summaryrefslogtreecommitdiffstats
path: root/Bugzilla/WebService
diff options
context:
space:
mode:
authorDavid Lawrence <dkl@mozilla.com>2014-11-12 17:38:10 +0100
committerDavid Lawrence <dkl@mozilla.com>2014-11-12 17:38:10 +0100
commitc0156f20dfd3f5bfa3a0e1c2b6ca0f2de34797a4 (patch)
tree7b63716e937d2a746a5e5c85ab49a56cb137eb28 /Bugzilla/WebService
parentded5d29a6083d08350ddf78d05266872cc2e9bb7 (diff)
downloadbugzilla-c0156f20dfd3f5bfa3a0e1c2b6ca0f2de34797a4.tar.gz
bugzilla-c0156f20dfd3f5bfa3a0e1c2b6ca0f2de34797a4.tar.xz
Bug 1001462: Bug.search causes error when using simple token auth and specifying 'token' instead of 'Bugzilla_token'
r=glob,a=glob
Diffstat (limited to 'Bugzilla/WebService')
-rw-r--r--Bugzilla/WebService/Server/XMLRPC.pm7
-rw-r--r--Bugzilla/WebService/User.pm34
-rw-r--r--Bugzilla/WebService/Util.pm6
3 files changed, 28 insertions, 19 deletions
diff --git a/Bugzilla/WebService/Server/XMLRPC.pm b/Bugzilla/WebService/Server/XMLRPC.pm
index 8f9070ae7..56b31ffef 100644
--- a/Bugzilla/WebService/Server/XMLRPC.pm
+++ b/Bugzilla/WebService/Server/XMLRPC.pm
@@ -117,6 +117,7 @@ our @ISA = qw(XMLRPC::Deserializer);
use Bugzilla::Error;
use Bugzilla::WebService::Constants qw(XMLRPC_CONTENT_TYPE_WHITELIST);
+use Bugzilla::WebService::Util qw(fix_credentials);
use Scalar::Util qw(tainted);
sub deserialize {
@@ -140,7 +141,13 @@ sub deserialize {
my $params = $som->paramsin;
# This allows positional parameters for Testopia.
$params = {} if ref $params ne 'HASH';
+
+ # Update the params to allow for several convenience key/values
+ # use for authentication
+ fix_credentials($params);
+
Bugzilla->input_params($params);
+
return $som;
}
diff --git a/Bugzilla/WebService/User.pm b/Bugzilla/WebService/User.pm
index 4c8af7f6c..f3b8bf703 100644
--- a/Bugzilla/WebService/User.pm
+++ b/Bugzilla/WebService/User.pm
@@ -53,27 +53,20 @@ use constant MAPPED_RETURNS => {
sub login {
my ($self, $params) = @_;
+ # Check to see if we are already logged in
+ my $user = Bugzilla->user;
+ if ($user->id) {
+ return $self->_login_to_hash($user);
+ }
+
# Username and password params are required
foreach my $param ("login", "password") {
- defined $params->{$param}
+ (defined $params->{$param} || defined $params->{'Bugzilla_' . $param})
|| ThrowCodeError('param_required', { param => $param });
}
- # Make sure the CGI user info class works if necessary.
- my $input_params = Bugzilla->input_params;
- $input_params->{'Bugzilla_login'} = $params->{login};
- $input_params->{'Bugzilla_password'} = $params->{password};
- $input_params->{'Bugzilla_restrictlogin'} = $params->{restrict_login};
-
- my $user = Bugzilla->login();
-
- my $result = { id => $self->type('int', $user->id) };
-
- if ($user->{_login_token}) {
- $result->{'token'} = $user->id . "-" . $user->{_login_token};
- }
-
- return $result;
+ $user = Bugzilla->login();
+ return $self->_login_to_hash($user);
}
sub logout {
@@ -409,6 +402,15 @@ sub _report_to_hash {
return $item;
}
+sub _login_to_hash {
+ my ($self, $user) = @_;
+ my $item = { id => $self->type('int', $user->id) };
+ if ($user->{_login_token}) {
+ $item->{'token'} = $user->id . "-" . $user->{_login_token};
+ }
+ return $item;
+}
+
1;
__END__
diff --git a/Bugzilla/WebService/Util.pm b/Bugzilla/WebService/Util.pm
index e2bc78002..a0a51a8de 100644
--- a/Bugzilla/WebService/Util.pm
+++ b/Bugzilla/WebService/Util.pm
@@ -266,8 +266,8 @@ sub fix_credentials {
# even if not calling GET /login. We also do not delete them as
# GET /login requires "login" and "password".
if (exists $params->{'login'} && exists $params->{'password'}) {
- $params->{'Bugzilla_login'} = $params->{'login'};
- $params->{'Bugzilla_password'} = $params->{'password'};
+ $params->{'Bugzilla_login'} = delete $params->{'login'};
+ $params->{'Bugzilla_password'} = delete $params->{'password'};
}
# Allow user to pass api_key=12345678 as a convenience which becomes
# "Bugzilla_api_key" which is what the auth code looks for.
@@ -277,7 +277,7 @@ sub fix_credentials {
# Allow user to pass token=12345678 as a convenience which becomes
# "Bugzilla_token" which is what the auth code looks for.
if (exists $params->{'token'}) {
- $params->{'Bugzilla_token'} = $params->{'token'};
+ $params->{'Bugzilla_token'} = delete $params->{'token'};
}
# Allow extensions to modify the credential data before login