Browse Source

Fix duplicate paths in secret hrefs

Reconstructing the base URL from a request when
host_href is not set must take into account that
an URL path may consist of and endpoint part followed
by a resource path, e.g.:

'http://localhost/key-manager/v1/secrets/25a24d6b-605e-4226-ab39-7e2d8e10f559'

where the endpoint URL is `http://localhost/key-manager/v1`

The pecan.request.application_url is used instead of
pecan.request.url to retrieve the base URL part
(`http://localhost/key-manager/v1`) excluding the resource
path. However, the /v1 version particle is included into the
application_url value because it is implemented by a wsgi
application rather than a pecan controller, so the /v1 bit
also needs to be removed from the base URL when present.

Change-Id: I3c05f3d2f9a970213ca8347d7bbe1aac203af0a1
Closes-Bug: #1749217
(cherry picked from commit ff55d17034)
changes/24/642424/2
Stefan Nica 1 year ago
parent
commit
27cf2f37f6
2 changed files with 7 additions and 3 deletions
  1. 6
    3
      barbican/common/utils.py
  2. 1
    0
      barbican/tests/utils.py

+ 6
- 3
barbican/common/utils.py View File

@@ -24,6 +24,7 @@ import uuid
24 24
 from oslo_log import log
25 25
 from oslo_utils import uuidutils
26 26
 import pecan
27
+import re
27 28
 import six
28 29
 from six.moves.urllib import parse
29 30
 
@@ -76,8 +77,8 @@ def get_base_url_from_request():
76 77
     Some of unit tests does not have pecan context that's why using request
77 78
     attr check on pecan instance.
78 79
     """
79
-    if not CONF.host_href and hasattr(pecan.request, 'url'):
80
-        p_url = parse.urlsplit(pecan.request.url)
80
+    if not CONF.host_href and hasattr(pecan.request, 'application_url'):
81
+        p_url = parse.urlsplit(pecan.request.application_url)
81 82
         # Pecan does not handle X_FORWARDED_PROTO yet, so we need to
82 83
         # handle it ourselves. see lp#1445290
83 84
         scheme = pecan.request.environ.get('HTTP_X_FORWARDED_PROTO', 'http')
@@ -86,7 +87,9 @@ def get_base_url_from_request():
86 87
         netloc = pecan.request.environ.get('HTTP_HOST', p_url.netloc)
87 88
         # FIXME: implement SERVER_NAME lookup if HTTP_HOST is not set
88 89
         if p_url.path:
89
-            base_url = '%s://%s%s' % (scheme, netloc, p_url.path)
90
+            # Remove the version from the path to extract the base path
91
+            base_path = re.sub('/v[0-9\.]+$', '', p_url.path)
92
+            base_url = '%s://%s%s' % (scheme, netloc, base_path)
90 93
         else:
91 94
             base_url = '%s://%s' % (scheme, netloc)
92 95
         return base_url

+ 1
- 0
barbican/tests/utils.py View File

@@ -50,6 +50,7 @@ def mock_pecan_request(test_instance, host=None):
50 50
     test_instance.addCleanup(patcher_obj.stop)
51 51
     mock_req.url = host
52 52
     mock_req.environ = os.environ.copy()
53
+    mock_req.application_url = host
53 54
 
54 55
 
55 56
 @contextmanager

Loading…
Cancel
Save