proxmox-mirrors/pve-http-server
1
0
Fork 0
mirror of https://git.proxmox.com/git/pve-http-server synced 2025-08-05 09:45:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

allow ticket in auth header as fallback

Browse Source 
based on idea & RFC by Tim Marx, incorporating feedback by Thomas
Lamprecht. this will be extended to support API tokens in the
Authorization header as well, so make it generic.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
This commit is contained in:
Tim Marx 2020-01-21 13:54:19 +01:00 committed by Thomas Lamprecht
parent fa5e6f6908
commit e045d0700e
2 changed files with 14 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
PVE/APIServer/AnyEvent.pm
View File

@ -1229,7 +1229,14 @@ sub unshift_read_header {
} elsif ($path =~ m/^\Q$base_uri\E/) {
my $token = $r->header('CSRFPreventionToken');
my $cookie = $r->header('Cookie');
my $ticket = PVE::APIServer::Formatter::extract_auth_cookie($cookie, $self->{cookie_name});
my $auth_header = $r->header('Authorization');
# prefer actual cookie
my $ticket = PVE::APIServer::Formatter::extract_auth_value($cookie, $self->{cookie_name});
# fallback to cookie in 'Authorization' header
$ticket = PVE::APIServer::Formatter::extract_auth_value($auth_header, $self->{cookie_name})
if !$ticket;
my ($rel_uri, $format) = &$split_abs_uri($path, $self->{base_uri});
if (!$format) {

12
PVE/APIServer/Formatter.pm
View File

@ -75,16 +75,16 @@ sub get_login_formatter {
# some helper functions
sub extract_auth_cookie {
my ($cookie, $cookie_name) = @_;
sub extract_auth_value {
my ($header, $key) = @_;
return undef if !$cookie;
return undef if !$header;
my $ticket = ($cookie =~ /(?:^|\s)\Q$cookie_name\E=([^;]*)/)[0];
my $value = ($header =~ /(?:^|\s)\Q$key\E(?:=| )([^;]*)/)[0];
$ticket = uri_unescape($ticket) if $ticket;
$value = uri_unescape($value) if $value;
return $ticket;
return $value;
}
sub create_auth_cookie {