Add OwnTracks over HTTP (#9582)

* Add OwnTracks over HTTP * Fix tests
2017-09-28 00:49:35 -07:00 · 2017-09-28 00:49:35 -07:00 · 6fb55b363a
commit 6fb55b363a
parent 7c8e7d6eb0
6 changed files with 198 additions and 8 deletions
--- a/homeassistant/components/http/auth.py
+++ b/homeassistant/components/http/auth.py
@ -1,8 +1,11 @@
 """Authentication for HTTP component."""
 import asyncio
+import base64
 import hmac
 import logging

+from aiohttp import hdrs
+
 from homeassistant.const import HTTP_HEADER_HA_AUTH
 from .util import get_real_ip
 from .const import KEY_TRUSTED_NETWORKS, KEY_AUTHENTICATED
@ -41,6 +44,10 @@ def auth_middleware(app, handler):
              validate_password(request, request.query[DATA_API_PASSWORD])):
            authenticated = True

+        elif (hdrs.AUTHORIZATION in request.headers and
+              validate_authorization_header(request)):
+            authenticated = True
+
        elif is_trusted_ip(request):
            authenticated = True

@ -64,3 +71,22 @@ def validate_password(request, api_password):
    """Test if password is valid."""
    return hmac.compare_digest(
        api_password, request.app['hass'].http.api_password)
+
+
+def validate_authorization_header(request):
+    """Test an authorization header if valid password."""
+    if hdrs.AUTHORIZATION not in request.headers:
+        return False
+
+    auth_type, auth = request.headers.get(hdrs.AUTHORIZATION).split(' ', 1)
+
+    if auth_type != 'Basic':
+        return False
+
+    decoded = base64.b64decode(auth).decode('utf-8')
+    username, password = decoded.split(':', 1)
+
+    if username != 'homeassistant':
+        return False
+
+    return validate_password(request, password)