From 7566bfb5489a195553a9ec2e28741f881a1e8f19 Mon Sep 17 00:00:00 2001
From: ganeshlandge <ganeshlandge936@gmail.com>
Date: Mon, 5 Aug 2019 14:27:48 +0530
Subject: [PATCH] fixes : set_url discards username and password

---
 components/esp_http_client/esp_http_client.c  | 45 ++++++++++++++-----
 .../esp_http_client/include/esp_http_client.h | 28 ++++++++++++
 .../esp_http_client/test/test_http_client.c   | 18 ++++++--
 3 files changed, 75 insertions(+), 16 deletions(-)

diff --git a/components/esp_http_client/esp_http_client.c b/components/esp_http_client/esp_http_client.c
index 76f6eec01..135766fd9 100644
--- a/components/esp_http_client/esp_http_client.c
+++ b/components/esp_http_client/esp_http_client.c
@@ -294,6 +294,21 @@ esp_err_t esp_http_client_get_username(esp_http_client_handle_t client, char **v
     return ESP_OK;
 }
 
+esp_err_t esp_http_client_set_username(esp_http_client_handle_t client, const char *username)
+{
+    if (client == NULL) {
+        ESP_LOGE(TAG, "client must not be NULL");
+        return ESP_ERR_INVALID_ARG;
+    }
+    if (username == NULL && client->connection_info.username != NULL) {
+        free(client->connection_info.username);
+        client->connection_info.username = NULL;
+    } else if (username != NULL) {
+        client->connection_info.username = strdup(username);
+    }
+    return ESP_OK;
+}
+
 esp_err_t esp_http_client_get_password(esp_http_client_handle_t client, char **value)
 {
     if (client == NULL || value == NULL) {
@@ -304,6 +319,22 @@ esp_err_t esp_http_client_get_password(esp_http_client_handle_t client, char **v
     return ESP_OK;
 }
 
+esp_err_t esp_http_client_set_password(esp_http_client_handle_t client, char *password)
+{
+    if (client == NULL) {
+        ESP_LOGE(TAG, "client must not be NULL");
+        return ESP_ERR_INVALID_ARG;
+    }
+    if (password == NULL && client->connection_info.password != NULL) {
+        memset(client->connection_info.password, 0, strlen(client->connection_info.password));
+        free(client->connection_info.password);
+        client->connection_info.password = NULL;
+    } else if (password != NULL) {
+        client->connection_info.password = strdup(password);
+    }
+    return ESP_OK;
+}
+
 static esp_err_t _set_config(esp_http_client_handle_t client, const esp_http_client_config_t *config)
 {
     client->connection_info.method = config->method;
@@ -660,10 +691,7 @@ esp_err_t esp_http_client_set_url(esp_http_client_handle_t client, const char *u
     }
     old_port = client->connection_info.port;
 
-    // Whether the passed url is absolute or is just a path
-    bool is_absolute_url = (bool) purl.field_data[UF_HOST].len;
-
-    if (is_absolute_url) {
+    if (purl.field_data[UF_HOST].len) {
         http_utils_assign_string(&client->connection_info.host, url + purl.field_data[UF_HOST].off, purl.field_data[UF_HOST].len);
         HTTP_MEM_CHECK(TAG, client->connection_info.host, return ESP_ERR_NO_MEM);
     }
@@ -720,14 +748,7 @@ esp_err_t esp_http_client_set_url(esp_http_client_handle_t client, const char *u
         } else {
             return ESP_ERR_NO_MEM;
         }
-    } else if (is_absolute_url) {
-        // Only reset authentication info if the passed URL is full
-        free(client->connection_info.username);
-        free(client->connection_info.password);
-        client->connection_info.username = NULL;
-        client->connection_info.password = NULL;
-    }
-
+    } 
 
