From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: <pdm-devel-bounces@lists.proxmox.com> Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id A279B1FF16F for <inbox@lore.proxmox.com>; Thu, 27 Feb 2025 15:17:38 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 5DDF11FFC9; Thu, 27 Feb 2025 15:17:37 +0100 (CET) From: Shannon Sterz <s.sterz@proxmox.com> To: pdm-devel@lists.proxmox.com Date: Thu, 27 Feb 2025 15:07:08 +0100 Message-Id: <20250227140712.209679-18-s.sterz@proxmox.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250227140712.209679-1-s.sterz@proxmox.com> References: <20250227140712.209679-1-s.sterz@proxmox.com> MIME-Version: 1.0 X-SPAM-LEVEL: Spam detection results: 0 AWL -0.024 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pdm-devel] [PATCH proxmox v3 17/21] client: specify cookie names for authentication headers where possible X-BeenThere: pdm-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Datacenter Manager development discussion <pdm-devel.lists.proxmox.com> List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pdm-devel>, <mailto:pdm-devel-request@lists.proxmox.com?subject=unsubscribe> List-Archive: <http://lists.proxmox.com/pipermail/pdm-devel/> List-Post: <mailto:pdm-devel@lists.proxmox.com> List-Help: <mailto:pdm-devel-request@lists.proxmox.com?subject=help> List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel>, <mailto:pdm-devel-request@lists.proxmox.com?subject=subscribe> Reply-To: Proxmox Datacenter Manager development discussion <pdm-devel@lists.proxmox.com> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pdm-devel-bounces@lists.proxmox.com Sender: "pdm-devel" <pdm-devel-bounces@lists.proxmox.com> if the client knows the auth cookie's name, it now passes it on to the relevant parts of `proxmox-login` so that the ticket is send the correct cookie Signed-off-by: Shannon Sterz <s.sterz@proxmox.com> --- proxmox-client/src/client.rs | 50 +++++++++++++++++++++++++++++++----- 1 file changed, 44 insertions(+), 6 deletions(-) diff --git a/proxmox-client/src/client.rs b/proxmox-client/src/client.rs index 07a53873..a1b4eee2 100644 --- a/proxmox-client/src/client.rs +++ b/proxmox-client/src/client.rs @@ -222,8 +222,12 @@ impl Client { json_body: Option<String>, // send an `Accept: application/json-seq` header. streaming: bool, + cookie_name: &Option<String>, ) -> Result<(http::response::Parts, hyper::Body), Error> { - let mut request = auth.set_auth_headers(Request::builder().method(method).uri(uri)); + let mut request = auth.set_auth_headers_with_cookie_name( + Request::builder().method(method).uri(uri), + cookie_name, + ); if streaming { request = request.header(http::header::ACCEPT, "application/json-seq"); } @@ -270,9 +274,18 @@ impl Client { method: Method, uri: Uri, json_body: Option<String>, + cookie_name: &Option<String>, ) -> Result<HttpApiResponse, Error> { - let (response, body) = - Self::send_authenticated_request(client, auth, method, uri, json_body, false).await?; + let (response, body) = Self::send_authenticated_request( + client, + auth, + method, + uri, + json_body, + false, + cookie_name, + ) + .await?; let body = read_body(body).await?; let content_type = match response.headers.get(http::header::CONTENT_TYPE) { @@ -475,7 +488,7 @@ impl HttpApiClient for Client { let auth = self.login_auth()?; let uri = self.build_uri(path_and_query)?; let client = Arc::clone(&self.client); - Self::authenticated_request(client, auth, method, uri, params).await + Self::authenticated_request(client, auth, method, uri, params, &self.cookie_name).await }) } @@ -500,8 +513,16 @@ impl HttpApiClient for Client { let auth = self.login_auth()?; let uri = self.build_uri(path_and_query)?; let client = Arc::clone(&self.client); - let (response, body) = - Self::send_authenticated_request(client, auth, method, uri, params, true).await?; + let (response, body) = Self::send_authenticated_request( + client, + auth, + method, + uri, + params, + true, + &self.cookie_name, + ) + .await?; let content_type = match response.headers.get(http::header::CONTENT_TYPE) { None => None, @@ -575,6 +596,23 @@ impl AuthenticationKind { } } + pub fn set_auth_headers_with_cookie_name( + &self, + request: http::request::Builder, + cookie_name: &Option<String>, + ) -> http::request::Builder { + match self { + AuthenticationKind::Ticket(auth) => { + if let Some(name) = cookie_name { + auth.set_auth_headers_with_cookie_name(request, name) + } else { + auth.set_auth_headers(request) + } + } + AuthenticationKind::Token(auth) => auth.set_auth_headers(request), + } + } + pub fn userid(&self) -> &str { match self { AuthenticationKind::Ticket(auth) => &auth.userid, -- 2.39.5 _______________________________________________ pdm-devel mailing list pdm-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel