mirror of
https://github.com/YunoHost/SSOwat.git
synced 2024-09-03 20:06:27 +02:00
zzzzz
This commit is contained in:
parent
447fc0d587
commit
46d3b2420b
1 changed files with 4 additions and 5 deletions
|
@ -9,7 +9,7 @@ ngx.header["X-SSO-WAT"] = "You've just been SSOed"
|
||||||
|
|
||||||
-- Misc imports
|
-- Misc imports
|
||||||
local jwt = require("vendor.luajwtjitsi.luajwtjitsi")
|
local jwt = require("vendor.luajwtjitsi.luajwtjitsi")
|
||||||
-- local cipher = require('openssl.cipher')
|
local cipher = require('openssl.cipher')
|
||||||
local rex = require("rex_pcre2")
|
local rex = require("rex_pcre2")
|
||||||
local lfs = require("lfs")
|
local lfs = require("lfs")
|
||||||
|
|
||||||
|
@ -290,14 +290,13 @@ function set_basic_auth_header()
|
||||||
|
|
||||||
-- By default, the password is not injected anymore, unless the app has the
|
-- By default, the password is not injected anymore, unless the app has the
|
||||||
-- "auth_header" setting defined with value "basic-with-password"
|
-- "auth_header" setting defined with value "basic-with-password"
|
||||||
|
-- (by default we use '-' as a dummy value though, otherwise the header doesn't work as expected..)
|
||||||
|
local password = "-"
|
||||||
if permission["auth_header"] == "basic-with-password" then
|
if permission["auth_header"] == "basic-with-password" then
|
||||||
local password_enc_b64, iv_b64 = authPasswordEnc:match("([^|]+)|([^|]+)")
|
local password_enc_b64, iv_b64 = authPasswordEnc:match("([^|]+)|([^|]+)")
|
||||||
local password_enc = ngx.decode_base64(password_enc_b64)
|
local password_enc = ngx.decode_base64(password_enc_b64)
|
||||||
local iv = ngx.decode_base64(iv_b64)
|
local iv = ngx.decode_base64(iv_b64)
|
||||||
local password = cipher.new('aes-256-cbc'):decrypt(cookie_secret, iv):final(password_enc)
|
password = cipher.new('aes-256-cbc'):decrypt(cookie_secret, iv):final(password_enc)
|
||||||
else
|
|
||||||
-- Gotta have a non-empty password otherwise it doesn't behave as expected
|
|
||||||
local password = "-"
|
|
||||||
end
|
end
|
||||||
|
|
||||||
-- Set `Authorization` header to enable HTTP authentification
|
-- Set `Authorization` header to enable HTTP authentification
|
||||||
|
|
Loading…
Reference in a new issue