocol, host, uri, port);
    IPAddress ipaddr((uint32_t)0);
    //first check if "host" is already an IP adress
@ -267,7 +266,7 @@ bool PowerMeterHttpJson::tryGetFloatValueForPhase(int phase, String jsonPath, Un
 }
 //extract url component as done by httpClient::begin(String url, const char* expectedProtocol) https://github.com/espressif/arduino-esp32/blob/da6325dd7e8e152094b19fe63190907f38ef1ff0/libraries/HTTPClient/src/HTTPClient.cpp#L250
-bool PowerMeterHttpJson::extractUrlComponents(String url, String& _protocol, String& _host, String& _uri, uint16_t& _port, String& _base64Authorization)
+bool PowerMeterHttpJson::extractUrlComponents(String url, String& _protocol, String& _host, String& _uri, uint16_t& _port)
 {
    // check for : (http: or https:
    int index = url.indexOf(':');
@ -295,10 +294,9 @@ bool PowerMeterHttpJson::extractUrlComponents(String url, String& _protocol, Str
    // get Authorization
    index = host.indexOf('@');
    if(index >= 0) {
-        // auth info
+        // basic authentication is only supported through setting username
-        String auth = host.substring(0, index);
+        // and password using the respective inputs, not embedded into the URL
        host.remove(0, index + 1); // remove auth part including @
        _base64Authorization = base64::encode(auth);
    }
    // get port
--- a/webapp/src/views/PowerMeterAdminView.vue
+++ b/webapp/src/views/PowerMeterAdminView.vue
@ -98,8 +98,8 @@
                    <div class="alert alert-secondary mt-5" role="alert">
                        <h2>{{ $t('powermeteradmin.urlExamplesHeading') }}:</h2>
                        <ul>
-                            <li>http://admin:secret@shelly3em.home/status</li>
+                            <li>http://shelly3em.home/status</li>
-                            <li>https://admin:secret@shelly3em.home/status</li>
+                            <li>https://shelly3em.home/status</li>
                            <li>http://tasmota-123.home/cm?cmnd=status%208</li>
                            <li>http://12.34.56.78/emeter/0</li>
                        </ul>