was trying to get the tunnel based on the csrf-token header which is wrong. So...

was trying to get the tunnel based on the csrf-token header which is wrong. So try all possible token formats

was trying to get the tunnel based on the csrf-token header which is wrong. So...
was trying to get the tunnel based on the csrf-token header which is wrong. So try all possible token formats
40e68c69 · Chris Hines · 12573302 · 40e68c69
Commit 40e68c69 authored 2 years ago by Chris Hines
--- a/twsproxy/__init__.py
+++ b/twsproxy/__init__.py
@@ -106,62 +106,31 @@ class TWSProxy(threading.Thread):
        import re
        import requests
        logger = logging.getLogger()
-        token = b'Authorization: token (?P<authtok>\w+)[\W|$]'
-        m = re.search(token,header)
-        if m:
-            try:
-                authtok = m.groupdict()['authtok'].rstrip()
-                s = requests.Session()
-                url = TES+'tunnelstat/'+authtok.decode()
-                try:
-                    r = s.get(url)
-                    port = r.json()
-                except:
-                    raise Exception('unable to get a port number for the authtok {}'.format(r.text))
-                return port
-            except Exception as e:
-                import traceback
-                logger.error('Exception')
-                logger.error(e)
-                logger.error(traceback.format_exc())
-                raise e
-        token = b'token=(?P<authtok>\w+)[&|\W|$]'
-        m = re.search(token,header)
-        if m:
-            try:
-                authtok = m.groupdict()['authtok'].rstrip()
-                s = requests.Session()
-                url = TES+'tunnelstat/'+authtok.decode()
+        token_format: = [ b'Authorization: token (?P<authtok>\w+)[\W|$]',
+                         b'token=(?P<authtok>\w+)[&|\W|$]',
+                         b'twsproxyauth=(?P<authtok>\w+)[\W|$]']
+
+        for token in token_formats:
+            m = re.search(token,header)
+            if m:
                try:
-                    r = s.get(url)
-                    port = r.json()
-                except:
-                    raise Exception('unable to get a port number for the authtok {}'.format(r.text))
-                return port
-            except Exception as e:
-                import traceback
-                logger.error('Exception')
-                logger.error(e)
-                logger.error(traceback.format_exc())
-                raise e
-        token = b'twsproxyauth=(?P<authtok>\w+)[\W|$]'
-        m = re.search(token,header)
-        if m:
-            authtok = m.groupdict()['authtok']
-            s = requests.Session()
-            url = TES+'tunnelstat/'+authtok.decode()
-            try:
-                r = s.get(url)
-                port = r.json()
-            except:
-                raise Exception('unable to get a port number for the authtok {}'.format(r.text))
-            return port
+                    authtok = m.groupdict()['authtok'].rstrip()
+                    s = requests.Session()
+                    url = TES+'tunnelstat/'+authtok.decode()
+                    try:
+                        r = s.get(url)
+                        port = r.json()
+                    except:
+                        raise Exception('unable to get a port number for the authtok {}'.format(r.text))
+                    if port is not None:
+                        return port
+                except Exception as e:
+                    import traceback
+                    logger.error('Exception')
+                    logger.error(e)
+                    logger.error(traceback.format_exc())
+                    raise e
        return None
-#        if m:
-#            print('match verify!',m.group(0))
-#            return 8888 
-#        else:
-#            return None


    @staticmethod