commit fdf43a3fc87728ca0455c1ee2931be821f83b51d
author Ed Tanous <ed.tanous@intel.com> Wed Jul 31 16:52:24 2019 -0700
committer Ed Tanous <ed.tanous@intel.com> Fri Aug 02 16:30:41 2019 +0000
tree dc06f0ef6d016673761784056b61f73623ac8a24
parent c619141b47d5aaa5227a2a9ef0ef8ee6f0bef22f

Ignore charset for /login attempts

bmcweb fails when attempting to login with a Content header of
application/json; charset=utf8.  This is because of an exact string
compare.  This commit changes the check to only check the begining of
the string, and adds some logging to make it more clear when we hit this
in the future.

Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Change-Id: I972a80c174a18295205340271b781c9d6693ee17

include/token_authorization_middleware.hpp

diff --git a/include/token_authorization_middleware.hpp b/include/token_authorization_middleware.hpp
index ee34d00..2ff3879 100644
--- a/include/token_authorization_middleware.hpp
+++ b/include/token_authorization_middleware.hpp
@@ -283,12 +283,13 @@
             // within it are not destroyed before we can use them
             nlohmann::json loginCredentials;
             // Check if auth was provided by a payload
-            if (contentType == "application/json")
+            if (boost::starts_with(contentType, "application/json"))
             {
                 loginCredentials =
                     nlohmann::json::parse(req.body, nullptr, false);
                 if (loginCredentials.is_discarded())
                 {
+                    BMCWEB_LOG_DEBUG << "Bad json in request";
                     res.result(boost::beast::http::status::bad_request);
                     res.end();
                     return;
@@ -424,6 +425,7 @@
             }
             else
             {
+                BMCWEB_LOG_DEBUG << "Couldn't interpret password";
                 res.result(boost::beast::http::status::bad_request);
             }
             res.end();