Don't default to basic-auth if it's enabled, yet require it to be specified

2025-12-08 20:29:23 +00:00 · 2023-11-06 10:31:26 -05:00
parent b9983bf133
commit b680bb532b
5 changed files with 117 additions and 66 deletions
--- a/common/request/src/lib.rs
+++ b/common/request/src/lib.rs
@@ -2,27 +2,19 @@
 #![doc = include_str!("../README.md")]

 use hyper_rustls::{HttpsConnectorBuilder, HttpsConnector};
-use hyper::{
-  StatusCode,
-  header::{HeaderValue, HeaderMap},
-  body::{Buf, Body},
-  Response as HyperResponse,
-  client::HttpConnector,
-};
-pub use hyper::{self, Request};
+use hyper::{header::HeaderValue, client::HttpConnector};
+pub use hyper;
+
+mod request;
+pub use request::*;
+
+mod response;
+pub use response::*;

 #[derive(Debug)]
-pub struct Response(HyperResponse<Body>);
-impl Response {
-  pub fn status(&self) -> StatusCode {
-    self.0.status()
-  }
-  pub fn headers(&self) -> &HeaderMap<HeaderValue> {
-    self.0.headers()
-  }
-  pub async fn body(self) -> Result<impl std::io::Read, hyper::Error> {
-    Ok(hyper::body::aggregate(self.0.into_body()).await?.reader())
-  }
+pub enum Error {
+  InvalidUri,
+  Hyper(hyper::Error),
 }

 #[derive(Clone, Debug)]
@@ -35,12 +27,6 @@ pub struct Client {
  connection: Connection,
 }

-#[derive(Debug)]
-pub enum Error {
-  InvalidHost,
-  Hyper(hyper::Error),
-}
-
 impl Client {
  fn https_builder() -> HttpsConnector<HttpConnector> {
    HttpsConnectorBuilder::new().with_native_roots().https_or_http().enable_http1().build()
@@ -56,38 +42,14 @@ impl Client {
  fn without_connection_pool() -> Client {}
  */

-  pub async fn request(&self, mut request: Request<Body>) -> Result<Response, Error> {
+  pub async fn request<R: Into<Request>>(&self, request: R) -> Result<Response, Error> {
+    let request: Request = request.into();
+    let mut request = request.0;
    if request.headers().get(hyper::header::HOST).is_none() {
-      let host = request.uri().host().ok_or(Error::InvalidHost)?.to_string();
+      let host = request.uri().host().ok_or(Error::InvalidUri)?.to_string();
      request
        .headers_mut()
-        .insert(hyper::header::HOST, HeaderValue::from_str(&host).map_err(|_| Error::InvalidHost)?);
-    }
-
-    #[cfg(feature = "basic-auth")]
-    if request.headers().get(hyper::header::AUTHORIZATION).is_none() {
-      if let Some(authority) = request.uri().authority() {
-        let authority = authority.as_str();
-        if authority.contains('@') {
-          // Decode the username and password from the URI
-          let mut userpass = authority.split('@').next().unwrap().to_string();
-          // If the password is "", the URI may omit :, yet the authentication will still expect it
-          if !userpass.contains(':') {
-            userpass.push(':');
-          }
-
-          use zeroize::Zeroize;
-          use base64ct::{Encoding, Base64};
-
-          let mut encoded = Base64::encode_string(userpass.as_bytes());
-          userpass.zeroize();
-          request.headers_mut().insert(
-            hyper::header::AUTHORIZATION,
-            HeaderValue::from_str(&format!("Basic {encoded}")).unwrap(),
-          );
-          encoded.zeroize();
-        }
-      }
+        .insert(hyper::header::HOST, HeaderValue::from_str(&host).map_err(|_| Error::InvalidUri)?);
    }

    Ok(Response(match &self.connection {