From: Shannon Sterz <s.sterz@proxmox.com>
To: pdm-devel@lists.proxmox.com
Subject: [pdm-devel] [PATCH proxmox v3 17/21] client: specify cookie names for authentication headers where possible
Date: Thu, 27 Feb 2025 15:07:08 +0100 [thread overview]
Message-ID: <20250227140712.209679-18-s.sterz@proxmox.com> (raw)
In-Reply-To: <20250227140712.209679-1-s.sterz@proxmox.com>
if the client knows the auth cookie's name, it now passes it on to the
relevant parts of `proxmox-login` so that the ticket is send the
correct cookie
Signed-off-by: Shannon Sterz <s.sterz@proxmox.com>
---
proxmox-client/src/client.rs | 50 +++++++++++++++++++++++++++++++-----
1 file changed, 44 insertions(+), 6 deletions(-)
diff --git a/proxmox-client/src/client.rs b/proxmox-client/src/client.rs
index 07a53873..a1b4eee2 100644
--- a/proxmox-client/src/client.rs
+++ b/proxmox-client/src/client.rs
@@ -222,8 +222,12 @@ impl Client {
json_body: Option<String>,
// send an `Accept: application/json-seq` header.
streaming: bool,
+ cookie_name: &Option<String>,
) -> Result<(http::response::Parts, hyper::Body), Error> {
- let mut request = auth.set_auth_headers(Request::builder().method(method).uri(uri));
+ let mut request = auth.set_auth_headers_with_cookie_name(
+ Request::builder().method(method).uri(uri),
+ cookie_name,
+ );
if streaming {
request = request.header(http::header::ACCEPT, "application/json-seq");
}
@@ -270,9 +274,18 @@ impl Client {
method: Method,
uri: Uri,
json_body: Option<String>,
+ cookie_name: &Option<String>,
) -> Result<HttpApiResponse, Error> {
- let (response, body) =
- Self::send_authenticated_request(client, auth, method, uri, json_body, false).await?;
+ let (response, body) = Self::send_authenticated_request(
+ client,
+ auth,
+ method,
+ uri,
+ json_body,
+ false,
+ cookie_name,
+ )
+ .await?;
let body = read_body(body).await?;
let content_type = match response.headers.get(http::header::CONTENT_TYPE) {
@@ -475,7 +488,7 @@ impl HttpApiClient for Client {
let auth = self.login_auth()?;
let uri = self.build_uri(path_and_query)?;
let client = Arc::clone(&self.client);
- Self::authenticated_request(client, auth, method, uri, params).await
+ Self::authenticated_request(client, auth, method, uri, params, &self.cookie_name).await
})
}
@@ -500,8 +513,16 @@ impl HttpApiClient for Client {
let auth = self.login_auth()?;
let uri = self.build_uri(path_and_query)?;
let client = Arc::clone(&self.client);
- let (response, body) =
- Self::send_authenticated_request(client, auth, method, uri, params, true).await?;
+ let (response, body) = Self::send_authenticated_request(
+ client,
+ auth,
+ method,
+ uri,
+ params,
+ true,
+ &self.cookie_name,
+ )
+ .await?;
let content_type = match response.headers.get(http::header::CONTENT_TYPE) {
None => None,
@@ -575,6 +596,23 @@ impl AuthenticationKind {
}
}
+ pub fn set_auth_headers_with_cookie_name(
+ &self,
+ request: http::request::Builder,
+ cookie_name: &Option<String>,
+ ) -> http::request::Builder {
+ match self {
+ AuthenticationKind::Ticket(auth) => {
+ if let Some(name) = cookie_name {
+ auth.set_auth_headers_with_cookie_name(request, name)
+ } else {
+ auth.set_auth_headers(request)
+ }
+ }
+ AuthenticationKind::Token(auth) => auth.set_auth_headers(request),
+ }
+ }
+
pub fn userid(&self) -> &str {
match self {
AuthenticationKind::Ticket(auth) => &auth.userid,
--
2.39.5
