Add support of authentication in the download operation (#194)

Issue #126 - Add support of authentication in the download settings
2025-12-10 18:37:28 +08:00 · 2017-04-11 22:37:44 +02:00
parent 1b93f81752
commit 5803d3ce15
3 changed files with 109 additions and 2 deletions
--- a/src/Core/WinSWCore/Download.cs
+++ b/src/Core/WinSWCore/Download.cs
@@ -1,6 +1,7 @@
-using System;
+using System;
 using System.IO;
 using System.Net;
+using System.Text;
 using System.Xml;

 namespace winsw
@@ -11,18 +12,91 @@ namespace winsw
    /// </summary>
    public class Download
    {
+        public enum AuthType { none = 0, sspi, basic }
+
        public readonly string From;
        public readonly string To;
+        public readonly AuthType Auth = AuthType.none;
+        public readonly string Username;
+        public readonly string Password;
+        public readonly bool UnsecureAuth = false;

        internal Download(XmlNode n)
        {
            From = Environment.ExpandEnvironmentVariables(n.Attributes["from"].Value);
            To = Environment.ExpandEnvironmentVariables(n.Attributes["to"].Value);
+
+            string tmpStr = "";
+            try
+            {
+                tmpStr = Environment.ExpandEnvironmentVariables(n.Attributes["auth"].Value);
+            }
+            catch (Exception)
+            {
+            }
+            Auth = tmpStr != "" ? (AuthType)Enum.Parse(typeof(AuthType), tmpStr) : AuthType.none;
+
+            try
+            {
+                tmpStr = Environment.ExpandEnvironmentVariables(n.Attributes["username"].Value);
+            }
+            catch (Exception)
+            {
+            }
+            Username = tmpStr;
+
+            try
+            {
+                tmpStr = Environment.ExpandEnvironmentVariables(n.Attributes["password"].Value);
+            }
+            catch (Exception)
+            {
+            }
+            Password = tmpStr;
+
+            try
+            {
+                tmpStr = Environment.ExpandEnvironmentVariables(n.Attributes["unsecureAuth"].Value);
+            }
+            catch (Exception)
+            {
+            }
+            UnsecureAuth = tmpStr == "enabled" ? true : false;
+
+            if (Auth == AuthType.basic)
+            {
+                if (From.StartsWith("http:") && UnsecureAuth == false)
+                {
+                    throw new Exception("Warning: you're sending your credentials in clear text to the server. If you really want this you must enable this in the configuration!");
+                }
+            }
+        }
+
+        // Source: http://stackoverflow.com/questions/2764577/forcing-basic-authentication-in-webrequest
+        public void SetBasicAuthHeader(WebRequest request, String username, String password)
+        {
+            string authInfo = username + ":" + password;
+            authInfo = Convert.ToBase64String(Encoding.GetEncoding("ISO-8859-1").GetBytes(authInfo));
+            request.Headers["Authorization"] = "Basic " + authInfo;
        }

        public void Perform()
        {
            WebRequest req = WebRequest.Create(From);
+
+            switch (Auth)
+            {
+                case AuthType.sspi:
+                    req.UseDefaultCredentials = true;
+                    req.PreAuthenticate = true;
+                    req.Credentials = CredentialCache.DefaultCredentials;
+                    break;
+
+                case AuthType.basic:
+                    SetBasicAuthHeader(req, Username, Password);
+                    break;
+            }
+
            WebResponse rsp = req.GetResponse();
            FileStream tmpstream = new FileStream(To + ".tmp", FileMode.Create);
            CopyStream(rsp.GetResponseStream(), tmpstream);