USEFULL/gitea
1
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2025-07-15 00:30:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
gitea/modules/auth/httpauth/httpauth.go
wxiaoguang d6d643fe86
Fix http auth header parsing (#34936) 
Using `strings.EqualFold` is wrong in many cases.
2025-07-03 03:02:38 +00:00

48 lines
1.0 KiB
Go
Raw Permalink Blame History

// Copyright 2025 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package httpauth
import (
"encoding/base64"
"strings"
"code.gitea.io/gitea/modules/util"
)
type BasicAuth struct {
Username, Password string
}
type BearerToken struct {
Token string
}
type ParsedAuthorizationHeader struct {
BasicAuth *BasicAuth
BearerToken *BearerToken
}
func ParseAuthorizationHeader(header string) (ret ParsedAuthorizationHeader, _ bool) {
parts := strings.Fields(header)
if len(parts) != 2 {
return ret, false
}
if util.AsciiEqualFold(parts[0], "basic") {
s, err := base64.StdEncoding.DecodeString(parts[1])
if err != nil {
return ret, false
}
u, p, ok := strings.Cut(string(s), ":")
if !ok {
return ret, false
}
ret.BasicAuth = &BasicAuth{Username: u, Password: p}
return ret, true
} else if util.AsciiEqualFold(parts[0], "token") || util.AsciiEqualFold(parts[0], "bearer") {
ret.BearerToken = &BearerToken{Token: parts[1]}
return ret, true
}
return ret, false
}
Reference in New Issue View Git Blame Copy Permalink