AuthenticationAPI - use base64encode which can deal with UTF8 passwords #1411
Conversation
suffers from the same problem as window.btoa - can't handle unicode strings https://bugzilla.redhat.com/show_bug.cgi?id=1527316
|
Testing: add a user with special (unicode) characters in the password |
`window.btoa("sněhulák")` fails on InvalidCharacterError: String contains an invalid character
because it only expects latin1 chars
`$base64.encode` from `angular-base64` has the same problem.
We need to base64 encode the login:password pair even when the password uses non-latin1 chars :)
Implementation adapted from https://developer.mozilla.org/en-US/docs/Web/API/WindowBase64/Base64_encoding_and_decoding#Solution_2_%E2%80%93_rewrite_the_DOMs_atob()_and_btoa()_using_JavaScript's_TypedArrays_and_UTF-8
https://bugzilla.redhat.com/show_bug.cgi?id=1527316
|
oh my, now those are annoying failures... lemme see what can be done to help out travis... 🤔 |
|
So.. this does fail with the PhantomJS launcher but not with Chrome launcher .. also, looks like this kind of Also also, the specs kinda don't even run... looks like a runtime error early on, before any of the real code gets run (otherwise we'd see the promise either resolve, or catch, but if I add a That leads me to think this could be some webpack config error (which we could see as not being able to login in older browsers) or a difference in how the specs are compiled (babel vs webpack?). Either way, I'll try fixing in the morning by moving that import to |
|
Never mind, this (travis) is actually a different problem .. .. and that's because .. completely logically .. (problem described more in ManageIQ/manageiq-ui-classic#3687) |
… the encoder and explicitly say window.TextEncoder for when it doesn't exist
|
Checked commits https://github.com/himdel/manageiq-ui-service/compare/83273df13bd34afc633a07141450307c3c7719dc~...1384c4aeb94b957c62d3dade49ea8edbf8fe6694 with ruby 2.3.3, rubocop 0.52.1, haml-lint 0.20.0, and yamllint 1.10.0 |
package.json
Outdated
| @@ -112,6 +112,7 @@ | |||
| "sprintf-js": "1.1.1", | |||
| "standard-loader": "6.0.1", | |||
| "style-loader": "0.20.2", | |||
| "text-encoder-lite": "git://github.com/coolaj86/TextEncoderLite.git#e1e031b", | |||
There was a problem hiding this comment.
DANG that's annoying... update the to the version we need... but don't release it, 1.0.2 looks like what we want... but its nowhere cept on the commit...
@himdel yah ok with rewording this as follows? "text-encoder-lite": "coolaj86/TextEncoderLite#e1e031b",
|
@simaishi gooooood to get back! 👍 🌮 |
AuthenticationAPI - use base64encode which can deal with UTF8 passwords (cherry picked from commit 0ae3d01) https://bugzilla.redhat.com/show_bug.cgi?id=1562797
|
Gaprindashvili backport details: |
AuthenticationAPI - use base64encode which can deal with UTF8 passwords (cherry picked from commit 0ae3d01) Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1562798
|
Fine backport details: |
|
@himdel Can you please take a look at Travis failure in Fine branch? https://travis-ci.org/ManageIQ/manageiq-ui-service/jobs/380680697 |
|
Aah, looks like the failure is just linters .. doing a FINE PR to fix... => #1434 |
This is the same change as ManageIQ/manageiq-ui-classic#3682, except for SUI.
This adds 2 npm packages:
base64js- JS implementation of base64 which can deal with arbitrary encodingstext-encoder-lite- a shim for the TextEncoder api, useable for utf8 strings (even in IE)and replaces the
AuthenticationAPIuse of$base64.encodewith a custombase64encodefunction implemented using the 2 libraries.This way, users can use passwords with unicode chars.
Note: on modern browsers, this will handle any unicode password, including emoji.
On IE, more modern unicode versions may not be fully supported (czech or japanese chars should be fine, emoji may not).
The difference:
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1527316