[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[libeufin] branch master updated: Fix HTTP basic auth parsing.
From: |
gnunet |
Subject: |
[libeufin] branch master updated: Fix HTTP basic auth parsing. |
Date: |
Sat, 18 Sep 2021 12:48:56 +0200 |
This is an automated email from the git hooks/post-receive script.
ms pushed a commit to branch master
in repository libeufin.
The following commit(s) were added to refs/heads/master by this push:
new 5df710e Fix HTTP basic auth parsing.
5df710e is described below
commit 5df710ed9fe1c7352c59092ee16fc989c8a54c2f
Author: ms <ms@taler.net>
AuthorDate: Sat Sep 18 12:48:53 2021 +0200
Fix HTTP basic auth parsing.
---
.idea/misc.xml | 2 +-
util/src/main/kotlin/HTTP.kt | 8 ++++++--
2 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/.idea/misc.xml b/.idea/misc.xml
index dd64e0b..3058817 100644
--- a/.idea/misc.xml
+++ b/.idea/misc.xml
@@ -9,5 +9,5 @@
<component name="FrameworkDetectionExcludesConfiguration">
<file type="web" url="file://$PROJECT_DIR$" />
</component>
- <component name="ProjectRootManager" version="2" languageLevel="JDK_15"
default="true" project-jdk-name="11" project-jdk-type="JavaSDK" />
+ <component name="ProjectRootManager" version="2" languageLevel="JDK_11"
project-jdk-name="11" project-jdk-type="JavaSDK" />
</project>
\ No newline at end of file
diff --git a/util/src/main/kotlin/HTTP.kt b/util/src/main/kotlin/HTTP.kt
index 491a6e9..c788342 100644
--- a/util/src/main/kotlin/HTTP.kt
+++ b/util/src/main/kotlin/HTTP.kt
@@ -31,11 +31,15 @@ fun extractUserAndPassword(authorizationHeader: String):
Pair<String, String> {
val (username, password) = try {
val split = authorizationHeader.split(" ")
val plainUserAndPass = String(base64ToBytes(split[1]), Charsets.UTF_8)
- plainUserAndPass.split(":")
+ val ret = plainUserAndPass.split(":")
+ if (ret.size != 2) throw java.lang.Exception(
+ "HTTP Basic auth line does not contain username and (only)
password"
+ )
+ ret
} catch (e: Exception) {
throw UtilError(
HttpStatusCode.BadRequest,
- "invalid Authorization:-header received",
+ "invalid Authorization:-header received: ${e.message}",
LibeufinErrorCode.LIBEUFIN_EC_AUTHENTICATION_FAILED
)
}
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [libeufin] branch master updated: Fix HTTP basic auth parsing.,
gnunet <=