lib-oauth2: Do not escape '.'

author Aki Tuomi <aki.tuomi@open-xchange.com>

Tue, 8 Jun 2021 06:04:21 +0000 (09:04 +0300)

committer Aki Tuomi <aki.tuomi@open-xchange.com>

Tue, 8 Jun 2021 10:04:49 +0000 (13:04 +0300)
author Aki Tuomi <aki.tuomi@open-xchange.com>
Tue, 8 Jun 2021 06:04:21 +0000 (09:04 +0300)
committer Aki Tuomi <aki.tuomi@open-xchange.com>
Tue, 8 Jun 2021 10:04:49 +0000 (13:04 +0300)
diff --git a/src/lib-oauth2/oauth2-jwt.c b/src/lib-oauth2/oauth2-jwt.c

index 0d853a5d334a5f78895f6d743cf997ea08b5395e..6dd09be4d39d101c1ca2428a4683917f72e8ae18 100644 (file)
--- a/src/lib-oauth2/oauth2-jwt.c
+++ b/src/lib-oauth2/oauth2-jwt.c
@@ -52,10 +52,10 @@ static int get_time_field(const struct json_tree *tree, const char *key,
         return -1;
  }
  
-/* Escapes '.', '/' and '%' in identifier to %hex */
+/* Escapes '/' and '%' in identifier to %hex */
  static const char *escape_identifier(const char *identifier)
  {
-       size_t pos = strcspn(identifier, "./%");
+       size_t pos = strcspn(identifier, "/%");
         /* nothing to escape */
         if (identifier[pos] == '\0')
                 return identifier;
@@ -66,9 +66,6 @@ static const char *escape_identifier(const char *identifier)
  
         for (size_t i = pos; i < len; i++) {
                 switch (identifier[i]) {
-               case '.':
-                       str_append(new_id, "%2e");
-                       break;
                 case '/':
                         str_append(new_id, "%2f");
                         break;
diff --git a/src/lib-oauth2/test-oauth2-jwt.c b/src/lib-oauth2/test-oauth2-jwt.c

index ba6c320fd17ba8f96aa35f41b0eed8ba4780052b..fa06d003f680ca6a59dde1bea0ba5f2a95a49f63 100644 (file)
--- a/src/lib-oauth2/test-oauth2-jwt.c
+++ b/src/lib-oauth2/test-oauth2-jwt.c
@@ -323,10 +323,10 @@ static void test_jwt_token_escape(void)
                         "http://test.unit/local%key",
                         "hs256",
                         "http://test.unit/local%key",
-                       "http:%2f%2ftest%2eunit%2flocal%25key",
-                       "http:%2f%2ftest%2eunit%2flocal%25key"
+                       "http:%2f%2ftest.unit%2flocal%25key",
+                       "http:%2f%2ftest.unit%2flocal%25key"
                 },
-               { "../", "hs256", "../", "%2e%2e%2f", "%2e%2e%2f" },
+               { "../", "hs256", "../", "..%2f", "..%2f" },
         };
  
         test_begin("JWT token escaping");
@@ -645,7 +645,7 @@ static void test_jwt_kid_escape(void)
          random_fill(ptr, 32);
          buffer_t *b64_key = t_base64_encode(0, SIZE_MAX,
                                              secret->data, secret->used);
-        save_key_to("HS256", "hello%2eworld%2f%25", str_c(b64_key));
+        save_key_to("HS256", "hello.world%2f%25", str_c(b64_key));
         /* make a token */
         buffer_t *tokenbuf = create_jwt_token_kid("HS256", "hello.world/%");
         /* sign it */
author	Aki Tuomi <aki.tuomi@open-xchange.com>
	Tue, 8 Jun 2021 06:04:21 +0000 (09:04 +0300)
committer	Aki Tuomi <aki.tuomi@open-xchange.com>
	Tue, 8 Jun 2021 10:04:49 +0000 (13:04 +0300)
src/lib-oauth2/oauth2-jwt.c		patch \| blob \| blame \| history
src/lib-oauth2/test-oauth2-jwt.c		patch \| blob \| blame \| history