From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path: <pdm-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
by lore.proxmox.com (Postfix) with ESMTPS id A279B1FF16F
for <inbox@lore.proxmox.com>; Thu, 27 Feb 2025 15:17:38 +0100 (CET)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
by firstgate.proxmox.com (Proxmox) with ESMTP id 5DDF11FFC9;
Thu, 27 Feb 2025 15:17:37 +0100 (CET)
From: Shannon Sterz <s.sterz@proxmox.com>
To: pdm-devel@lists.proxmox.com
Date: Thu, 27 Feb 2025 15:07:08 +0100
Message-Id: <20250227140712.209679-18-s.sterz@proxmox.com>
X-Mailer: git-send-email 2.39.5
In-Reply-To: <20250227140712.209679-1-s.sterz@proxmox.com>
References: <20250227140712.209679-1-s.sterz@proxmox.com>
MIME-Version: 1.0
X-SPAM-LEVEL: Spam detection results: 0
AWL -0.024 Adjusted score from AWL reputation of From: address
BAYES_00 -1.9 Bayes spam probability is 0 to 1%
DMARC_MISSING 0.1 Missing DMARC policy
KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to
Validity was blocked. See
https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
information.
RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to
Validity was blocked. See
https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
information.
RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to
Validity was blocked. See
https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
information.
SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record
SPF_PASS -0.001 SPF: sender matches SPF record
Subject: [pdm-devel] [PATCH proxmox v3 17/21] client: specify cookie names
for authentication headers where possible
X-BeenThere: pdm-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox Datacenter Manager development discussion
<pdm-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pdm-devel>,
<mailto:pdm-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pdm-devel/>
List-Post: <mailto:pdm-devel@lists.proxmox.com>
List-Help: <mailto:pdm-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel>,
<mailto:pdm-devel-request@lists.proxmox.com?subject=subscribe>
Reply-To: Proxmox Datacenter Manager development discussion
<pdm-devel@lists.proxmox.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: pdm-devel-bounces@lists.proxmox.com
Sender: "pdm-devel" <pdm-devel-bounces@lists.proxmox.com>
if the client knows the auth cookie's name, it now passes it on to the
relevant parts of `proxmox-login` so that the ticket is send the
correct cookie
Signed-off-by: Shannon Sterz <s.sterz@proxmox.com>
---
proxmox-client/src/client.rs | 50 +++++++++++++++++++++++++++++++-----
1 file changed, 44 insertions(+), 6 deletions(-)
diff --git a/proxmox-client/src/client.rs b/proxmox-client/src/client.rs
index 07a53873..a1b4eee2 100644
--- a/proxmox-client/src/client.rs
+++ b/proxmox-client/src/client.rs
@@ -222,8 +222,12 @@ impl Client {
json_body: Option<String>,
// send an `Accept: application/json-seq` header.
streaming: bool,
+ cookie_name: &Option<String>,
) -> Result<(http::response::Parts, hyper::Body), Error> {
- let mut request = auth.set_auth_headers(Request::builder().method(method).uri(uri));
+ let mut request = auth.set_auth_headers_with_cookie_name(
+ Request::builder().method(method).uri(uri),
+ cookie_name,
+ );
if streaming {
request = request.header(http::header::ACCEPT, "application/json-seq");
}
@@ -270,9 +274,18 @@ impl Client {
method: Method,
uri: Uri,
json_body: Option<String>,
+ cookie_name: &Option<String>,
) -> Result<HttpApiResponse, Error> {
- let (response, body) =
- Self::send_authenticated_request(client, auth, method, uri, json_body, false).await?;
+ let (response, body) = Self::send_authenticated_request(
+ client,
+ auth,
+ method,
+ uri,
+ json_body,
+ false,
+ cookie_name,
+ )
+ .await?;
let body = read_body(body).await?;
let content_type = match response.headers.get(http::header::CONTENT_TYPE) {
@@ -475,7 +488,7 @@ impl HttpApiClient for Client {
let auth = self.login_auth()?;
let uri = self.build_uri(path_and_query)?;
let client = Arc::clone(&self.client);
- Self::authenticated_request(client, auth, method, uri, params).await
+ Self::authenticated_request(client, auth, method, uri, params, &self.cookie_name).await
})
}
@@ -500,8 +513,16 @@ impl HttpApiClient for Client {
let auth = self.login_auth()?;
let uri = self.build_uri(path_and_query)?;
let client = Arc::clone(&self.client);
- let (response, body) =
- Self::send_authenticated_request(client, auth, method, uri, params, true).await?;
+ let (response, body) = Self::send_authenticated_request(
+ client,
+ auth,
+ method,
+ uri,
+ params,
+ true,
+ &self.cookie_name,
+ )
+ .await?;
let content_type = match response.headers.get(http::header::CONTENT_TYPE) {
None => None,
@@ -575,6 +596,23 @@ impl AuthenticationKind {
}
}
+ pub fn set_auth_headers_with_cookie_name(
+ &self,
+ request: http::request::Builder,
+ cookie_name: &Option<String>,
+ ) -> http::request::Builder {
+ match self {
+ AuthenticationKind::Ticket(auth) => {
+ if let Some(name) = cookie_name {
+ auth.set_auth_headers_with_cookie_name(request, name)
+ } else {
+ auth.set_auth_headers(request)
+ }
+ }
+ AuthenticationKind::Token(auth) => auth.set_auth_headers(request),
+ }
+ }
+
pub fn userid(&self) -> &str {
match self {
AuthenticationKind::Ticket(auth) => &auth.userid,
--
2.39.5
_______________________________________________
pdm-devel mailing list
pdm-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel