Oliver Jakoubek
508c3ac6d2
Custom headers like X-API-Auth expect raw base64 credentials without the "Basic " prefix. The standard Authorization header continues to use the proper Basic auth format via SetBasicAuth(). Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
53 lines
1.3 KiB
Go
53 lines
1.3 KiB
Go
package kanboard
|
|
|
|
import (
|
|
"encoding/base64"
|
|
"net/http"
|
|
)
|
|
|
|
// Authenticator applies authentication to HTTP requests.
|
|
type Authenticator interface {
|
|
Apply(req *http.Request)
|
|
}
|
|
|
|
// apiTokenAuth implements API token authentication.
|
|
type apiTokenAuth struct {
|
|
user string
|
|
token string
|
|
headerName string
|
|
}
|
|
|
|
// Apply adds HTTP Basic Auth with the configured user (or "jsonrpc" if empty) and the API token.
|
|
func (a *apiTokenAuth) Apply(req *http.Request) {
|
|
user := a.user
|
|
if user == "" {
|
|
user = "jsonrpc"
|
|
}
|
|
if a.headerName != "" {
|
|
req.Header.Set(a.headerName, basicAuthValue(user, a.token))
|
|
} else {
|
|
req.SetBasicAuth(user, a.token)
|
|
}
|
|
}
|
|
|
|
// basicAuth implements username/password authentication.
|
|
type basicAuth struct {
|
|
username string
|
|
password string
|
|
headerName string
|
|
}
|
|
|
|
// Apply adds HTTP Basic Auth with username and password.
|
|
func (a *basicAuth) Apply(req *http.Request) {
|
|
if a.headerName != "" {
|
|
req.Header.Set(a.headerName, basicAuthValue(a.username, a.password))
|
|
} else {
|
|
req.SetBasicAuth(a.username, a.password)
|
|
}
|
|
}
|
|
|
|
// basicAuthValue returns the base64-encoded value for HTTP Basic Auth.
|
|
func basicAuthValue(username, password string) string {
|
|
auth := username + ":" + password
|
|
return base64.StdEncoding.EncodeToString([]byte(auth))
|
|
}
|