_______________________________________________
pdm-devel mailing list
pdm-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel
next prev parent reply other threads:[~2025-02-27 14:17 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-27 14:06 [pdm-devel] [PATCH datacenter-manager/proxmox/yew-comp v3 00/21] use HttpOnly cookies in new projects Shannon Sterz
2025-02-27 14:06 ` [pdm-devel] [PATCH proxmox v3 01/21] time: add new `epoch_to_http_date` helper Shannon Sterz
2025-02-27 14:06 ` [pdm-devel] [PATCH proxmox v3 02/21] rest-server: borrow parts parameter in `get_request_parameter` Shannon Sterz
2025-02-27 14:06 ` [pdm-devel] [PATCH proxmox v3 03/21] router/rest-server: add new `AsyncHttpBodyParameters` api handler type Shannon Sterz
2025-02-27 14:06 ` [pdm-devel] [PATCH proxmox v3 04/21] auth-api: extend `AuthContext` with prefixed cookie name Shannon Sterz
2025-02-27 14:06 ` [pdm-devel] [PATCH proxmox v3 05/21] auth-api: check for new prefixed cookies as well Shannon Sterz
2025-02-27 14:06 ` [pdm-devel] [PATCH proxmox v3 06/21] auth-api: introduce new CreateTicket and CreateTickeReponse api types Shannon Sterz
2025-02-27 14:06 ` [pdm-devel] [PATCH proxmox v3 07/21] auth-api: add endpoint for issuing tickets as HttpOnly tickets Shannon Sterz
2025-02-27 14:06 ` [pdm-devel] [PATCH proxmox v3 08/21] auth-api: make regular ticket endpoint use the new types and handler Shannon Sterz
2025-02-27 14:07 ` [pdm-devel] [PATCH proxmox v3 09/21] auth-api: add logout method Shannon Sterz
2025-02-27 14:07 ` [pdm-devel] [PATCH proxmox v3 10/21] login: add optional field for ticket_info and make password optional Shannon Sterz
2025-02-27 14:07 ` [pdm-devel] [PATCH proxmox v3 11/21] login: make password optional when creating Login requests Shannon Sterz
2025-02-27 14:07 ` [pdm-devel] [PATCH proxmox v3 12/21] login: add helpers to pass cookie values when parsing login responses Shannon Sterz
2025-02-27 14:07 ` [pdm-devel] [PATCH proxmox v3 13/21] login: add `TicketResult::HttpOnly` member Shannon Sterz
2025-02-27 14:07 ` [pdm-devel] [PATCH proxmox v3 14/21] login: add helper to check whether a ticket is just informational Shannon Sterz
2025-02-27 14:07 ` [pdm-devel] [PATCH proxmox v3 15/21] login: add functions to specify full cookie names Shannon Sterz
2025-02-27 14:07 ` [pdm-devel] [PATCH proxmox v3 16/21] client: add compatibility with HttpOnly cookies Shannon Sterz
2025-02-27 14:07 ` Shannon Sterz [this message]
2025-02-27 14:07 ` [pdm-devel] [PATCH yew-comp v3 18/21] HttpClient: add helpers to refresh HttpOnly cookies and remove them Shannon Sterz
2025-02-27 14:07 ` [pdm-devel] [PATCH yew-comp v3 19/21] LoginPanel/http helpers: add support for handling HttpOnly cookies Shannon Sterz
2025-02-27 14:07 ` [pdm-devel] [PATCH yew-comp v3 20/21] http helpers: ask server to remove `__Host-` prefixed cookie on logout Shannon Sterz
2025-02-27 14:07 ` [pdm-devel] [PATCH datacenter-manager v3 21/21] api: switch ticket endpoint over to new http only endpoint Shannon Sterz
2025-02-27 14:08 ` [pdm-devel] [PATCH datacenter-manager/proxmox/yew-comp v3 00/21] use HttpOnly cookies in new projects Shannon Sterz
2025-03-04 12:08 ` Shannon Sterz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250227140712.209679-18-s.sterz@proxmox.com \
--to=s.sterz@proxmox.com \
--cc=pdm-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox