Tim Andersson has proposed merging
~andersson123/autopkgtest-cloud:browse-cgi-api-key into
autopkgtest-cloud:master.
Requested reviews:
Canonical's Ubuntu QA (canonical-ubuntu-qa)
For more details, see:
https://code.launchpad.net/~andersson123/autopkgtest-cloud/+git/autopkgtest-cloud/+merge/462256
--
Your team Canonical's Ubuntu QA is requested to review the proposed merge of
~andersson123/autopkgtest-cloud:browse-cgi-api-key into
autopkgtest-cloud:master.
diff --git a/charms/focal/autopkgtest-web/webcontrol/request/app.py b/charms/focal/autopkgtest-web/webcontrol/request/app.py
index 23750e6..c3aaf07 100644
--- a/charms/focal/autopkgtest-web/webcontrol/request/app.py
+++ b/charms/focal/autopkgtest-web/webcontrol/request/app.py
@@ -3,6 +3,7 @@ import hmac
import json
import logging
import os
+import pathlib
from collections import ChainMap
from html import escape as _escape
@@ -54,6 +55,8 @@ SUCCESS = """
</dl>
"""
+API_KEY = pathlib.Path("/run/autopkgtest_webcontrol/api-key").read_text()
+
def check_github_sig(request):
"""Validate github signature of request.
@@ -284,6 +287,12 @@ def index_root():
@oid.loginhandler
def login():
"""Initiate OpenID login."""
+ if "a-u-c-api-key" in request.cookies:
+ submitted_key = request.cookies.get("a-u-c-api-key")
+ if submitted_key == API_KEY:
+ return redirect(request.form["next"])
+ else:
+ raise WebControlException("Incorrect API key.", 403)
if "nickname" in session:
return redirect(oid.get_next_url())
if "next" in request.form:
--
Mailing list: https://launchpad.net/~canonical-ubuntu-qa
Post to : canonical-ubuntu-qa@lists.launchpad.net
Unsubscribe : https://launchpad.net/~canonical-ubuntu-qa
More help : https://help.launchpad.net/ListHelp
