fix use of basic to bearer

plone · Nov 23, 2016 · 8058240 · 8058240
1 parent 5914ecb
commit 8058240
Show file tree

Hide file tree

Showing 4 changed files with 10 additions and 7 deletions.
diff --git a/src/plone.server/plone/server/auth/checkers.py b/src/plone.server/plone/server/auth/checkers.py
@@ -27,7 +27,7 @@ async def validate(self, user, token):
         user_pw = getattr(user, 'password', None)
         if (not user_pw or
                 ':' not in user_pw or
-                'password' not in token):
+                'token' not in token):
             return False
         salt = user.password.split(':')[0]
-        return not strings_differ(hash_password(token['password'], salt), user_pw)
+        return not strings_differ(hash_password(token['token'], salt), user_pw)
diff --git a/src/plone.server/plone/server/auth/policies.py b/src/plone.server/plone/server/auth/policies.py
@@ -23,7 +23,8 @@ async def extract_token(self):
             schema, _, encoded_token = header_auth.partition(' ')
             if schema.lower() == 'bearer':
                 return {
-                    'password': encoded_token.strip()
+                    'type': 'bearer',
+                    'token': encoded_token.strip()
                 }
 
 
@@ -36,7 +37,8 @@ async def extract_token(self):
             jwt = jose.decrypt(
                 jose.deserialize_compact(jwt_token), app_settings['rsa']['priv'])
             return {
-                'password': jwt.claims['token']
+                'type': 'wstoken',
+                'token': jwt.claims['token']
             }
 
 
@@ -48,8 +50,9 @@ async def extract_token(self):
             if schema.lower() == 'basic':
                 userid, _, password = encoded_token.partition(':')
                 return {
+                    'type': 'basic',
                     'id': userid.strip(),
-                    'password': password.strip()
+                    'token': password.strip()
                 }
 
 

diff --git a/src/plone.server/plone/server/testing.py b/src/plone.server/plone/server/testing.py
@@ -111,7 +111,7 @@ def __call__(
         if accept is not None:
             settings['headers']['ACCEPT'] = accept
         if authenticated and token is not None:
-            settings['headers']['AUTHORIZATION'] = 'Basic %s' % token
+            settings['headers']['AUTHORIZATION'] = 'Bearer %s' % token
 
         settings['params'] = params
         settings['data'] = data

diff --git a/src/plone.server/plone/server/tests/test_ws.py b/src/plone.server/plone/server/tests/test_ws.py
@@ -17,7 +17,7 @@ async def hello(self):
             async with session.ws_connect(
                     'ws://localhost:{port}/plone/plone/@ws'.format(
                         port=TESTING_PORT),
-                    headers={'AUTHORIZATION': 'Basic %s' % ADMIN_TOKEN}) as ws:
+                    headers={'AUTHORIZATION': 'Bearer %s' % ADMIN_TOKEN}) as ws:
                 # we should check version
                 sending = {
                     'op': 'GET',