diff --git a/radicale/__init__.py b/radicale/__init__.py index 0a851d9..7964477 100644 --- a/radicale/__init__.py +++ b/radicale/__init__.py @@ -234,6 +234,18 @@ class Application(object): return read_allowed_items, write_allowed_items + def get_creds_from_env(self, env): + """Extract a user and a password from the request environ.""" + # Ask authentication backend to check rights + if 'HTTP_AUTHORIZATION' in env: + authorization = env['HTTP_AUTHORIZATION'].lstrip("Basic").strip() + return self.decode(base64.b64decode( + authorization.encode("ascii")), env).split(":", 1) + # Get the webserver authentified user + elif 'REMOTE_USER' in env: + return env['REMOTE_USER'], None + return None, None + def __call__(self, environ, start_response): """Manage a request.""" log.LOGGER.info("%s request at %s received" % ( @@ -270,20 +282,7 @@ class Application(object): # Get function corresponding to method function = getattr(self, environ["REQUEST_METHOD"].lower()) - # Ask authentication backend to check rights - authorization = environ.get("HTTP_AUTHORIZATION", None) - - # Get the apache authentified user - remote_user = environ.get("REMOTE_USER", None) - - if authorization: - authorization = authorization.lstrip("Basic").strip() - user, password = self.decode(base64.b64decode( - authorization.encode("ascii")), environ).split(":", 1) - elif remote_user: - user, password = remote_user, None - else: - user = password = None + user, password = self.get_creds_from_env(environ) read_allowed_items, write_allowed_items = \ self.collect_allowed_items(items, user)