Changes to MiqPassword.sanitize_string to support URL encoded password.

[lfu]

To hide the encoded password value in URL encoded string with*******.

Blocks ManageIQ/manageiq-automation_engine#228.

https://bugzilla.redhat.com/show_bug.cgi?id=1619385

@miq-bot add_label bug, gaprindashvili/yes

cc @gmcculloug @bdunne

Before:

[----] I, [2018-09-04T11:52:44.679450 #12292:c27108]  INFO -- : Q-task_id([service_template_provision_task_1]) Instantiating [/Service/Provisioning/StateMachines/ServiceProvision_Template/CatalogItemInitialization?MiqServer%3A%3Amiq_server=1&Service%3A%3AService=1&ServiceTemplateProvisionTask%3A%3Aservice_template_provision_task=1&User%3A%3Auser=1&ae_state=checkprovisioned&ae_state_previous=---%0A%22%2FManageIQ%2FService%2FProvisioning%2FStateMachines%2FServiceProvision_Template%2FCatalogItemInitialization%22%3A%0A%20%20ae_state%3A%20checkprovisioned%0A%20%20ae_state_retries%3A%201%0A%20%20ae_state_started%3A%202018-09-04%2015%3A51%3A41%20UTC%0A%20%20ae_state_max_retries%3A%20100%0A&ae_state_retries=1&ae_state_started=2018-09-04%2015%3A51%3A41%20UTC&object_name=CatalogItemInitialization&password%3A%3Adialog_password_field=v2%3A%7BSEZAjnaOSeyzt387%2FrAooQ%3D%3D%7D&request=clone_to_service&service_action=Provision&vmdb_object_type=service_template_provision_task]

After:

[----] I, [2018-09-04T11:52:44.679450 #12292:c27108]  INFO -- : Q-task_id([service_template_provision_task_1]) Instantiating [/Service/Provisioning/StateMachines/ServiceProvision_Template/CatalogItemInitialization?MiqServer%3A%3Amiq_server=1&Service%3A%3AService=1&ServiceTemplateProvisionTask%3A%3Aservice_template_provision_task=1&User%3A%3Auser=1&ae_state=checkprovisioned&ae_state_previous=---%0A%22%2FManageIQ%2FService%2FProvisioning%2FStateMachines%2FServiceProvision_Template%2FCatalogItemInitialization%22%3A%0A%20%20ae_state%3A%20checkprovisioned%0A%20%20ae_state_retries%3A%201%0A%20%20ae_state_started%3A%202018-09-04%2015%3A51%3A41%20UTC%0A%20%20ae_state_max_retries%3A%20100%0A&ae_state_retries=1&ae_state_started=2018-09-04%2015%3A51%3A41%20UTC&object_name=CatalogItemInitialization&password%3A%3Adialog_password_field=********&request=clone_to_service&service_action=Provision&vmdb_object_type=service_template_provision_task]

[mkanoor]

@lfu Since there can be many kinds of encoding (base64, url) Should we call this function sanitize_url_encoded_string?

[bdunne]

I think the V2 should be removed from the name since the regex supports v*. Maybe REGEXP_URL_ENCODED?

[bdunne]

Why (.*?)?

[bdunne]

Also, we probably don't need the capture groups since we would have to URI decode the string before we could do anything with those values

[bdunne]

Any reason to add a new method rather than add this support to the two existing methods above?

[kbrock]

1. Is there a reason why you are not changing sanitize_string!?
2. If it simplifies anything, we only support keys of the form v2:{} - at least for the past 4 years.
3. We've dropped support for legacy and v1 keys. v[3-9] keys have never and will never exist.
4. Was a little surprised for keeping REGEXP and REGEXP_START_LINE - but I suppose those are needed for one use case of split.

Looking Good.

[kbrock]

We had plans to have versions of the passwords above v2 - but that is where it stopped and will always stop.
We no longer support anything other than v2, but taking that into account looks like it would change too many specs and be out of scope for this BZ.

I worry about having REGEXP and REGEXP_PASSWORD - but I can see how having a special purpose for cleaning urls may be desired. If not, please have sanitize_string and sanitize_string! use the same regular expression.

All in all, @lfu this is looking good.
Thanks @bdunne for the reviewing here, too.

[kbrock]

I'd feel a little more comfortable here with the .* being swapped out for a clause that will be more restrictive.
Since it is base64 encoded the valid characters are [A-Za-z+/=] but a simple [^%] will suffice.

Also the ? in the .*? looks funny to me. Is that for a blank password?

I think the simplest regex would be:

REGEXP_URL_ENCODED = /v[0-2](:\{[^}]*\}|%3A%7B[^%]*%7D)

REGEXP_PASSWORD really doesn't tell you anything. Granted, REGEXP is a bad name, as well.

[lfu]

.*? is for non-greedy match.
+/= become %2B%2F%3D after URL encoded. So [^%]* would not work for +/=.

[lfu]

Naming is always hard. REGEXP_URL_ENCODED was my first try. But actually only the 2nd part of the REGEX is for URL encoded password. The first part is just for an encrypted password.

If REGEXP_URL_ENCODED is preferred, I can certainly rename it.

[kbrock]

Not sure if simplifying this regex would simplify your main goal.

REGEXP = `/v([0-2]):\{([^}]*)\}/`

[lfu]

1. Is there a reason why you are not changing sanitize_string!?

I could not think of a use case where the change of sanitize_string! is necessary. I would be glad to make the change if someone can show me one of the use cases.

[bdunne]

I could not think of a use case where the change of sanitize_string! is necessary. I would be glad to make the change if someone can show me one of the use cases.

Just for API consistency.

[JPrause]

@miq-bot add_label blocker

[kbrock]

Just the one change with the + and I'm +1

@bdunne you good with this now?

[kbrock]

could you remove the + for both of these?

Also, I'd feel more comfortable with a [^%]* over .*? - but keeping with the lazy match and over matching is probably not the end of the world.

I'm punting on the name change. keep it REGEXP_PASSWORD

[kbrock]

thnx

[kbrock]

good catch

[bdunne]

@lfu Can you take care of the rubocop comment?

[miq-bot]

Checked commit lfu@744d4c9 with ruby 2.3.3, rubocop 0.52.1, haml-lint 0.20.0, and yamllint 1.10.0
2 files checked, 0 offenses detected
Everything looks fine. 👍

[kbrock]

I'm good with this - you all set @bdunne ?

[simaishi]

Hammer backport details:

$ git log -1
commit 448fc49b99ee8eb97c532450287337eb82978054
Author: Brandon Dunne <brandondunne@hotmail.com>
Date:   Tue Sep 25 14:52:08 2018 -0400

    Merge pull request #373 from lfu/password_log_1619385
    
    Changes to MiqPassword.sanitize_string to support URL encoded password.
    
    (cherry picked from commit 2fa61e91ce5eeba1dc969e38c76faaee61cb7eb6)
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1619385

[simaishi]

Gaprindashvili backport details:

$ git log -1
commit 3707a9a85a9b93325e566a7dbe1cdcb01f1c55cc
Author: Brandon Dunne <brandondunne@hotmail.com>
Date:   Tue Sep 25 14:52:08 2018 -0400

    Merge pull request #373 from lfu/password_log_1619385
    
    Changes to MiqPassword.sanitize_string to support URL encoded password.
    
    (cherry picked from commit 2fa61e91ce5eeba1dc969e38c76faaee61cb7eb6)
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1634808