     //Reset path and query if there are no information
     if (purl.field_data[UF_PATH].len) {
diff --git a/components/esp_http_client/include/esp_http_client.h b/components/esp_http_client/include/esp_http_client.h
index cc97cc069..538e0c45e 100644
--- a/components/esp_http_client/include/esp_http_client.h
+++ b/components/esp_http_client/include/esp_http_client.h
@@ -264,6 +264,20 @@ esp_err_t esp_http_client_get_header(esp_http_client_handle_t client, const char
  */
 esp_err_t esp_http_client_get_username(esp_http_client_handle_t client, char **value);
 
+/**
+ * @brief      Set http request username.
+ *             The value of username parameter will be assigned to username buffer.
+ *             If the username parameter is NULL then username buffer will be freed.
+ *
+ * @param[in]  client    The esp_http_client handle
+ * @param[in]  username  The username value
+ *
+ * @return
+ *     - ESP_OK
+ *     - ESP_ERR_INVALID_ARG
+ */
+esp_err_t esp_http_client_set_username(esp_http_client_handle_t client, const char *username);
+
 /**
  * @brief      Get http request password.
  *             The address of password buffer will be assigned to value parameter.
@@ -278,6 +292,20 @@ esp_err_t esp_http_client_get_username(esp_http_client_handle_t client, char **v
  */
 esp_err_t esp_http_client_get_password(esp_http_client_handle_t client, char **value);
 
+/**
+ * @brief      Set http request password.
+ *             The value of password parameter will be assigned to password buffer.
+ *             If the password parameter is NULL then password buffer will be freed.
+ *
+ * @param[in]  client    The esp_http_client handle
+ * @param[in]  password  The password value
+ *
+ * @return
+ *     - ESP_OK
+ *     - ESP_ERR_INVALID_ARG
+ */
+esp_err_t esp_http_client_set_password(esp_http_client_handle_t client, char *password);
+
 /**
  * @brief      Set http request method
  *
diff --git a/components/esp_http_client/test/test_http_client.c b/components/esp_http_client/test/test_http_client.c
index f85e6970f..4a2f725d8 100644
--- a/components/esp_http_client/test/test_http_client.c
+++ b/components/esp_http_client/test/test_http_client.c
@@ -103,10 +103,11 @@ TEST_CASE("Username is unmodified when we change to new path", "[ESP HTTP CLIENT
 }
 
 /**
- * Test case to test that, the esp_http_client_set_url will reset username and password
- * when passing a full URL with username & password missing.
+ * Test case to test that, the esp_http_client_set_url do not reset the auth credentials
+ * Explicit APIs esp_http_client_set_username and esp_http_client_set_password are used to change 
+ * the auth credentials
  **/
-TEST_CASE("Username is reset if new absolute URL doesnot specify username.", "[ESP HTTP CLIENT]")
+TEST_CASE("Username and password will not reset if new absolute URL doesnot specify auth credentials.", "[ESP HTTP CLIENT]")
 {
     esp_http_client_config_t config_with_auth = {
         .host = HOST,
@@ -122,8 +123,17 @@ TEST_CASE("Username is reset if new absolute URL doesnot specify username.", "[E
     TEST_ASSERT_NOT_NULL(value);
     TEST_ASSERT_EQUAL_STRING(USERNAME, value);
     esp_http_client_set_url(client, "http://" HOST "/get");
+    esp_http_client_set_username(client, value);
+    esp_http_client_set_password(client, value);
+    //checks if username is set or not
     r = esp_http_client_get_username(client, &value);
     TEST_ASSERT_EQUAL(ESP_OK, r);
-    TEST_ASSERT_NULL(value);
+    //If username is set then value should not be NULL
+    TEST_ASSERT_NOT_NULL(value);
+    //checks if password is set or not
+    r = esp_http_client_get_password(client, &value);
+    TEST_ASSERT_EQUAL(ESP_OK, r);
+    //If password is set then value should not be NULL
+    TEST_ASSERT_NOT_NULL(value);
     esp_http_client_cleanup(client);
 }