Bug 1001462: Bug.search causes error when using simple token auth and specifying 'token' instead of 'Bugzilla_token'
r=glob,a=glob git-svn-id: svn://10.0.0.236/trunk@265670 18797224-902f-48f8-a5cc-f745e15eee43
This commit is contained in:
bzrmirror%bugzilla.org
parent
5c8aa307d8
commit
1cd1e87f99
@ -1 +1 @@
|
|||||||
9205
|
9206
|
||||||
@ -1 +1 @@
|
|||||||
ded5d29a6083d08350ddf78d05266872cc2e9bb7
|
c0156f20dfd3f5bfa3a0e1c2b6ca0f2de34797a4
|
||||||
@ -117,6 +117,7 @@ our @ISA = qw(XMLRPC::Deserializer);
|
|||||||
|
|
||||||
use Bugzilla::Error;
|
use Bugzilla::Error;
|
||||||
use Bugzilla::WebService::Constants qw(XMLRPC_CONTENT_TYPE_WHITELIST);
|
use Bugzilla::WebService::Constants qw(XMLRPC_CONTENT_TYPE_WHITELIST);
|
||||||
|
use Bugzilla::WebService::Util qw(fix_credentials);
|
||||||
use Scalar::Util qw(tainted);
|
use Scalar::Util qw(tainted);
|
||||||
|
|
||||||
sub deserialize {
|
sub deserialize {
|
||||||
@ -140,7 +141,13 @@ sub deserialize {
|
|||||||
my $params = $som->paramsin;
|
my $params = $som->paramsin;
|
||||||
# This allows positional parameters for Testopia.
|
# This allows positional parameters for Testopia.
|
||||||
$params = {} if ref $params ne 'HASH';
|
$params = {} if ref $params ne 'HASH';
|
||||||
|
|
||||||
|
# Update the params to allow for several convenience key/values
|
||||||
|
# use for authentication
|
||||||
|
fix_credentials($params);
|
||||||
|
|
||||||
Bugzilla->input_params($params);
|
Bugzilla->input_params($params);
|
||||||
|
|
||||||
return $som;
|
return $som;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -53,27 +53,20 @@ use constant MAPPED_RETURNS => {
|
|||||||
sub login {
|
sub login {
|
||||||
my ($self, $params) = @_;
|
my ($self, $params) = @_;
|
||||||
|
|
||||||
|
# Check to see if we are already logged in
|
||||||
|
my $user = Bugzilla->user;
|
||||||
|
if ($user->id) {
|
||||||
|
return $self->_login_to_hash($user);
|
||||||
|
}
|
||||||
|
|
||||||
# Username and password params are required
|
# Username and password params are required
|
||||||
foreach my $param ("login", "password") {
|
foreach my $param ("login", "password") {
|
||||||
defined $params->{$param}
|
(defined $params->{$param} || defined $params->{'Bugzilla_' . $param})
|
||||||
|| ThrowCodeError('param_required', { param => $param });
|
|| ThrowCodeError('param_required', { param => $param });
|
||||||
}
|
}
|
||||||
|
|
||||||
# Make sure the CGI user info class works if necessary.
|
$user = Bugzilla->login();
|
||||||
my $input_params = Bugzilla->input_params;
|
return $self->_login_to_hash($user);
|
||||||
$input_params->{'Bugzilla_login'} = $params->{login};
|
|
||||||
$input_params->{'Bugzilla_password'} = $params->{password};
|
|
||||||
$input_params->{'Bugzilla_restrictlogin'} = $params->{restrict_login};
|
|
||||||
|
|
||||||
my $user = Bugzilla->login();
|
|
||||||
|
|
||||||
my $result = { id => $self->type('int', $user->id) };
|
|
||||||
|
|
||||||
if ($user->{_login_token}) {
|
|
||||||
$result->{'token'} = $user->id . "-" . $user->{_login_token};
|
|
||||||
}
|
|
||||||
|
|
||||||
return $result;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
sub logout {
|
sub logout {
|
||||||
@ -409,6 +402,15 @@ sub _report_to_hash {
|
|||||||
return $item;
|
return $item;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
sub _login_to_hash {
|
||||||
|
my ($self, $user) = @_;
|
||||||
|
my $item = { id => $self->type('int', $user->id) };
|
||||||
|
if ($user->{_login_token}) {
|
||||||
|
$item->{'token'} = $user->id . "-" . $user->{_login_token};
|
||||||
|
}
|
||||||
|
return $item;
|
||||||
|
}
|
||||||
|
|
||||||
1;
|
1;
|
||||||
|
|
||||||
__END__
|
__END__
|
||||||
|
|||||||
@ -266,8 +266,8 @@ sub fix_credentials {
|
|||||||
# even if not calling GET /login. We also do not delete them as
|
# even if not calling GET /login. We also do not delete them as
|
||||||
# GET /login requires "login" and "password".
|
# GET /login requires "login" and "password".
|
||||||
if (exists $params->{'login'} && exists $params->{'password'}) {
|
if (exists $params->{'login'} && exists $params->{'password'}) {
|
||||||
$params->{'Bugzilla_login'} = $params->{'login'};
|
$params->{'Bugzilla_login'} = delete $params->{'login'};
|
||||||
$params->{'Bugzilla_password'} = $params->{'password'};
|
$params->{'Bugzilla_password'} = delete $params->{'password'};
|
||||||
}
|
}
|
||||||
# Allow user to pass api_key=12345678 as a convenience which becomes
|
# Allow user to pass api_key=12345678 as a convenience which becomes
|
||||||
# "Bugzilla_api_key" which is what the auth code looks for.
|
# "Bugzilla_api_key" which is what the auth code looks for.
|
||||||
@ -277,7 +277,7 @@ sub fix_credentials {
|
|||||||
# Allow user to pass token=12345678 as a convenience which becomes
|
# Allow user to pass token=12345678 as a convenience which becomes
|
||||||
# "Bugzilla_token" which is what the auth code looks for.
|
# "Bugzilla_token" which is what the auth code looks for.
|
||||||
if (exists $params->{'token'}) {
|
if (exists $params->{'token'}) {
|
||||||
$params->{'Bugzilla_token'} = $params->{'token'};
|
$params->{'Bugzilla_token'} = delete $params->{'token'};
|
||||||
}
|
}
|
||||||
|
|
||||||
# Allow extensions to modify the credential data before login
|
# Allow extensions to modify the credential data before login
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user