From d6df35f07276225956530f2fc77dbc159f947cef Mon Sep 17 00:00:00 2001 From: Naoki Takezoe Date: Thu, 25 Jan 2018 02:15:50 +0900 Subject: [PATCH] Return 401 for non-browsers when authentication is failed --- build.sbt | 3 ++- .../core/controller/ControllerBase.scala | 17 +++++++++++++++-- 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/build.sbt b/build.sbt index 01ebd1415..064bf92e0 100644 --- a/build.sbt +++ b/build.sbt @@ -62,7 +62,8 @@ libraryDependencies ++= Seq( "org.mockito" % "mockito-core" % "2.13.0" % "test", "com.wix" % "wix-embedded-mysql" % "3.0.0" % "test", "ru.yandex.qatools.embed" % "postgresql-embedded" % "2.6" % "test", - "net.i2p.crypto" % "eddsa" % "0.2.0" + "net.i2p.crypto" % "eddsa" % "0.2.0", + "is.tagomor.woothee" % "woothee-java" % "1.7.0" ) // Compiler settings diff --git a/src/main/scala/gitbucket/core/controller/ControllerBase.scala b/src/main/scala/gitbucket/core/controller/ControllerBase.scala index c8f9c1d81..d7bde6129 100644 --- a/src/main/scala/gitbucket/core/controller/ControllerBase.scala +++ b/src/main/scala/gitbucket/core/controller/ControllerBase.scala @@ -4,7 +4,7 @@ import java.io.FileInputStream import gitbucket.core.api.ApiError import gitbucket.core.model.Account -import gitbucket.core.service.{AccountService, SystemSettingsService,RepositoryService} +import gitbucket.core.service.{AccountService, RepositoryService, SystemSettingsService} import gitbucket.core.util.SyntaxSugars._ import gitbucket.core.util.Directory._ import gitbucket.core.util.Implicits._ @@ -17,9 +17,10 @@ import org.scalatra.forms._ import javax.servlet.http.{HttpServletRequest, HttpServletResponse} import javax.servlet.{FilterChain, ServletRequest, ServletResponse} +import is.tagomor.woothee.Classifier + import scala.util.Try import net.coobird.thumbnailator.Thumbnails - import org.eclipse.jgit.api.Git import org.eclipse.jgit.lib.ObjectId import org.eclipse.jgit.revwalk.RevCommit @@ -113,12 +114,24 @@ abstract class ControllerBase extends ScalatraFilter org.scalatra.NotFound(gitbucket.core.html.error("Not Found")) } + private def isBrowser(userAgent: String): Boolean = { + if(userAgent == null || userAgent.isEmpty){ + false + } else { + val data = Classifier.parse(userAgent) + val category = data.get("category") + category == "pc" || category == "smartphone" || category == "mobilephone" + } + } + protected def Unauthorized()(implicit context: Context) = if(request.hasAttribute(Keys.Request.Ajax)){ org.scalatra.Unauthorized() } else if(request.hasAttribute(Keys.Request.APIv3)){ contentType = formats("json") org.scalatra.Unauthorized(ApiError("Requires authentication")) + } else if(!isBrowser(request.getHeader("USER-AGENT"))){ + org.scalatra.Unauthorized() } else { if(context.loginAccount.isDefined){ org.scalatra.Unauthorized(redirect("/"))