From 50a2f95c9c8e4e00906ce192d68f03b44663c3d7 Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@freedombone.net>
Date: Thu, 4 Jul 2019 10:00:53 +0100
Subject: [PATCH] outbox post authentication

---
 auth.py   | 11 -----------
 daemon.py | 21 +++++++++------------
 tests.py  |  2 --
 3 files changed, 9 insertions(+), 25 deletions(-)

diff --git a/auth.py b/auth.py
index 08b396ef4..38a8df3d8 100644
--- a/auth.py
+++ b/auth.py
@@ -38,17 +38,6 @@ def createBasicAuthHeader(nickname: str,password: str) -> str:
     authStr=nickname.replace('\n','')+':'+password.replace('\n','')
     return 'Basic '+base64.b64encode(authStr.encode('utf-8')).decode('utf-8')
 
-def nicknameFromBasicAuth(authHeader: str) -> str:
-    """Returns the nickname from basic auth header
-    """
-    if ' ' not in authHeader:
-        return None
-    base64Str = authHeader.split(' ')[1].replace('\n','')
-    plain = base64.b64decode(base64Str).decode('utf-8')
-    if ':' not in plain:
-        return None
-    return plain.split(':')[0]
-
 def authorizeBasic(baseDir: str,path: str,authHeader: str,debug: bool) -> bool:
     """HTTP basic auth
     """
diff --git a/daemon.py b/daemon.py
index 98c1a73b1..f3247731e 100644
--- a/daemon.py
+++ b/daemon.py
@@ -25,7 +25,6 @@ from inbox import inboxPermittedMessage
 from inbox import inboxMessageHasParams
 from follow import getFollowingFeed
 from auth import authorize
-from auth import nicknameFromBasicAuth
 import os
 import sys
 
@@ -287,17 +286,15 @@ class PubServer(BaseHTTPRequestHandler):
         if self.path.endswith('/outbox'):
             if '/users/' in self.path:
                 if self.headers.get('Authorization'):
-                    nickname=self.path.split('/users/')[1].replace('/inbox','')
-                    if nickname==nicknameFromBasicAuth(self.headers['Authorization']):
-                        if authorize(self.server.baseDir,self.headers['Authorization']):
-                            self.outboxAuthenticated=True
-                            self.postToNickname=nickname
-                            # TODO
-                            print('c2s posts not supported yet')
-                            self.send_response(405)
-                            self.end_headers()
-                            self.server.POSTbusy=False
-                            return
+                    if authorize(self.server.baseDir,self.path,self.headers['Authorization'],self.server.debug):
+                        self.outboxAuthenticated=True
+                        self.postToNickname=nickname
+                        # TODO
+                        print('c2s posts not supported yet')
+                        self.send_response(405)
+                        self.end_headers()
+                        self.server.POSTbusy=False
+                        return
             if not self.outboxAuthenticated:
                 self.send_response(405)
                 self.end_headers()
diff --git a/tests.py b/tests.py
index 2ddc53d7b..d5f3a3abe 100644
--- a/tests.py
+++ b/tests.py
@@ -35,7 +35,6 @@ from person import setBio
 from auth import createBasicAuthHeader
 from auth import authorizeBasic
 from auth import storeBasicCredentials
-from auth import nicknameFromBasicAuth
 
 testServerAliceRunning = False
 testServerBobRunning = False
@@ -317,7 +316,6 @@ def testAuthentication():
     assert storeBasicCredentials(baseDir,nickname,password)
 
     authHeader=createBasicAuthHeader(nickname,password)
-    assert nickname==nicknameFromBasicAuth(authHeader)
     assert authorizeBasic(baseDir,'/users/'+nickname+'/inbox',authHeader,False)
     assert authorizeBasic(baseDir,'/users/'+nickname,authHeader,False)==False
     assert authorizeBasic(baseDir,'/users/othernick/inbox',authHeader,False)==False