feat(auth): allow Token or Bearer as valid schemes (#25397)

closes: https://github.com/influxdata/influxdb/issues/25394
2024-09-27 13:40:28 +01:00 · 2024-09-27 13:40:28 +01:00 · 70643d0136
parent c4514bf401
commit 70643d0136
2 changed files with 16 additions and 3 deletions
--- a/influxdb3/tests/server/auth.rs
+++ b/influxdb3/tests/server/auth.rs
@ -55,6 +55,19 @@ async fn auth() {
            .status(),
        StatusCode::OK
    );
+    assert_eq!(
+        client
+            .post(&write_lp_url)
+            .query(&write_lp_params)
+            .body("cpu,host=a val=1i 123")
+            // support both Bearer and Token auth schemes
+            .header("Authorization", format!("Token {TOKEN}"))
+            .send()
+            .await
+            .unwrap()
+            .status(),
+        StatusCode::OK
+    );
    assert_eq!(
        client
            .get(&query_sql_url)
--- a/influxdb3_server/src/http.rs
+++ b/influxdb3_server/src/http.rs
@ -801,9 +801,9 @@ fn validate_auth_header(header: HeaderValue) -> Result<Vec<u8>, AuthorizationErr
    // Split the header value into two parts
    let mut header = header.to_str()?.split(' ');

-    // Check that the header is the 'Bearer' auth scheme
-    let bearer = header.next().ok_or(AuthorizationError::MalformedRequest)?;
-    if bearer != "Bearer" {
+    // Check that the header is the 'Bearer' or 'Token' auth scheme
+    let auth_scheme = header.next().ok_or(AuthorizationError::MalformedRequest)?;
+    if auth_scheme != "Bearer" && auth_scheme != "Token" {
        return Err(AuthorizationError::MalformedRequest);
    }