From cd7e858f987c154c1432a6ce1b1bb2098c49e7c6 Mon Sep 17 00:00:00 2001
From: Konstantin Kirillov <kkirillov@dlg.im>
Date: Thu, 22 Sep 2016 16:20:12 +0300
Subject: [PATCH] Added test for special characters in url signing

---
 .../google/cloud/storage/StorageImplTest.java | 33 +++++++++++++++++++
 1 file changed, 33 insertions(+)

diff --git a/google-cloud-storage/src/test/java/com/google/cloud/storage/StorageImplTest.java b/google-cloud-storage/src/test/java/com/google/cloud/storage/StorageImplTest.java
index 927b97afe487..b65a6f8f806e 100644
--- a/google-cloud-storage/src/test/java/com/google/cloud/storage/StorageImplTest.java
+++ b/google-cloud-storage/src/test/java/com/google/cloud/storage/StorageImplTest.java
@@ -1301,6 +1301,39 @@ public void testSignUrlWithOptions() throws NoSuchAlgorithmException, InvalidKey
         URLDecoder.decode(signature, UTF_8.name()))));
   }
 
+  @Test
+  public void testSignUrlForBlobWithSpecialChars() throws NoSuchAlgorithmException, InvalidKeyException,
+          SignatureException, UnsupportedEncodingException {
+    // List of chars under test were taken from https://en.wikipedia.org/wiki/Percent-encoding#Percent-encoding_reserved_characters
+    char[] specialChars = new char[]{'!','#','$','&','\'','(',')','*','+',',',':',';','=','?','@','[',']'};
+    EasyMock.replay(storageRpcMock);
+    ServiceAccountAuthCredentials authCredentials =
+            ServiceAccountAuthCredentials.createFor(ACCOUNT, privateKey);
+    storage = options.toBuilder().authCredentials(authCredentials).build().service();
+
+    for (char specialChar : specialChars) {
+      String blobName = "/a" + specialChar + "b";
+      URL url = storage.signUrl(BlobInfo.builder(BUCKET_NAME1, blobName).build(), 14, TimeUnit.DAYS);
+      String escapedBlobName = UrlEscapers.urlPathSegmentEscaper().escape(blobName);
+      String stringUrl = url.toString();
+      String expectedUrl = new StringBuilder("https://storage.googleapis.com/").append(BUCKET_NAME1)
+              .append(escapedBlobName).append("?GoogleAccessId=").append(ACCOUNT).append("&Expires=")
+              .append(42L + 1209600).append("&Signature=").toString();
+      assertTrue(stringUrl.startsWith(expectedUrl));
+      String signature = stringUrl.substring(expectedUrl.length());
+
+      StringBuilder signedMessageBuilder = new StringBuilder();
+      signedMessageBuilder.append(HttpMethod.GET).append("\n\n\n").append(42L + 1209600).append("\n/")
+              .append(BUCKET_NAME1).append(escapedBlobName);
+
+      Signature signer = Signature.getInstance("SHA256withRSA");
+      signer.initVerify(publicKey);
+      signer.update(signedMessageBuilder.toString().getBytes(UTF_8));
+      assertTrue(signer.verify(BaseEncoding.base64().decode(
+              URLDecoder.decode(signature, UTF_8.name()))));
+    }
+  }
+
   @Test
   public void testGetAllArray() {
     BlobId blobId1 = BlobId.of(BUCKET_NAME1, BLOB_NAME1);