discourse
/
discourse-auth-proxy
mirror of https://github.com/discourse/discourse-auth-proxy.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

FIX: Allow unicode in username and groups.

This commit is contained in:
Misaka 0x4e21 2024-03-31 10:48:12 +08:00
parent 22c3ae4548
commit 319fb64c9a
2 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
main.go
View File

@ -238,6 +238,7 @@ func redirectIfNoCookie(handler http.Handler, r *http.Request, w http.ResponseWr
expiration := time.Now().Add(reauthorizeInterval)
cookieData := strings.Join([]string{username, strings.Join(groups, "|"), user_id}, ",")
cookieData = url.QueryEscape(cookieData)
http.SetCookie(w, &http.Cookie{
Name: cookieName,
Value: signCookie(cookieData, config.CookieSecret),
@ -298,6 +299,10 @@ func parseCookie(data, secret string) (username string, groups string, user_id s
err = fmt.Errorf("Expecting signature to match")
return
} else {
parsed, err = url.QueryUnescape(parsed)
if err != nil {
return
}
splitted := strings.Split(parsed, ",")
username = splitted[0]
groups = splitted[1]

10
main_test.go
View File

@ -214,6 +214,16 @@ func TestValidPayloadWithoutUserID(t *testing.T) {
assert.Equal(t, user_id, "")
}
func TestValidPayloadWithUnicode(t *testing.T) {
signed := signCookie("用户名,群组,2", "secretfoo")
username, group, user_id, parseError := parseCookie(signed, "secretfoo")
assert.NoError(t, parseError)
assert.Equal(t, username, "用户名")
assert.Equal(t, group, "群组")
assert.Equal(t, user_id, "2")
}
func TestNotWhitelistedPath(t *testing.T) {
c := NewTestConfig()
c.Whitelist = ""