[pve-devel] [RFC PATCH http-server 1/1] allow ticket in auth header as fallback
Tim Marx
t.marx at proxmox.com
Fri Aug 30 14:12:31 CEST 2019
Signed-off-by: Tim Marx <t.marx at proxmox.com>
---
PVE/APIServer/AnyEvent.pm | 5 +++++
PVE/APIServer/Formatter.pm | 12 ++++++++++++
2 files changed, 17 insertions(+)
diff --git a/PVE/APIServer/AnyEvent.pm b/PVE/APIServer/AnyEvent.pm
index 2e8ca47..c8f7b6d 100644
--- a/PVE/APIServer/AnyEvent.pm
+++ b/PVE/APIServer/AnyEvent.pm
@@ -1223,6 +1223,11 @@ sub unshift_read_header {
my $cookie = $r->header('Cookie');
my $ticket = PVE::APIServer::Formatter::extract_auth_cookie($cookie, $self->{cookie_name});
+ if (!defined $ticket) {
+ my $authHeader = $r->header('Authorization');
+ $ticket = PVE::APIServer::Formatter::extract_ticket_from_auth_header($authHeader, $self->{cookie_name});
+ }
+
my ($rel_uri, $format) = &$split_abs_uri($path, $self->{base_uri});
if (!$format) {
$self->error($reqstate, HTTP_NOT_IMPLEMENTED, "no such uri");
diff --git a/PVE/APIServer/Formatter.pm b/PVE/APIServer/Formatter.pm
index 0c459bd..f626180 100644
--- a/PVE/APIServer/Formatter.pm
+++ b/PVE/APIServer/Formatter.pm
@@ -87,6 +87,18 @@ sub extract_auth_cookie {
return $ticket;
}
+sub extract_ticket_from_auth_header {
+ my ($auth_header, $type) = @_;
+
+ return undef if !$auth_header;
+
+ my $ticket = ($auth_header =~ /(?:^|\s)\Q$type\E ([^;]*)/)[0];
+
+ $ticket = uri_unescape($ticket) if $ticket;
+
+ return $ticket;
+}
+
sub create_auth_cookie {
my ($ticket, $cookie_name) = @_;
--
2.20.1
More information about the pve-devel
mailing list