From e77250b7c4b521dfd4589e0ff41e76146341432d Mon Sep 17 00:00:00 2001
From: Pascal Bleser
Date: Wed, 1 Jul 2026 14:55:43 +0200
Subject: [PATCH] groupware: add workaround when using the master/impersonation
account: in that case, don't use impersonation but the impersonation account
directly
---
pkg/jmap/http.go | 16 ++++++++++++----
1 file changed, 12 insertions(+), 4 deletions(-)
diff --git a/pkg/jmap/http.go b/pkg/jmap/http.go
index c9fcef0dcb..054fd4172c 100644
--- a/pkg/jmap/http.go
+++ b/pkg/jmap/http.go
@@ -104,14 +104,22 @@ func NewMasterAuthHttpJmapClientAuthenticator(masterUser string, masterPassword
var _ HttpJmapClientAuthenticator = &MasterAuthHttpJmapClientAuthenticator{}
func (h *MasterAuthHttpJmapClientAuthenticator) Authenticate(ctx context.Context, username string, _ *log.Logger, req *http.Request) Error {
- masterUsername := username + "%" + h.masterUser
- req.SetBasicAuth(masterUsername, h.masterPassword)
+ if username == h.masterUser {
+ req.SetBasicAuth(username, h.masterPassword)
+ } else {
+ masterUsername := username + "%" + h.masterUser
+ req.SetBasicAuth(masterUsername, h.masterPassword)
+ }
return nil
}
func (h *MasterAuthHttpJmapClientAuthenticator) AuthenticateWS(ctx context.Context, username string, _ *log.Logger, headers http.Header) Error {
- masterUsername := username + "%" + h.masterUser
- headers.Add("Authorization", "Basic "+base64.StdEncoding.EncodeToString([]byte(masterUsername+":"+h.masterPassword)))
+ if username == h.masterUser {
+ headers.Add("Authorization", "Basic "+base64.StdEncoding.EncodeToString([]byte(username+":"+h.masterPassword)))
+ } else {
+ masterUsername := username + "%" + h.masterUser
+ headers.Add("Authorization", "Basic "+base64.StdEncoding.EncodeToString([]byte(masterUsername+":"+h.masterPassword)))
+ }
return nil
}