wasphin commented on code in PR #2744: URL: https://github.com/apache/brpc/pull/2744#discussion_r1729992199
########## src/brpc/policy/http_rpc_protocol.cpp: ########## @@ -1253,6 +1254,30 @@ ParseResult ParseHttpMessage(butil::IOBuf *source, Socket *socket, } } +static void SendUnauthorizedResponseIfNeed(const Authenticator* auth, Socket* socket) { + std::string www_authenticate; + if (!auth->GetUnauthorizedResponseInfo(www_authenticate)) { + return; + } + + // Send 401(unauthorized) and `ERPCAUTH' to client. + butil::IOBuf res_buf; + HttpHeader header; + header.set_status_code(HTTP_STATUS_UNAUTHORIZED); + // RFC7235 https://datatracker.ietf.org/doc/html/rfc7235#section-4.1 + // The server generating a 401 response MUST send a WWW-Authenticate + // header field (Section 4.1) containing at least one challenge + // applicable to the target resource. + header.SetHeader(common->ERROR_CODE, butil::string_printf("%d", ERPCAUTH)); + header.SetHeader(common->WWW_AUTHENTICATE, www_authenticate); Review Comment: 印象中目前 http 方式 rpc 错误信息是直接填到 body 里了 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@brpc.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@brpc.apache.org For additional commands, e-mail: dev-h...@brpc.apache.org