summaryrefslogtreecommitdiffstats
path: root/Bugzilla
diff options
context:
space:
mode:
authorDavid Lawrence <dkl@mozilla.com>2014-05-12 16:36:59 +0200
committerDavid Lawrence <dkl@mozilla.com>2014-05-12 16:36:59 +0200
commit70e8ab711072845b5a39394268e70a88729e9d9a (patch)
treeb4df8c8d36bb350d709ac97ec2108a3164c366dd /Bugzilla
parent8243604780d562f47af41b9e9b2f78b00d29f424 (diff)
downloadbugzilla-70e8ab711072845b5a39394268e70a88729e9d9a.tar.gz
bugzilla-70e8ab711072845b5a39394268e70a88729e9d9a.tar.xz
Bug 1001462 - Bug.search causes error when using simple token auth and specifying 'token' instead of 'Bugzilla_token'
r/a=glob
Diffstat (limited to 'Bugzilla')
-rw-r--r--Bugzilla/WebService/Server/XMLRPC.pm6
-rw-r--r--Bugzilla/WebService/User.pm8
-rw-r--r--Bugzilla/WebService/Util.pm23
3 files changed, 18 insertions, 19 deletions
diff --git a/Bugzilla/WebService/Server/XMLRPC.pm b/Bugzilla/WebService/Server/XMLRPC.pm
index 40c66a8f9..48ab27a5e 100644
--- a/Bugzilla/WebService/Server/XMLRPC.pm
+++ b/Bugzilla/WebService/Server/XMLRPC.pm
@@ -115,6 +115,7 @@ our @ISA = qw(XMLRPC::Deserializer);
use Bugzilla::Error;
use Bugzilla::WebService::Constants qw(XMLRPC_CONTENT_TYPE_WHITELIST);
+use Bugzilla::WebService::Util qw(fix_credentials);
use Scalar::Util qw(tainted);
sub deserialize {
@@ -138,6 +139,11 @@ sub deserialize {
my $params = $som->paramsin;
# This allows positional parameters for Testopia.
$params = {} if ref $params ne 'HASH';
+
+ # Update the params to allow for several convenience key/values
+ # use for authentication
+ fix_credentials($params);
+
Bugzilla->input_params($params);
return $som;
}
diff --git a/Bugzilla/WebService/User.pm b/Bugzilla/WebService/User.pm
index f8358f78d..112d336d7 100644
--- a/Bugzilla/WebService/User.pm
+++ b/Bugzilla/WebService/User.pm
@@ -54,16 +54,10 @@ sub login {
# Username and password params are required
foreach my $param ("login", "password") {
- defined $params->{$param}
+ (!defined $params->{$param} && !defined $params->{'Bugzilla_' . $param})
|| ThrowCodeError('param_required', { param => $param });
}
- # Make sure the CGI user info class works if necessary.
- my $input_params = Bugzilla->input_params;
- $input_params->{'Bugzilla_login'} = $params->{login};
- $input_params->{'Bugzilla_password'} = $params->{password};
- $input_params->{'Bugzilla_restrictlogin'} = $params->{restrict_login};
-
my $user = Bugzilla->login();
my $result = { id => $self->type('int', $user->id) };
diff --git a/Bugzilla/WebService/Util.pm b/Bugzilla/WebService/Util.pm
index bba6122e5..8e66a9b53 100644
--- a/Bugzilla/WebService/Util.pm
+++ b/Bugzilla/WebService/Util.pm
@@ -261,18 +261,17 @@ sub params_to_objects {
sub fix_credentials {
my ($params) = @_;
- # Allow user to pass in login=foo&password=bar as a convenience
- # even if not calling GET /login. We also do not delete them as
- # GET /login requires "login" and "password".
- if (exists $params->{'login'} && exists $params->{'password'}) {
- $params->{'Bugzilla_login'} = $params->{'login'};
- $params->{'Bugzilla_password'} = $params->{'password'};
- }
- # Allow user to pass token=12345678 as a convenience which becomes
- # "Bugzilla_token" which is what the auth code looks for.
- if (exists $params->{'token'}) {
- $params->{'Bugzilla_token'} = $params->{'token'};
- }
+
+ # Allow user to pass in login, password, restrict_login, and
+ # token as short-cuts to the longer versions.
+ $params->{'Bugzilla_login'} = delete $params->{'login'}
+ if exists $params->{'login'};
+ $params->{'Bugzilla_password'} = delete $params->{'password'}
+ if exists $params->{'password'};
+ $params->{'Bugzilla_restrictlogin'} = delete $params->{'restrict_login'}
+ if exists $params->{'restrict_login'};
+ $params->{'Bugzilla_token'} = delete $params->{'token'}
+ if exists $params->{'token'};
# Allow extensions to modify the credential data before login
Bugzilla::Hook::process('webservice_fix_credentials', { params => $params });