Apply new logic for parsing WWW-Authenticate header #467
Conversation
hovaesco
force-pushed
the
hovaesco/oauth-header
branch
from
88282f9 to
01b937c
Compare
trino/auth.py
Outdated
| key = comps[0].strip(' "') | ||
| value = comps[1].strip(' "') | ||
| if key: | ||
| auth_info_headers[key.lower()] = value |
There was a problem hiding this comment.
the dict would overwrite if same key is present (e.g. if there are multiple Bearer realm entries or multiple Bearer x_redirect_server).
There was a problem hiding this comment.
I don't think it's possible that www-authenticate would have duplicate keys, based on https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/WWW-Authenticate
There was a problem hiding this comment.
The entire challenge cannot be a duplicate I think but here the key is the part split on =.
So the example at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/WWW-Authenticate#digest_authentication_with_sha-256_and_md5 has two challenges for which key = 'Digest realm'.
(Sorry I'm AFK and did not test the static method against that example 🙏).
hovaesco
force-pushed
the
hovaesco/oauth-header
branch
from
01b937c to
ca7ad24
Compare
hashhar
left a comment
hashhar
left a comment
There was a problem hiding this comment.
Looks good % question about duplicate keys
hovaesco
force-pushed
the
hovaesco/oauth-header
branch
from
ca7ad24 to
63ffa53
Compare
hashhar
left a comment
hashhar
left a comment
There was a problem hiding this comment.
works for our use-case where we just want x_redirect_server and x_token_server value. Sadly Python is not enterprise enough to have good quality libraries for HTTP 401 handling.
2 participants
Description
Resolves #444
Non-technical explanation
Release notes
( ) This is not user-visible or docs only and no release notes are required.
( ) Release notes are required, please propose a release note for me.
( ) Release notes are required, with the following suggested text: