From a535c64d136b1855c16409cad29f98c291b2d74a Mon Sep 17 00:00:00 2001 From: feiniks <36756310+feiniks@users.noreply.github.com> Date: Thu, 1 Aug 2024 11:25:31 +0800 Subject: [PATCH] Use Authorization header (#675) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: 杨赫然 --- common/seaf-utils.c | 6 ++++-- notification-server/server.go | 11 ++++++++++- server/http-tx-mgr.c | 2 +- 3 files changed, 15 insertions(+), 4 deletions(-) diff --git a/common/seaf-utils.c b/common/seaf-utils.c index 30e1e37..8310da2 100644 --- a/common/seaf-utils.c +++ b/common/seaf-utils.c @@ -439,8 +439,10 @@ load_seahub_private_key (SeafileSession *session, const char *conf_dir) } out: - g_regex_unref (secret_key_regex); - g_regex_unref (site_root_regex); + if (secret_key_regex) + g_regex_unref (secret_key_regex); + if (site_root_regex) + g_regex_unref (site_root_regex); g_free (conf_path); g_free (data); } diff --git a/notification-server/server.go b/notification-server/server.go index a490371..f1842e1 100644 --- a/notification-server/server.go +++ b/notification-server/server.go @@ -282,7 +282,7 @@ func messageCB(rsp http.ResponseWriter, r *http.Request) *appError { func eventCB(rsp http.ResponseWriter, r *http.Request) *appError { msg := Message{} - token := r.Header.Get("Seafile-Repo-Token") + token := getAuthorizationToken(r.Header) if !checkAuthToken(token) { return &appError{Error: nil, Message: "Notification token not match", @@ -310,6 +310,15 @@ func eventCB(rsp http.ResponseWriter, r *http.Request) *appError { return nil } +func getAuthorizationToken(h http.Header) string { + auth := h.Get("Authorization") + splitResult := strings.Split(auth, " ") + if len(splitResult) > 1 { + return splitResult[1] + } + return "" +} + func checkAuthToken(tokenString string) bool { if len(tokenString) == 0 { return false diff --git a/server/http-tx-mgr.c b/server/http-tx-mgr.c index d5331c3..d6b5303 100644 --- a/server/http-tx-mgr.c +++ b/server/http-tx-mgr.c @@ -384,7 +384,7 @@ http_post (Connection *conn, const char *url, const char *token, headers = curl_slist_append (headers, "User-Agent: Seafile/"SEAFILE_CLIENT_VERSION" ("USER_AGENT_OS")"); if (token) { - token_header = g_strdup_printf ("Seafile-Repo-Token: %s", token); + token_header = g_strdup_printf ("Authorization: Token %s", token); headers = curl_slist_append (headers, token_header); g_free (token_header); curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);