[pve-devel] [PATCH v2 01/10] HTTPServer.pm: add cookie handling methods
Dietmar Maurer
dietmar at proxmox.com
Tue Jan 10 17:05:58 CET 2017
Copied from PVE::REST (I want to get rid of this PVE::REST class).
Signed-off-by: Dietmar Maurer <dietmar at proxmox.com>
---
PVE/HTTPServer.pm | 28 ++++++++++++++++++++++++++--
1 file changed, 26 insertions(+), 2 deletions(-)
diff --git a/PVE/HTTPServer.pm b/PVE/HTTPServer.pm
index afc152c..cd76275 100755
--- a/PVE/HTTPServer.pm
+++ b/PVE/HTTPServer.pm
@@ -145,6 +145,28 @@ sub log_aborted_request {
$self->log_request($reqstate);
}
+sub extract_auth_cookie {
+ my ($cookie, $cookie_name) = @_;
+
+ return undef if !$cookie;
+
+ my $ticket = ($cookie =~ /(?:^|\s)\Q$cookie_name\E=([^;]*)/)[0];
+
+ if ($ticket && $ticket =~ m/^PVE%3A/) {
+ $ticket = uri_unescape($ticket);
+ }
+
+ return $ticket;
+}
+
+sub create_auth_cookie {
+ my ($ticket, $cookie_name) = @_;
+
+ my $encticket = uri_escape($ticket);
+
+ return "${cookie_name}=$encticket; path=/; secure;";
+}
+
sub cleanup_reqstate {
my ($reqstate) = @_;
@@ -586,7 +608,7 @@ sub proxy_request {
PVEClientIP => $clientip,
};
- $headers->{'cookie'} = PVE::REST::create_auth_cookie($ticket) if $ticket;
+ $headers->{'cookie'} = create_auth_cookie($ticket, $self->{cookie_name}) if $ticket;
$headers->{'CSRFPreventionToken'} = $token if $token;
$headers->{'Accept-Encoding'} = 'gzip' if $reqstate->{accept_gzip};
@@ -1234,7 +1256,7 @@ sub unshift_read_header {
} elsif ($path =~ m!$baseuri!) {
my $token = $r->header('CSRFPreventionToken');
my $cookie = $r->header('Cookie');
- my $ticket = PVE::REST::extract_auth_cookie($cookie);
+ my $ticket = extract_auth_cookie($cookie, $self->{cookie_name});
my ($rel_uri, $format) = split_abs_uri($path);
if (!$format) {
@@ -1620,6 +1642,8 @@ sub new {
my $self = bless { %args }, $class;
+ $self->{cookie_name} //= 'PVEAuthCookie';
+
PVE::REST::set_base_handler_class($self->{base_handler_class});
# init inotify
--
2.1.4
More information about the pve-devel
mailing list