outbox post authentication

2019-07-04 10:00:53 +01:00 · 2019-07-04 10:00:53 +01:00 · 50a2f95c9c
parent c4797d3de2
commit 50a2f95c9c
3 changed files with 9 additions and 25 deletions
--- a/auth.py
+++ b/auth.py
@ -38,17 +38,6 @@ def createBasicAuthHeader(nickname: str,password: str) -> str:
    authStr=nickname.replace('\n','')+':'+password.replace('\n','')
    return 'Basic '+base64.b64encode(authStr.encode('utf-8')).decode('utf-8')

-def nicknameFromBasicAuth(authHeader: str) -> str:
-    """Returns the nickname from basic auth header
-    """
-    if ' ' not in authHeader:
-        return None
-    base64Str = authHeader.split(' ')[1].replace('\n','')
-    plain = base64.b64decode(base64Str).decode('utf-8')
-    if ':' not in plain:
-        return None
-    return plain.split(':')[0]
-
 def authorizeBasic(baseDir: str,path: str,authHeader: str,debug: bool) -> bool:
    """HTTP basic auth
    """
--- a/daemon.py
+++ b/daemon.py
@ -25,7 +25,6 @@ from inbox import inboxPermittedMessage
 from inbox import inboxMessageHasParams
 from follow import getFollowingFeed
 from auth import authorize
-from auth import nicknameFromBasicAuth
 import os
 import sys

@ -287,17 +286,15 @@ class PubServer(BaseHTTPRequestHandler):
        if self.path.endswith('/outbox'):
            if '/users/' in self.path:
                if self.headers.get('Authorization'):
-                    nickname=self.path.split('/users/')[1].replace('/inbox','')
-                    if nickname==nicknameFromBasicAuth(self.headers['Authorization']):
-                        if authorize(self.server.baseDir,self.headers['Authorization']):
-                            self.outboxAuthenticated=True
-                            self.postToNickname=nickname
-                            # TODO
-                            print('c2s posts not supported yet')
-                            self.send_response(405)
-                            self.end_headers()
-                            self.server.POSTbusy=False
-                            return
+                    if authorize(self.server.baseDir,self.path,self.headers['Authorization'],self.server.debug):
+                        self.outboxAuthenticated=True
+                        self.postToNickname=nickname
+                        # TODO
+                        print('c2s posts not supported yet')
+                        self.send_response(405)
+                        self.end_headers()
+                        self.server.POSTbusy=False
+                        return
            if not self.outboxAuthenticated:
                self.send_response(405)
                self.end_headers()
--- a/tests.py
+++ b/tests.py
@ -35,7 +35,6 @@ from person import setBio
 from auth import createBasicAuthHeader
 from auth import authorizeBasic
 from auth import storeBasicCredentials
-from auth import nicknameFromBasicAuth

 testServerAliceRunning = False
 testServerBobRunning = False
@ -317,7 +316,6 @@ def testAuthentication():
    assert storeBasicCredentials(baseDir,nickname,password)

    authHeader=createBasicAuthHeader(nickname,password)
-    assert nickname==nicknameFromBasicAuth(authHeader)
    assert authorizeBasic(baseDir,'/users/'+nickname+'/inbox',authHeader,False)
    assert authorizeBasic(baseDir,'/users/'+nickname,authHeader,False)==False
    assert authorizeBasic(baseDir,'/users/othernick/inbox',authHeader,False)==False