openstack/python-keystoneclient
Code Issues Proposed changes

URL-encode user-supplied tokens (bug 974319)

Browse Source 
Change-Id: I7440f879edb8d61ea2382d5d4a56e32eacce4cfd
This commit is contained in:
Dolph Mathews
2012-12-13 12:31:06 -06:00
parent 095cdd1057
commit 308a773283
2 changed files with 18 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
keystoneclient/middleware/auth_token.py
View File

@@ -109,6 +109,7 @@ import logging
import os import os
import stat import stat
import time import time
import urllib
import webob import webob
import webob.exc import webob.exc
@@ -177,6 +178,11 @@ def will_expire_soon(expiry):
return expiry < soon return expiry < soon
def safe_quote(s):
"""URL-encode strings that are not already URL-encoded."""
return urllib.quote(s) if s == urllib.unquote(s) else s
class InvalidUserToken(Exception): class InvalidUserToken(Exception):
pass pass
@@ -692,8 +698,9 @@ class AuthProtocol(object):
""" """
headers = {'X-Auth-Token': self.get_admin_token()} headers = {'X-Auth-Token': self.get_admin_token()}
response, data = self._json_request('GET', response, data = self._json_request(
'/v2.0/tokens/%s' % user_token, 'GET',
'/v2.0/tokens/%s' % safe_quote(user_token),
additional_headers=headers) additional_headers=headers)
if response.status == 200: if response.status == 200:

8
tests/test_auth_token_middleware.py
View File

@@ -668,3 +668,11 @@ class AuthTokenMiddlewareTest(test.NoModule, BaseAuthTokenMiddlewareTest):
fortyseconds = datetime.datetime.utcnow() + datetime.timedelta( fortyseconds = datetime.datetime.utcnow() + datetime.timedelta(
seconds=40) seconds=40)
self.assertFalse(auth_token.will_expire_soon(fortyseconds)) self.assertFalse(auth_token.will_expire_soon(fortyseconds))
class TokenEncodingTest(unittest.TestCase):
def test_unquoted_token(self):
self.assertEqual('foo%20bar', auth_token.safe_quote('foo bar'))
def test_quoted_token(self):
self.assertEqual('foo%20bar', auth_token.safe_quote('foo%20bar'))