Backout of Bug 1001462 - Bug.search causes error when using simple token auth and specifying 'token' instead of 'Bugzilla_token'

3 files changed, 19 insertions, 18 deletions

diff --git a/Bugzilla/WebService/Server/XMLRPC.pm b/Bugzilla/WebService/Server/XMLRPC.pm
index 48ab27a5e..40c66a8f9 100644
--- a/Bugzilla/WebService/Server/XMLRPC.pm
+++ b/Bugzilla/WebService/Server/XMLRPC.pm
@@ -115,7 +115,6 @@ our @ISA = qw(XMLRPC::Deserializer);
 
 use Bugzilla::Error;
 use Bugzilla::WebService::Constants qw(XMLRPC_CONTENT_TYPE_WHITELIST);
-use Bugzilla::WebService::Util qw(fix_credentials);
 use Scalar::Util qw(tainted);
 
 sub deserialize {
@@ -139,11 +138,6 @@ sub deserialize {
     my $params = $som->paramsin;
     # This allows positional parameters for Testopia.
     $params = {} if ref $params ne 'HASH';
-
-    # Update the params to allow for several convenience key/values
-    # use for authentication
-    fix_credentials($params);
-
     Bugzilla->input_params($params);
     return $som;
 }
diff --git a/Bugzilla/WebService/User.pm b/Bugzilla/WebService/User.pm
index 112d336d7..f8358f78d 100644
--- a/Bugzilla/WebService/User.pm
+++ b/Bugzilla/WebService/User.pm
@@ -54,10 +54,16 @@ sub login {
 
     # Username and password params are required 
     foreach my $param ("login", "password") {
-        (!defined $params->{$param} && !defined $params->{'Bugzilla_' . $param})
+        defined $params->{$param} 
             || ThrowCodeError('param_required', { param => $param });
     }
 
+    # Make sure the CGI user info class works if necessary.
+    my $input_params = Bugzilla->input_params;
+    $input_params->{'Bugzilla_login'} =  $params->{login};
+    $input_params->{'Bugzilla_password'} = $params->{password};
+    $input_params->{'Bugzilla_restrictlogin'} = $params->{restrict_login};
+
     my $user = Bugzilla->login();
 
     my $result = { id => $self->type('int', $user->id) };
diff --git a/Bugzilla/WebService/Util.pm b/Bugzilla/WebService/Util.pm
index 8e66a9b53..bba6122e5 100644
--- a/Bugzilla/WebService/Util.pm
+++ b/Bugzilla/WebService/Util.pm
@@ -261,17 +261,18 @@ sub params_to_objects {
 
 sub fix_credentials {
     my ($params) = @_;
-
-    # Allow user to pass in login, password, restrict_login, and
-    # token as short-cuts to the longer versions.
-    $params->{'Bugzilla_login'} = delete $params->{'login'}
-        if exists $params->{'login'};
-    $params->{'Bugzilla_password'} = delete $params->{'password'}
-        if exists $params->{'password'};
-    $params->{'Bugzilla_restrictlogin'} = delete $params->{'restrict_login'}
-        if exists $params->{'restrict_login'};
-    $params->{'Bugzilla_token'} = delete $params->{'token'}
-        if exists $params->{'token'};
+    # Allow user to pass in login=foo&password=bar as a convenience
+    # even if not calling GET /login. We also do not delete them as
+    # GET /login requires "login" and "password".
+    if (exists $params->{'login'} && exists $params->{'password'}) {
+        $params->{'Bugzilla_login'}    = $params->{'login'};
+        $params->{'Bugzilla_password'} = $params->{'password'};
+    }
+    # Allow user to pass token=12345678 as a convenience which becomes
+    # "Bugzilla_token" which is what the auth code looks for.
+    if (exists $params->{'token'}) {
+        $params->{'Bugzilla_token'} = $params->{'token'};
+    }
 
     # Allow extensions to modify the credential data before login
     Bugzilla::Hook::process('webservice_fix_credentials', { params => $params });