[pve-devel] [PATCH 1/9] HTTPServer.pm: add cookie handling methods
Dietmar Maurer
dietmar at proxmox.com
Tue Jan 10 11:55:18 CET 2017
Copied from PVE::REST (I want to get rid of this PVE::REST class).
Signed-off-by: Dietmar Maurer <dietmar at proxmox.com>
---
PVE/HTTPServer.pm | 32 ++++++++++++++++++++++++++++++--
1 file changed, 30 insertions(+), 2 deletions(-)
diff --git a/PVE/HTTPServer.pm b/PVE/HTTPServer.pm
index afc152c..168020c 100755
--- a/PVE/HTTPServer.pm
+++ b/PVE/HTTPServer.pm
@@ -145,6 +145,32 @@ sub log_aborted_request {
$self->log_request($reqstate);
}
+sub extract_auth_cookie {
+ my ($self, $cookie) = @_;
+
+ return undef if !$cookie;
+
+ my $cookie_name = $self->{cookie_name};
+
+ my $ticket = ($cookie =~ /(?:^|\s)$cookie_name=([^;]*)/)[0];
+
+ if ($ticket && $ticket =~ m/^PVE%3A/) {
+ $ticket = uri_unescape($ticket);
+ }
+
+ return $ticket;
+}
+
+sub create_auth_cookie {
+ my ($self, $ticket) = @_;
+
+ my $cookie_name = $self->{cookie_name};
+
+ my $encticket = uri_escape($ticket);
+
+ return "${cookie_name}=$encticket; path=/; secure;";
+}
+
sub cleanup_reqstate {
my ($reqstate) = @_;
@@ -586,7 +612,7 @@ sub proxy_request {
PVEClientIP => $clientip,
};
- $headers->{'cookie'} = PVE::REST::create_auth_cookie($ticket) if $ticket;
+ $headers->{'cookie'} = $self->create_auth_cookie($ticket) if $ticket;
$headers->{'CSRFPreventionToken'} = $token if $token;
$headers->{'Accept-Encoding'} = 'gzip' if $reqstate->{accept_gzip};
@@ -1234,7 +1260,7 @@ sub unshift_read_header {
} elsif ($path =~ m!$baseuri!) {
my $token = $r->header('CSRFPreventionToken');
my $cookie = $r->header('Cookie');
- my $ticket = PVE::REST::extract_auth_cookie($cookie);
+ my $ticket = $self->extract_auth_cookie($cookie);
my ($rel_uri, $format) = split_abs_uri($path);
if (!$format) {
@@ -1620,6 +1646,8 @@ sub new {
my $self = bless { %args }, $class;
+ $self->{cookie_name} //= 'PVEAuthCookie';
+
PVE::REST::set_base_handler_class($self->{base_handler_class});
# init inotify
--
2.1.4
More information about the pve-devel
mailing list