beckermj/vaguerent
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
vaguerent/plugins/commands/cloud/auth/middleware/add_downloader_authentication.rb
Chris Roberts 51382a0d0a Deprecate hook and disable access token parameter by default 
This sets the `authenticate_box_url` hook as deprecated and also
    disables the cloud auth middleware from adding an access token
    as a URL parameter by default. An environment variable has been
    added which can be used for re-enabling the access token URL
    parameter behavior if required for some legacy system which does
    not support the authorization header.
2021-03-15 14:46:46 -07:00

61 lines
2.0 KiB
Ruby
Raw Blame History

require "cgi"
require "uri"
require "vagrant/util/credential_scrubber"
require_relative "./add_authentication"
require Vagrant.source_root.join("plugins/commands/cloud/client/client")
# Similar to AddAuthentication this middleware will add authentication for interacting
# with Vagrant cloud. It does this by adding Authentication headers to a
# Vagrant::Util::Downloader object.
module VagrantPlugins
module CloudCommand
class AddDownloaderAuthentication < AddAuthentication
def initialize(app, env)
super
@logger = Log4r::Logger.new("vagrant::cloud::auth::add-download-authentication")
end
def call(env)
client = Client.new(env[:env])
token = client.token
Vagrant::Util::CredentialScrubber.sensitive(token)
begin
target_url = URI.parse(env[:downloader].source)
if target_url.host != TARGET_HOST && REPLACEMENT_HOSTS.include?(target_url.host)
target_url.host = TARGET_HOST
env[:downloader].source = target_url.to_s
end
rescue URI::Error
# if there is an error, use current target_url
end
server_uri = URI.parse(Vagrant.server_url.to_s)
if token && !server_uri.host.to_s.empty?
if target_url.host == server_uri.host
if server_uri.host != TARGET_HOST && !self.class.custom_host_notified?
env[:ui].warn(I18n.t("cloud_command.middleware.authentication.different_target",
custom_host: server_uri.host, known_host: TARGET_HOST) + "\n")
sleep CUSTOM_HOST_NOTIFY_WAIT
self.class.custom_host_notified!
end
if Array(env[:downloader].headers).any? { |h| h.include?("Authorization") }
@logger.info("Not adding an authentication header, one already found")
else
env[:downloader].headers << "Authorization: Bearer #{token}"
end
end
env[:downloader]
end
@app.call(env)
end.freeze
end
end
end
Reference in New Issue View Git Blame Copy Permalink