From 245053434fa02e5ce238f83f88ced2183dd886ab Mon Sep 17 00:00:00 2001
From: Eric Callahan <arksine.code@gmail.com>
Date: Sat, 28 Aug 2021 08:54:40 -0400
Subject: [PATCH] authorization: specifically identify basic auth

Raise an exception when a request with Basic Auth is received, however do not log the username/password.

Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
---
 moonraker/components/authorization.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/moonraker/components/authorization.py b/moonraker/components/authorization.py
index 1dcfb9a..d408080 100644
--- a/moonraker/components/authorization.py
+++ b/moonraker/components/authorization.py
@@ -533,6 +533,8 @@ class Authorization:
         else:
             if auth_token.startswith("Bearer "):
                 auth_token = auth_token[7:]
+            elif auth_token.startswith("Basic "):
+                raise HTTPError(401, "Basic Auth is not supported")
             else:
                 raise HTTPError(
                     401, f"Invalid Authorization Header: {auth_token}")