Fix authorization for paths that previously used basic auth or any other kind of auth
Former-commit-id: 67acb24946126b952b6d23ffc970593884af7065 [formerly 71928cc331af175aafc7666a9e9291d798ad779f] [formerly 7fce3b3d7f8efd454f42ae9e2da81e241098097c [formerly 503cc79758]]
Former-commit-id: 25a07e5ab482d8b3e2d9254c14ddba04398cf4ca [formerly 39c4bb7c66c4b0d046594a58b5070eac430f62da]
Former-commit-id: 97c7005106996d9ddf2e2529cd1310dad37856a7
pull/726/head
Henrique Dias
parent
30486f968d
commit
c23e47b769
7
auth.go
7
auth.go
|
|
@ -4,6 +4,7 @@ import (
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"math/rand"
|
"math/rand"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"golang.org/x/crypto/bcrypt"
|
"golang.org/x/crypto/bcrypt"
|
||||||
|
|
@ -92,7 +93,11 @@ type extractor []string
|
||||||
|
|
||||||
func (e extractor) ExtractToken(r *http.Request) (string, error) {
|
func (e extractor) ExtractToken(r *http.Request) (string, error) {
|
||||||
token, _ := request.AuthorizationHeaderExtractor.ExtractToken(r)
|
token, _ := request.AuthorizationHeaderExtractor.ExtractToken(r)
|
||||||
if token != "" {
|
|
||||||
|
// Checks if the token isn't empty and if it contains three dots.
|
||||||
|
// The former prevents incompatibility with URLs that previously
|
||||||
|
// used basic auth.
|
||||||
|
if token != "" && strings.Count(token, ".") == 3 {
|
||||||
return token, nil
|
return token, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
File diff suppressed because one or more lines are too long
|
|
@ -1 +0,0 @@
|
||||||
f25abd984c50ba9420d9a1911bd00ed2817ae334
|
|
||||||
Loading…
Reference in New Issue