[resotolib][feat] Allow authorization header as cookie (#1305)

someengineering · Nov 23, 2022 · 1744a09 · 1744a09
1 parent c930dc7
commit 1744a09
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 1 deletion.
diff --git a/resotolib/resotolib/asynchronous/web/auth.py b/resotolib/resotolib/asynchronous/web/auth.py
@@ -38,7 +38,7 @@ def always_allowed(request: Request) -> bool:
 
     @middleware
     async def valid_jwt_handler(request: Request, handler: RequestHandler) -> StreamResponse:
-        auth_header = request.headers.get("authorization")
+        auth_header = request.headers.get("authorization") or request.cookies.get("resoto_authorization")
         if always_allowed(request):
             return await handler(request)
         elif auth_header:

diff --git a/resotolib/test/asynchronous/web/test_auth.py b/resotolib/test/asynchronous/web/test_auth.py
@@ -40,6 +40,14 @@ async def test_correct_psk(aiohttp_client: Any, app_with_auth: Application) -> N
     assert resp.status == 200
 
 
+@mark.asyncio
+async def test_correct_psk_as_cookie(aiohttp_client: Any, app_with_auth: Application) -> None:
+    client: TestClient = await aiohttp_client(app_with_auth)
+    jwt = encode_jwt({"foo": "bla"}, "test")
+    resp = await client.get("/", cookies=CIMultiDict({"resoto_authorization": f"Bearer {jwt}"}))
+    assert resp.status == 200
+
+
 @mark.asyncio
 async def test_wrong_psk(aiohttp_client: Any, app_with_auth: Application) -> None:
     client: TestClient = await aiohttp_client(app_with_auth)