Access REMOTE_USER #11

userg3003 · 2021-02-26T09:00:59Z

userg3003
Feb 26, 2021

The CGI RFC provides for a REMOTE_USER variable, which holds the username of the user who has been authenticated by the front-end Web server. For a WSGI application, this can be obtained as environ["REMOTE_USER"], since a WSGI application gets access to all CGI variables. It would be nice if an ASGI application could get access to the same thing.
For example, if I run the Flask application under the Apache server, with authorization through Active Directory, I can get the name of the authorized user in the remote_user variable.
Note: missing variables (such as REMOTE_USER when no authentication has occurred) should be left out of the environ dictionary (
PEP 3333).

To add the ability to access REMOTE_USER , you can do the following in asgi.py (in def build_scope(environ: Environ) -> Scope:):

def build_scope(environ: Environ) -> Scope:

    ...

    if environ.get("REMOTE_USER"):
        remote_user = environ.get("REMOTE_USER")
    else:
        remote_user = None


    return {
        "type": "http",
        "asgi": {"version": "3.0", "spec_version": "3.0"},
        "http_version": environ.get("SERVER_PROTOCOL", "http/1.0").split("/")[1],
        "method": environ["REQUEST_METHOD"],
        "scheme": environ.get("wsgi.url_scheme", "http"),
        "path": environ["PATH_INFO"].encode("latin1").decode("utf8"),
        "query_string": environ["QUERY_STRING"].encode("ascii"),
        "root_path": environ.get("SCRIPT_NAME", "").encode("latin1").decode("utf8"),
        "client": client,
        "server": (environ["SERVER_NAME"], int(environ["SERVER_PORT"])),
        "headers": headers,
        "remote_user": remote_user,
    }

abersheeran · 2021-02-27T08:51:24Z

abersheeran
Feb 27, 2021
Maintainer

Great idea, but it is not part of the ASGI standard. You should go to asgiref to create a PR. When it becomes a standard, a2wsgi will quickly follow up on this part.

0 replies

abersheeran · 2021-02-27T08:55:35Z

abersheeran
Feb 27, 2021
Maintainer

In addition, perhaps a2wsgi should allow users to access Environ directly from Scope or access Scope from Environ. So all non-standard fields can be accessed, what do you think?

5 replies

userg3003 Feb 27, 2021
Author

I agree that providing access to environ from the Scope is a great idea. And, in addition, it would solve the problem of non-compliance with the ASGI standard.

abersheeran Feb 27, 2021
Maintainer

Welcome to create related PR. 😀

abersheeran Mar 1, 2021
Maintainer

eecac89

userg3003 Mar 2, 2021
Author

Thanks, great job.

abersheeran Mar 2, 2021
Maintainer

This feature has been released, you can try version 1.4.0. If there is any bug, welcome to initiate an ISSUE. 😀

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Access REMOTE_USER #11

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{editor}}'s edit

{{editor}}'s edit

Uh oh!

Replies: 2 comments 5 replies

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Access REMOTE_USER #11

Uh oh!

Uh oh!

userg3003 Feb 26, 2021

Replies: 2 comments · 5 replies

Uh oh!

abersheeran Feb 27, 2021 Maintainer

Uh oh!

abersheeran Feb 27, 2021 Maintainer

Uh oh!

userg3003 Feb 27, 2021 Author

Uh oh!

abersheeran Feb 27, 2021 Maintainer

Uh oh!

abersheeran Mar 1, 2021 Maintainer

Uh oh!

userg3003 Mar 2, 2021 Author

Uh oh!

abersheeran Mar 2, 2021 Maintainer

userg3003
Feb 26, 2021

Replies: 2 comments 5 replies

abersheeran
Feb 27, 2021
Maintainer

abersheeran
Feb 27, 2021
Maintainer

userg3003 Feb 27, 2021
Author

abersheeran Feb 27, 2021
Maintainer

abersheeran Mar 1, 2021
Maintainer

userg3003 Mar 2, 2021
Author

abersheeran Mar 2, 2021
Maintainer