Use Authorization header (#675)

Co-authored-by: 杨赫然 <heran.yang@seafile.com>

common/seaf-utils.c

@@ -439,7 +439,9 @@ load_seahub_private_key (SeafileSession *session, const char *conf_dir)
     }
 
 out:
+    if (secret_key_regex)
         g_regex_unref (secret_key_regex);
+    if (site_root_regex)
         g_regex_unref (site_root_regex);
     g_free (conf_path);
     g_free (data);

notification-server/server.go

@@ -282,7 +282,7 @@ func messageCB(rsp http.ResponseWriter, r *http.Request) *appError {
 func eventCB(rsp http.ResponseWriter, r *http.Request) *appError {
 	msg := Message{}
 
-	token := r.Header.Get("Seafile-Repo-Token")
+	token := getAuthorizationToken(r.Header)
 	if !checkAuthToken(token) {
 		return &appError{Error: nil,
 			Message: "Notification token not match",
@@ -310,6 +310,15 @@ func eventCB(rsp http.ResponseWriter, r *http.Request) *appError {
 	return nil
 }
 
+func getAuthorizationToken(h http.Header) string {
+	auth := h.Get("Authorization")
+	splitResult := strings.Split(auth, " ")
+	if len(splitResult) > 1 {
+		return splitResult[1]
+	}
+	return ""
+}
+
 func checkAuthToken(tokenString string) bool {
 	if len(tokenString) == 0 {
 		return false

server/http-tx-mgr.c

@@ -384,7 +384,7 @@ http_post (Connection *conn, const char *url, const char *token,
     headers = curl_slist_append (headers, "User-Agent: Seafile/"SEAFILE_CLIENT_VERSION" ("USER_AGENT_OS")");
 
     if (token) {
-        token_header = g_strdup_printf ("Seafile-Repo-Token: %s", token);
+        token_header = g_strdup_printf ("Authorization: Token %s", token);
         headers = curl_slist_append (headers, token_header);
         g_free (token_header);
         curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);