From e77250b7c4b521dfd4589e0ff41e76146341432d Mon Sep 17 00:00:00 2001 From: Pascal Bleser Date: Wed, 1 Jul 2026 14:55:43 +0200 Subject: [PATCH] groupware: add workaround when using the master/impersonation account: in that case, don't use impersonation but the impersonation account directly --- pkg/jmap/http.go | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/pkg/jmap/http.go b/pkg/jmap/http.go index c9fcef0dcb..054fd4172c 100644 --- a/pkg/jmap/http.go +++ b/pkg/jmap/http.go @@ -104,14 +104,22 @@ func NewMasterAuthHttpJmapClientAuthenticator(masterUser string, masterPassword var _ HttpJmapClientAuthenticator = &MasterAuthHttpJmapClientAuthenticator{} func (h *MasterAuthHttpJmapClientAuthenticator) Authenticate(ctx context.Context, username string, _ *log.Logger, req *http.Request) Error { - masterUsername := username + "%" + h.masterUser - req.SetBasicAuth(masterUsername, h.masterPassword) + if username == h.masterUser { + req.SetBasicAuth(username, h.masterPassword) + } else { + masterUsername := username + "%" + h.masterUser + req.SetBasicAuth(masterUsername, h.masterPassword) + } return nil } func (h *MasterAuthHttpJmapClientAuthenticator) AuthenticateWS(ctx context.Context, username string, _ *log.Logger, headers http.Header) Error { - masterUsername := username + "%" + h.masterUser - headers.Add("Authorization", "Basic "+base64.StdEncoding.EncodeToString([]byte(masterUsername+":"+h.masterPassword))) + if username == h.masterUser { + headers.Add("Authorization", "Basic "+base64.StdEncoding.EncodeToString([]byte(username+":"+h.masterPassword))) + } else { + masterUsername := username + "%" + h.masterUser + headers.Add("Authorization", "Basic "+base64.StdEncoding.EncodeToString([]byte(masterUsername+":"+h.masterPassword))) + } return nil }