feat(auth): allow Token or Bearer as valid schemes

closes: #25394
influxdata · Sep 25, 2024 · c2a3c99 · c2a3c99
1 parent c4514bf
commit c2a3c99
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 3 deletions.
diff --git a/influxdb3/tests/server/auth.rs b/influxdb3/tests/server/auth.rs
@@ -55,6 +55,19 @@ async fn auth() {
             .status(),
         StatusCode::OK
     );
+    assert_eq!(
+        client
+            .post(&write_lp_url)
+            .query(&write_lp_params)
+            .body("cpu,host=a val=1i 123")
+            // support both Bearer and Token auth schemes
+            .header("Authorization", format!("Token {TOKEN}"))
+            .send()
+            .await
+            .unwrap()
+            .status(),
+        StatusCode::OK
+    );
     assert_eq!(
         client
             .get(&query_sql_url)

diff --git a/influxdb3_server/src/http.rs b/influxdb3_server/src/http.rs
@@ -801,9 +801,9 @@ fn validate_auth_header(header: HeaderValue) -> Result<Vec<u8>, AuthorizationErr
     // Split the header value into two parts
     let mut header = header.to_str()?.split(' ');
 
-    // Check that the header is the 'Bearer' auth scheme
-    let bearer = header.next().ok_or(AuthorizationError::MalformedRequest)?;
-    if bearer != "Bearer" {
+    // Check that the header is the 'Bearer' or 'Token' auth scheme
+    let auth_scheme = header.next().ok_or(AuthorizationError::MalformedRequest)?;
+    if auth_scheme != "Bearer" && auth_scheme != "Token" {
         return Err(AuthorizationError::MalformedRequest);
     }