Catch unicode decode errors in auth decode
Fixes https://jira.coreos.com/browse/QUAY-1249
This commit is contained in:
Joseph Schorr
parent
72ad0e9789
commit
c3f2901ec0
2 changed files with 8 additions and 1 deletions
|
|
@ -47,7 +47,7 @@ def _parse_basic_auth_header(auth):
|
||||||
|
|
||||||
try:
|
try:
|
||||||
credentials = [part.decode('utf-8') for part in b64decode(normalized[1]).split(':', 1)]
|
credentials = [part.decode('utf-8') for part in b64decode(normalized[1]).split(':', 1)]
|
||||||
except TypeError:
|
except (TypeError, UnicodeDecodeError, ValueError):
|
||||||
logger.exception('Exception when parsing basic auth header: %s', auth)
|
logger.exception('Exception when parsing basic auth header: %s', auth)
|
||||||
return None, 'Could not parse basic auth header'
|
return None, 'Could not parse basic auth header'
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -75,3 +75,10 @@ def test_valid_app_specific_token(app):
|
||||||
token = _token(APP_SPECIFIC_TOKEN_USERNAME, app_specific_token.token_code)
|
token = _token(APP_SPECIFIC_TOKEN_USERNAME, app_specific_token.token_code)
|
||||||
result = validate_basic_auth(token)
|
result = validate_basic_auth(token)
|
||||||
assert result == ValidateResult(AuthKind.basic, appspecifictoken=app_specific_token)
|
assert result == ValidateResult(AuthKind.basic, appspecifictoken=app_specific_token)
|
||||||
|
|
||||||
|
|
||||||
|
def test_invalid_unicode(app):
|
||||||
|
token = '\xebOH'
|
||||||
|
header = 'basic ' + b64encode(token)
|
||||||
|
result = validate_basic_auth(header)
|
||||||
|
assert result == ValidateResult(AuthKind.basic, missing=True)
|
||||||
|
|
|
||||||
Reference in a new issue