This commit is contained in:
Alexandre Aubin 2024-01-30 20:24:08 +01:00
parent 447fc0d587
commit 46d3b2420b

View file

@ -9,7 +9,7 @@ ngx.header["X-SSO-WAT"] = "You've just been SSOed"
-- Misc imports -- Misc imports
local jwt = require("vendor.luajwtjitsi.luajwtjitsi") local jwt = require("vendor.luajwtjitsi.luajwtjitsi")
-- local cipher = require('openssl.cipher') local cipher = require('openssl.cipher')
local rex = require("rex_pcre2") local rex = require("rex_pcre2")
local lfs = require("lfs") local lfs = require("lfs")
@ -290,14 +290,13 @@ function set_basic_auth_header()
-- By default, the password is not injected anymore, unless the app has the -- By default, the password is not injected anymore, unless the app has the
-- "auth_header" setting defined with value "basic-with-password" -- "auth_header" setting defined with value "basic-with-password"
-- (by default we use '-' as a dummy value though, otherwise the header doesn't work as expected..)
local password = "-"
if permission["auth_header"] == "basic-with-password" then if permission["auth_header"] == "basic-with-password" then
local password_enc_b64, iv_b64 = authPasswordEnc:match("([^|]+)|([^|]+)") local password_enc_b64, iv_b64 = authPasswordEnc:match("([^|]+)|([^|]+)")
local password_enc = ngx.decode_base64(password_enc_b64) local password_enc = ngx.decode_base64(password_enc_b64)
local iv = ngx.decode_base64(iv_b64) local iv = ngx.decode_base64(iv_b64)
local password = cipher.new('aes-256-cbc'):decrypt(cookie_secret, iv):final(password_enc) password = cipher.new('aes-256-cbc'):decrypt(cookie_secret, iv):final(password_enc)
else
-- Gotta have a non-empty password otherwise it doesn't behave as expected
local password = "-"
end end
-- Set `Authorization` header to enable HTTP authentification -- Set `Authorization` header to enable HTTP authentification