Improve naive auth logical

This commit is contained in:
septs 2023-10-21 12:00:00 +08:00 committed by 世界
parent e143fc510d
commit ac930cf1aa
No known key found for this signature in database
GPG key ID: CD109927C34A63C4

View file

@ -2,7 +2,6 @@ package inbound
import ( import (
"context" "context"
"encoding/base64"
"encoding/binary" "encoding/binary"
"io" "io"
"math/rand" "math/rand"
@ -139,14 +138,9 @@ func (n *Naive) ServeHTTP(writer http.ResponseWriter, request *http.Request) {
n.badRequest(ctx, request, E.New("missing naive padding")) n.badRequest(ctx, request, E.New("missing naive padding"))
return return
} }
var authOk bool userName, password, authOk := sHttp.ParseBasicAuth(request.Header.Get("Proxy-Authorization"))
var userName string if authOk {
authorization := request.Header.Get("Proxy-Authorization") authOk = n.authenticator.Verify(userName, password)
if strings.HasPrefix(authorization, "BASIC ") || strings.HasPrefix(authorization, "Basic ") {
userPassword, _ := base64.URLEncoding.DecodeString(authorization[6:])
userPswdArr := strings.SplitN(string(userPassword), ":", 2)
userName = userPswdArr[0]
authOk = n.authenticator.Verify(userPswdArr[0], userPswdArr[1])
} }
if !authOk { if !authOk {
rejectHTTP(writer, http.StatusProxyAuthRequired) rejectHTTP(writer, http.StatusProxyAuthRequired)