Merge pull request #2558 from kelseyhightower/add-basic-auth
netutil: add BasicAuth functionrelease-2.1
commit
454b66edde
|
@ -24,6 +24,7 @@ import (
|
|||
"github.com/coreos/etcd/etcdserver"
|
||||
"github.com/coreos/etcd/etcdserver/etcdhttp/httptypes"
|
||||
"github.com/coreos/etcd/etcdserver/security"
|
||||
"github.com/coreos/etcd/pkg/netutil"
|
||||
)
|
||||
|
||||
type securityHandler struct {
|
||||
|
@ -46,7 +47,7 @@ func hasRootAccess(sec *security.Store, r *http.Request) bool {
|
|||
if !sec.SecurityEnabled() {
|
||||
return true
|
||||
}
|
||||
username, password, ok := r.BasicAuth()
|
||||
username, password, ok := netutil.BasicAuth(r)
|
||||
if !ok {
|
||||
return false
|
||||
}
|
||||
|
@ -73,7 +74,7 @@ func hasKeyPrefixAccess(sec *security.Store, r *http.Request, key string) bool {
|
|||
if !sec.SecurityEnabled() {
|
||||
return true
|
||||
}
|
||||
username, password, ok := r.BasicAuth()
|
||||
username, password, ok := netutil.BasicAuth(r)
|
||||
if !ok {
|
||||
return false
|
||||
}
|
||||
|
|
|
@ -15,10 +15,13 @@
|
|||
package netutil
|
||||
|
||||
import (
|
||||
"encoding/base64"
|
||||
"log"
|
||||
"net"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"reflect"
|
||||
"strings"
|
||||
)
|
||||
|
||||
var (
|
||||
|
@ -99,3 +102,36 @@ func URLStringsEqual(a []string, b []string) bool {
|
|||
|
||||
return URLsEqual(urlsA, urlsB)
|
||||
}
|
||||
|
||||
// BasicAuth returns the username and password provided in the request's
|
||||
// Authorization header, if the request uses HTTP Basic Authentication.
|
||||
// See RFC 2617, Section 2.
|
||||
// Based on the BasicAuth method from the Golang standard lib.
|
||||
// TODO: use the standard lib BasicAuth method when we move to Go 1.4.
|
||||
func BasicAuth(r *http.Request) (username, password string, ok bool) {
|
||||
auth := r.Header.Get("Authorization")
|
||||
if auth == "" {
|
||||
return
|
||||
}
|
||||
return parseBasicAuth(auth)
|
||||
}
|
||||
|
||||
// parseBasicAuth parses an HTTP Basic Authentication string.
|
||||
// "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" returns ("Aladdin", "open sesame", true).
|
||||
// Taken from the Golang standard lib.
|
||||
// TODO: use the standard lib BasicAuth method when we move to Go 1.4.
|
||||
func parseBasicAuth(auth string) (username, password string, ok bool) {
|
||||
if !strings.HasPrefix(auth, "Basic ") {
|
||||
return
|
||||
}
|
||||
c, err := base64.StdEncoding.DecodeString(strings.TrimPrefix(auth, "Basic "))
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
cs := string(c)
|
||||
s := strings.IndexByte(cs, ':')
|
||||
if s < 0 {
|
||||
return
|
||||
}
|
||||
return cs[:s], cs[s+1:], true
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue