[BUG] Client command should urlencode password #210
Labels
bug
Something isn't working
good first issue
Good for newcomers
help wanted
The team has de-prioritized this and could use your help!
Description
GIVEN the broker is serving based on the password from the
SECURITY_USER_PASSWORD
environment variableAND the
SECURITY_USER_PASSWORD
contains a URL-sensitive symbol such as%
WHEN I run
cloud-service-broker client catalog
...Expected Behavior
...THEN I should see the catalog command complete successfully
Actual Behavior
...BUT instead I see
Possible Fix
The password should be URL-encoded before generating the client URL string here:
https://github.com/cloudfoundry-incubator/cloud-service-broker/blob/82ec90df2e9d5c9b8f3a49e87d40f9401bfc4d97/pkg/client/client.go#L51
Steps to Reproduce
%
in it.cloud-service-broker serve
cloud-service-broker client catalog
Context
We run the CSB as a Cloud Foundry app. Sometimes CF and the CSB get out of sync when a binding operations times out and we need to manually clean up service instances. On the CF side, we do
cf purge-service-instance
. Then wecf ssh
into the CSB application, and runcloud-service-broker client [unbind|deprovision] ...
. If the password that was used for the app includes a%
you get confusingNot authorized
responses even though you're using the exact same password that the CSB is pulling from the environment when CF rancloud-service-broker serve
as a startup command. You have to know that the password needs to be url-encoded before it can be used by theclient
command, and take the extra step to urlencode it yourself.Your Environment
The text was updated successfully, but these errors were encountered: