aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_controller
diff options
context:
space:
mode:
authorMatthew Draper <matthew@trebex.net>2014-11-27 01:39:32 +1030
committerMatthew Draper <matthew@trebex.net>2014-11-27 01:44:13 +1030
commit25b14b4d3238d5474c60826ee1b359537af987ef (patch)
tree7c18df935e0dab1769e1f7738cd505c820c74e87 /actionpack/lib/action_controller
parentc5a711e28b65ee61f1e1cd333b09fba292773dd7 (diff)
parent3cc25864e34fb5b22b1ecacaaf91825841a5eebd (diff)
downloadrails-25b14b4d3238d5474c60826ee1b359537af987ef.tar.gz
rails-25b14b4d3238d5474c60826ee1b359537af987ef.tar.bz2
rails-25b14b4d3238d5474c60826ee1b359537af987ef.zip
Merge pull request #17186 from tgxworld/header_authentication_token
Allow authentication header to not have to specify 'token=' key.
Diffstat (limited to 'actionpack/lib/action_controller')
-rw-r--r--actionpack/lib/action_controller/metal/http_authentication.rb11
1 files changed, 9 insertions, 2 deletions
diff --git a/actionpack/lib/action_controller/metal/http_authentication.rb b/actionpack/lib/action_controller/metal/http_authentication.rb
index 2717a41d36..fd578d60ca 100644
--- a/actionpack/lib/action_controller/metal/http_authentication.rb
+++ b/actionpack/lib/action_controller/metal/http_authentication.rb
@@ -397,6 +397,7 @@ module ActionController
#
# RewriteRule ^(.*)$ dispatch.fcgi [E=X-HTTP_AUTHORIZATION:%{HTTP:Authorization},QSA,L]
module Token
+ TOKEN_KEY = 'token='
TOKEN_REGEX = /^Token /
AUTHN_PAIR_DELIMITERS = /(?:,|;|\t+)/
extend self
@@ -471,7 +472,13 @@ module ActionController
# pairs by the standardized <tt>:</tt>, <tt>;</tt>, or <tt>\t</tt>
# delimiters defined in +AUTHN_PAIR_DELIMITERS+.
def raw_params(auth)
- auth.sub(TOKEN_REGEX, '').split(/\s*#{AUTHN_PAIR_DELIMITERS}\s*/)
+ _raw_params = auth.sub(TOKEN_REGEX, '').split(/\s*#{AUTHN_PAIR_DELIMITERS}\s*/)
+
+ if !(_raw_params.first =~ %r{\A#{TOKEN_KEY}})
+ _raw_params[0] = "#{TOKEN_KEY}#{_raw_params.first}"
+ end
+
+ _raw_params
end
# Encodes the given token and options into an Authorization header value.
@@ -481,7 +488,7 @@ module ActionController
#
# Returns String.
def encode_credentials(token, options = {})
- values = ["token=#{token.to_s.inspect}"] + options.map do |key, value|
+ values = ["#{TOKEN_KEY}#{token.to_s.inspect}"] + options.map do |key, value|
"#{key}=#{value.to_s.inspect}"
end
"Token #{values * ", "}"