[pve-devel] [RFC PATCH http-server 1/1] allow ticket in auth header as fallback

Tim Marx t.marx at proxmox.com
Fri Aug 30 14:12:31 CEST 2019


Signed-off-by: Tim Marx <t.marx at proxmox.com>
---
 PVE/APIServer/AnyEvent.pm  |  5 +++++
 PVE/APIServer/Formatter.pm | 12 ++++++++++++
 2 files changed, 17 insertions(+)

diff --git a/PVE/APIServer/AnyEvent.pm b/PVE/APIServer/AnyEvent.pm
index 2e8ca47..c8f7b6d 100644
--- a/PVE/APIServer/AnyEvent.pm
+++ b/PVE/APIServer/AnyEvent.pm
@@ -1223,6 +1223,11 @@ sub unshift_read_header {
 		    my $cookie = $r->header('Cookie');
 		    my $ticket = PVE::APIServer::Formatter::extract_auth_cookie($cookie, $self->{cookie_name});
 
+		    if (!defined $ticket) {
+			my $authHeader = $r->header('Authorization');
+			$ticket = PVE::APIServer::Formatter::extract_ticket_from_auth_header($authHeader, $self->{cookie_name});
+		    }
+
 		    my ($rel_uri, $format) = &$split_abs_uri($path, $self->{base_uri});
 		    if (!$format) {
 			$self->error($reqstate, HTTP_NOT_IMPLEMENTED, "no such uri");
diff --git a/PVE/APIServer/Formatter.pm b/PVE/APIServer/Formatter.pm
index 0c459bd..f626180 100644
--- a/PVE/APIServer/Formatter.pm
+++ b/PVE/APIServer/Formatter.pm
@@ -87,6 +87,18 @@ sub extract_auth_cookie {
     return $ticket;
 }
 
+sub extract_ticket_from_auth_header {
+    my ($auth_header, $type) = @_;
+
+    return undef if !$auth_header;
+
+    my $ticket = ($auth_header =~ /(?:^|\s)\Q$type\E ([^;]*)/)[0];
+
+    $ticket = uri_unescape($ticket) if $ticket;
+
+    return $ticket;
+}
+
 sub create_auth_cookie {
     my ($ticket, $cookie_name) = @_;
 
-- 
2.20.1



More information about the pve-devel mailing list