Merge branch 'master' into version-2021.4

This commit is contained in:
Jens Langhammer 2021-04-13 21:07:20 +02:00
commit 9742d19729
2 changed files with 9 additions and 4 deletions

View File

@ -1,5 +1,5 @@
"""API Authentication""" """API Authentication"""
from base64 import b64decode from base64 import b64decode, b64encode
from binascii import Error from binascii import Error
from typing import Any, Optional, Union from typing import Any, Optional, Union
@ -15,8 +15,13 @@ LOGGER = get_logger()
def token_from_header(raw_header: bytes) -> Optional[Token]: def token_from_header(raw_header: bytes) -> Optional[Token]:
"""raw_header in the Format of `Basic dGVzdDp0ZXN0`""" """raw_header in the Format of `Basic dGVzdDp0ZXN0`"""
auth_credentials = raw_header.decode() auth_credentials = raw_header.decode()
# Accept headers with Type format and without # Legacy, accept basic auth thats fully encoded (2021.3 outposts)
if " " not in auth_credentials: if " " not in auth_credentials:
try:
plain = b64decode(auth_credentials.encode()).decode()
auth_type, body = plain.split()
auth_credentials = f"{auth_type} {b64encode(body.encode()).decode()}"
except (UnicodeDecodeError, Error):
return None return None
auth_type, auth_credentials = auth_credentials.split() auth_type, auth_credentials = auth_credentials.split()
if auth_type.lower() not in ["basic", "bearer"]: if auth_type.lower() not in ["basic", "bearer"]:

View File

@ -44,7 +44,7 @@ func NewAPIController(pbURL url.URL, token string) *APIController {
transport.Transport = SetUserAgent(getTLSTransport(), fmt.Sprintf("authentik-proxy@%s", pkg.VERSION)) transport.Transport = SetUserAgent(getTLSTransport(), fmt.Sprintf("authentik-proxy@%s", pkg.VERSION))
// create the transport // create the transport
auth := httptransport.BasicAuth("", token) auth := httptransport.BearerToken(token)
// create the API client, with the transport // create the API client, with the transport
apiClient := client.New(transport, strfmt.Default) apiClient := client.New(transport, strfmt.Default)