now with regex
This commit is contained in:
parent
b863e8390e
commit
f846f107e6
@ -36,6 +36,7 @@ import posixpath
|
||||
import socket
|
||||
import ssl
|
||||
import wsgiref.simple_server
|
||||
import re
|
||||
# Manage Python2/3 different modules
|
||||
# pylint: disable=F0401,E0611
|
||||
try:
|
||||
@ -55,6 +56,7 @@ VERSION = "0.9"
|
||||
# Standard "not allowed" response that is returned when an authenticated user
|
||||
# tries to access information they don't have rights to
|
||||
NOT_ALLOWED = (client.FORBIDDEN, {}, None)
|
||||
WELLKNOWNRE = re.compile(r'/.well-known/(carddav|caldav)/?')
|
||||
|
||||
|
||||
class HTTPServer(wsgiref.simple_server.WSGIServer, object):
|
||||
@ -286,24 +288,23 @@ class Application(object):
|
||||
user = environ.get("REMOTE_USER")
|
||||
password = None
|
||||
|
||||
if path.startswith('/.well-known/'):
|
||||
fragment = path.rstrip("/").rsplit('/', 1)[-1]
|
||||
redirect = config.get("well-known", fragment)
|
||||
if redirect:
|
||||
if not user and "%(user)s" in redirect:
|
||||
status = client.UNAUTHORIZED
|
||||
headers = {
|
||||
"WWW-Authenticate":
|
||||
"Basic realm=\"%s\"" % config.get("server", "realm")}
|
||||
log.LOGGER.info("refused /.well-known/ redirection to anonymous user")
|
||||
else:
|
||||
redirect = redirect % locals()
|
||||
status = client.SEE_OTHER
|
||||
log.LOGGER.info("/.well-known/ redirection to: %s" % redirect)
|
||||
headers = {"Location": redirect.encode('utf8')}
|
||||
status = "%i %s" % (status, client.responses.get(status, "Unknown"))
|
||||
start_response(status, headers.items())
|
||||
return []
|
||||
wkfragment = WELLKNOWNRE.match(path)
|
||||
if wkfragment:
|
||||
redirect = config.get("well-known", wkfragment.group(1))
|
||||
if not user and "%(user)s" in redirect:
|
||||
status = client.UNAUTHORIZED
|
||||
headers = {
|
||||
"WWW-Authenticate":
|
||||
"Basic realm=\"%s\"" % config.get("server", "realm")}
|
||||
log.LOGGER.info("refused /.well-known/ redirection to anonymous user")
|
||||
else:
|
||||
redirect = redirect % locals()
|
||||
status = client.SEE_OTHER
|
||||
log.LOGGER.info("/.well-known/ redirection to: %s" % redirect)
|
||||
headers = {"Location": redirect.encode('utf8')}
|
||||
status = "%i %s" % (status, client.responses.get(status, "Unknown"))
|
||||
start_response(status, headers.items())
|
||||
return []
|
||||
|
||||
is_authenticated = auth.is_authenticated(user, password)
|
||||
is_valid_user = is_authenticated or not user
|
||||
|
Loading…
Reference in New Issue
Block a user