Mercurial > hg > orthanc-authorization
comparison Plugin/AuthorizationWebService.cpp @ 59:a5f2976fe8a0
fix Authorization header conflicting with WebServiceUsername
author | Alain Mazy <am@osimis.io> |
---|---|
date | Thu, 10 Nov 2022 10:25:01 +0100 |
parents | 317b31e99501 |
children | 5281a859248d |
comparison
equal
deleted
inserted
replaced
58:ad279c70c22d | 59:a5f2976fe8a0 |
---|---|
19 #include "AuthorizationWebService.h" | 19 #include "AuthorizationWebService.h" |
20 | 20 |
21 #include "../Resources/Orthanc/Plugins/OrthancPluginCppWrapper.h" | 21 #include "../Resources/Orthanc/Plugins/OrthancPluginCppWrapper.h" |
22 | 22 |
23 #include <Logging.h> | 23 #include <Logging.h> |
24 #include <Toolbox.h> | |
24 | 25 |
25 namespace OrthancPlugins | 26 namespace OrthancPlugins |
26 { | 27 { |
27 bool AuthorizationWebService::IsGrantedInternal(unsigned int& validity, | 28 bool AuthorizationWebService::IsGrantedInternal(unsigned int& validity, |
28 OrthancPluginHttpMethod method, | 29 OrthancPluginHttpMethod method, |
91 | 92 |
92 if (token != NULL && | 93 if (token != NULL && |
93 token->GetType() == TokenType_HttpHeader) | 94 token->GetType() == TokenType_HttpHeader) |
94 { | 95 { |
95 // If the token source is a HTTP header, forward it also as a | 96 // If the token source is a HTTP header, forward it also as a |
96 // HTTP header | 97 // HTTP header except if it is the Authorization header that might conflict with username_ and password_ |
97 headersKeys[headersCount] = token->GetKey().c_str(); | 98 std::string lowerTokenKey; |
98 headersValues[headersCount] = tokenValue.c_str(); | 99 Orthanc::Toolbox::ToLowerCase(lowerTokenKey, token->GetKey()); |
99 headersCount++; | 100 |
101 if (!(lowerTokenKey == "authorization" && !username_.empty())) | |
102 { | |
103 headersKeys[headersCount] = token->GetKey().c_str(); | |
104 headersValues[headersCount] = tokenValue.c_str(); | |
105 headersCount++; | |
106 } | |
100 } | 107 } |
101 | 108 |
102 // set the correct content type for the outgoing | 109 // set the correct content type for the outgoing |
103 headersKeys[headersCount] = "Content-Type"; | 110 headersKeys[headersCount] = "Content-Type"; |
104 headersValues[headersCount] = "application/json"; | 111 headersValues[headersCount] = "application/json"; |