From 07fd135e3b3dd51a65b5fa29c347062feef1e6f7 Mon Sep 17 00:00:00 2001 From: drhideg <52567253+drhideg@users.noreply.github.com> Date: Sat, 4 Apr 2020 16:14:02 +0200 Subject: [PATCH 1/3] Basic authentication with ESP8266httpUpdate Add ability to use basic access authentication with ESP8266httpUpdate --- .../src/ESP8266httpUpdate.cpp | 36 +++++++++++++++++++ .../ESP8266httpUpdate/src/ESP8266httpUpdate.h | 8 +++++ 2 files changed, 44 insertions(+) diff --git a/libraries/ESP8266httpUpdate/src/ESP8266httpUpdate.cpp b/libraries/ESP8266httpUpdate/src/ESP8266httpUpdate.cpp index a7fe1934d2..f72c9c49e8 100755 --- a/libraries/ESP8266httpUpdate/src/ESP8266httpUpdate.cpp +++ b/libraries/ESP8266httpUpdate/src/ESP8266httpUpdate.cpp @@ -43,6 +43,26 @@ ESP8266HTTPUpdate::~ESP8266HTTPUpdate(void) { } +/** + * set the Authorization for the http request + * @param user const String& + * @param password const String& + */ +void ESP8266HTTPUpdate::setAuthorization(const String &user, const String &password) +{ + _user = user; + _password = password; +} + +/** + * set the Authorization for the http request + * @param auth const String& base64 + */ +void ESP8266HTTPUpdate::setAuthorization(const String &auth) +{ + _auth= auth; +} + #if HTTPUPDATE_1_2_COMPATIBLE HTTPUpdateResult ESP8266HTTPUpdate::update(const String& url, const String& currentVersion, const String& httpsFingerprint, bool reboot) @@ -241,6 +261,8 @@ String ESP8266HTTPUpdate::getLastErrorString(void) return F("Verify Bin Header Failed"); case HTTP_UE_BIN_FOR_WRONG_FLASH: return F("New Binary Does Not Fit Flash Size"); + case HTTP_UE_SERVER_UNAUTHORIZED: + return F("Unauthorized (401)"); } return String(); @@ -282,6 +304,16 @@ HTTPUpdateResult ESP8266HTTPUpdate::handleUpdate(HTTPClient& http, const String& http.addHeader(F("x-ESP8266-version"), currentVersion); } + if (_user && _user[0] != 0x00 && _password && _password[0] != 0x00) + { + http.setAuthorization(_user.c_str(), _password.c_str()); + } + + if (_auth && _auth[0] != 0x00) + { + http.setAuthorization(_auth.c_str()); + } + const char * headerkeys[] = { "x-MD5" }; size_t headerkeyssize = sizeof(headerkeys) / sizeof(char*); @@ -432,6 +464,10 @@ HTTPUpdateResult ESP8266HTTPUpdate::handleUpdate(HTTPClient& http, const String& _setLastError(HTTP_UE_SERVER_FORBIDDEN); ret = HTTP_UPDATE_FAILED; break; + case HTTP_CODE_UNAUTHORIZED: + _setLastError(HTTP_UE_SERVER_UNAUTHORIZED); + ret = HTTP_UPDATE_FAILED; + break; default: _setLastError(HTTP_UE_SERVER_WRONG_HTTP_CODE); ret = HTTP_UPDATE_FAILED; diff --git a/libraries/ESP8266httpUpdate/src/ESP8266httpUpdate.h b/libraries/ESP8266httpUpdate/src/ESP8266httpUpdate.h index ddbd307ad9..a5a75521c6 100755 --- a/libraries/ESP8266httpUpdate/src/ESP8266httpUpdate.h +++ b/libraries/ESP8266httpUpdate/src/ESP8266httpUpdate.h @@ -56,6 +56,7 @@ constexpr int HTTP_UE_SERVER_WRONG_HTTP_CODE = (-104); constexpr int HTTP_UE_SERVER_FAULTY_MD5 = (-105); constexpr int HTTP_UE_BIN_VERIFY_HEADER_FAILED = (-106); constexpr int HTTP_UE_BIN_FOR_WRONG_FLASH = (-107); +constexpr int HTTP_UE_SERVER_UNAUTHORIZED = (-108); enum HTTPUpdateResult { HTTP_UPDATE_FAILED, @@ -111,6 +112,9 @@ class ESP8266HTTPUpdate _ledOn = ledOn; } + void setAuthorization(const String& user, const String& password); + void setAuthorization(const String& auth); + #if HTTPUPDATE_1_2_COMPATIBLE // This function is deprecated, use rebootOnUpdate and the next one instead t_httpUpdate_return update(const String& url, const String& currentVersion, @@ -171,6 +175,10 @@ class ESP8266HTTPUpdate int _lastError; bool _rebootOnUpdate = true; bool _closeConnectionsOnUpdate = true; + String _user; + String _password; + String _auth; + private: int _httpClientTimeout; followRedirects_t _followRedirects; From 8a8905312d818ce62eff94f1a78dfd98d8d45f71 Mon Sep 17 00:00:00 2001 From: drhideg <52567253+drhideg@users.noreply.github.com> Date: Sat, 4 Apr 2020 16:15:23 +0200 Subject: [PATCH 2/3] Basic authentication with ESP8266httpUpdate Add ability to use basic access authentication with ESP8266httpUpdate --- libraries/ESP8266httpUpdate/keywords.txt | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libraries/ESP8266httpUpdate/keywords.txt b/libraries/ESP8266httpUpdate/keywords.txt index 78be600d42..1c5b9f9588 100644 --- a/libraries/ESP8266httpUpdate/keywords.txt +++ b/libraries/ESP8266httpUpdate/keywords.txt @@ -24,6 +24,7 @@ update KEYWORD2 updateSpiffs KEYWORD2 getLastError KEYWORD2 getLastErrorString KEYWORD2 +setAuthorization KEYWORD2 ####################################### # Constants (LITERAL1) @@ -37,6 +38,7 @@ HTTP_UE_SERVER_WRONG_HTTP_CODE LITERAL1 RESERVED_WORD_2 HTTP_UE_SERVER_FAULTY_MD5 LITERAL1 RESERVED_WORD_2 HTTP_UE_BIN_VERIFY_HEADER_FAILED LITERAL1 RESERVED_WORD_2 HTTP_UE_BIN_FOR_WRONG_FLASH LITERAL1 RESERVED_WORD_2 +HTTP_UE_SERVER_UNAUTHORIZED LITERAL1 RESERVED_WORD_2 HTTP_UPDATE_FAILED LITERAL1 RESERVED_WORD_2 HTTP_UPDATE_NO_UPDATES LITERAL1 RESERVED_WORD_2 HTTP_UPDATE_OK LITERAL1 RESERVED_WORD_2 From 16821ce068f0fa798db3530d88f81b7de1483ebc Mon Sep 17 00:00:00 2001 From: drhideg <52567253+drhideg@users.noreply.github.com> Date: Tue, 5 May 2020 10:34:23 +0200 Subject: [PATCH 3/3] simplification of the conditions --- libraries/ESP8266httpUpdate/src/ESP8266httpUpdate.cpp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/libraries/ESP8266httpUpdate/src/ESP8266httpUpdate.cpp b/libraries/ESP8266httpUpdate/src/ESP8266httpUpdate.cpp index f72c9c49e8..ec667a8c94 100755 --- a/libraries/ESP8266httpUpdate/src/ESP8266httpUpdate.cpp +++ b/libraries/ESP8266httpUpdate/src/ESP8266httpUpdate.cpp @@ -60,7 +60,7 @@ void ESP8266HTTPUpdate::setAuthorization(const String &user, const String &passw */ void ESP8266HTTPUpdate::setAuthorization(const String &auth) { - _auth= auth; + _auth = auth; } #if HTTPUPDATE_1_2_COMPATIBLE @@ -304,12 +304,12 @@ HTTPUpdateResult ESP8266HTTPUpdate::handleUpdate(HTTPClient& http, const String& http.addHeader(F("x-ESP8266-version"), currentVersion); } - if (_user && _user[0] != 0x00 && _password && _password[0] != 0x00) + if (!_user.isEmpty() && !_password.isEmpty()) { http.setAuthorization(_user.c_str(), _password.c_str()); } - if (_auth && _auth[0] != 0x00) + if (!_auth.isEmpty()) { http.setAuthorization(_auth.c_str()); }