authorization: relax auth header requirements

Don't raise an exception if the authorization header contains an invalid value, such as Basic auth. Ignore it and move on to the next step in authentication. Signed-off-by: Eric Callahan <arksine.code@gmail.com>
2022-11-21 19:15:52 -05:00 · 2022-11-21 19:15:52 -05:00 · 5a22b21a40
parent 4ca39bec0a
commit 5a22b21a40
1 changed files with 4 additions and 8 deletions
--- a/moonraker/components/authorization.py
+++ b/moonraker/components/authorization.py
@ -648,20 +648,16 @@ class Authorization:
                qtoken = request.query_arguments.get('access_token', None)
                if qtoken is not None:
                    auth_token = qtoken[-1].decode()
+        elif auth_token.startswith("Bearer "):
+            auth_token = auth_token[7:]
        else:
-            if auth_token.startswith("Bearer "):
-                auth_token = auth_token[7:]
-            elif auth_token.startswith("Basic "):
-                raise HTTPError(401, "Basic Auth is not supported")
-            else:
-                raise HTTPError(
-                    401, f"Invalid Authorization Header: {auth_token}")
+            return None
        if auth_token:
            try:
                return self.decode_jwt(auth_token)
            except Exception:
                logging.exception(f"JWT Decode Error {auth_token}")
-                raise HTTPError(401, f"Error decoding JWT: {auth_token}")
+                raise HTTPError(401, "JWT Decode Error")
        return None

    def _check_authorized_ip(self, ip: IPAddr) -> bool: