Fix unauthorized response in REST API when header requests JSON

fixes #4984

diff --git a/lib/remote/httpserverconnection.cpp b/lib/remote/httpserverconnection.cpp
index 55310916ec53df5bfd512c13f8ec8ecf93a20e5a..114d0e93451dba00ba7eae1ebdff460e90637f29 100644 (file)
--- a/lib/remote/httpserverconnection.cpp
+++ b/lib/remote/httpserverconnection.cpp
@@ -19,6 +19,7 @@
 
 #include "remote/httpserverconnection.hpp"
 #include "remote/httphandler.hpp"
+#include "remote/httputility.hpp"
 #include "remote/apilistener.hpp"
 #include "remote/apifunction.hpp"
 #include "remote/jsonrpc.hpp"
@@ -180,11 +181,27 @@ void HttpServerConnection::ProcessMessageAsync(HttpRequest& request)
        } else if (!user) {
                Log(LogWarning, "HttpServerConnection")
                    << "Unauthorized request: " << request.RequestMethod << " " << requestUrl;
+
                response.SetStatus(401, "Unauthorized");
-               response.AddHeader("Content-Type", "text/html");
                response.AddHeader("WWW-Authenticate", "Basic realm=\"Icinga 2\"");
-               String msg = "<h1>Unauthorized</h1>";
-               response.WriteBody(msg.CStr(), msg.GetLength());
+
+               if (request.Headers->Get("accept") == "application/json") {
+                       Dictionary::Ptr result1 = new Dictionary();
+
+                       result1->Set("info", "Unauthorized. Please check your user credentials.");
+
+                       Array::Ptr results = new Array();
+                       results->Add(result1);
+
+                       Dictionary::Ptr result = new Dictionary();
+                       result->Set("results", results);
+
+                       HttpUtility::SendJsonBody(response, result);
+               } else {
+                       response.AddHeader("Content-Type", "text/html");
+                       String msg = "<h1>Unauthorized. Please check your user credentials.</h1>";
+                       response.WriteBody(msg.CStr(), msg.GetLength());
+               }
        } else {
                try {
                        HttpHandler::ProcessRequest(user, request, response);
@@ -192,9 +209,25 @@ void HttpServerConnection::ProcessMessageAsync(HttpRequest& request)
                        Log(LogCritical, "HttpServerConnection")
                            << "Unhandled exception while processing Http request: " << DiagnosticInformation(ex);
                        response.SetStatus(503, "Unhandled exception");
-                       response.AddHeader("Content-Type", "text/plain");
+
                        String errorInfo = DiagnosticInformation(ex);
-                       response.WriteBody(errorInfo.CStr(), errorInfo.GetLength());
+
+                       if (request.Headers->Get("accept") == "application/json") {
+                               Dictionary::Ptr result1 = new Dictionary();
+
+                               result1->Set("info", errorInfo);
+
+                               Array::Ptr results = new Array();
+                               results->Add(result1);
+
+                               Dictionary::Ptr result = new Dictionary();
+                               result->Set("results", results);
+
+                               HttpUtility::SendJsonBody(response, result);
+                       } else {
+                               response.AddHeader("Content-Type", "text/plain");
+                               response.WriteBody(errorInfo.CStr(), errorInfo.GetLength());
+                       }
                }
        }