v0.3.1: enable plugin webapp + case-insensitive bearer
- Add webapp: true to maubot.yaml — without it, @web.post decorators are silently ignored and plugin webhook URLs return 404 - Match Authorization scheme case-insensitively (Seerr's UI lowercases 'Bearer' on save)
This commit is contained in:
parent
e1a7aa7b5b
commit
64b86c7c3f
2 changed files with 6 additions and 3 deletions
|
|
@ -1,6 +1,6 @@
|
|||
maubot: 0.3.1
|
||||
id: com.3ddbrewery.media
|
||||
version: 0.3.0
|
||||
version: 0.3.1
|
||||
license: MIT
|
||||
modules:
|
||||
- media_bot
|
||||
|
|
@ -9,3 +9,4 @@ config: true
|
|||
extra_files:
|
||||
- base-config.yaml
|
||||
database: false
|
||||
webapp: true
|
||||
|
|
|
|||
|
|
@ -918,8 +918,10 @@ class MediaBot(Plugin):
|
|||
async def seerr_webhook(self, req: Request) -> Response:
|
||||
secret = self.config["seerr_webhook_secret"] or ""
|
||||
if secret:
|
||||
auth = req.headers.get("Authorization", "")
|
||||
if auth != f"Bearer {secret}":
|
||||
# Case-insensitive scheme per RFC 7235 — Seerr's UI lowercases "Bearer"
|
||||
auth = (req.headers.get("Authorization") or "").strip()
|
||||
scheme, _, token = auth.partition(" ")
|
||||
if scheme.lower() != "bearer" or token != secret:
|
||||
self.log.warning("Seerr webhook bad auth from %s", req.remote)
|
||||
return Response(status=401, text="unauthorized")
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue