Allow whitespace in secret header value (#5598)

vardhanapoorv · web-flow · commit 55e3e9fa601f · 2020-06-10T18:34:08.000+05:30
* Allow whitespace in secret header value

* Addressed comments
diff --git a/graphql/e2e/custom_logic/custom_logic_test.go b/graphql/e2e/custom_logic/custom_logic_test.go
@@ -169,8 +169,8 @@ func TestCustomQueryShouldForwardHeaders(t *testing.T) {
 		 })
 	 }
 
-		 # Dgraph.Secret Github-Api-Token random-fake-token
-		 # Dgraph.Secret X-App-Token should-be-overriden
+		 # Dgraph.Secret Github-Api-Token "random-fake-token"
+		 # Dgraph.Secret X-App-Token "should-be-overriden"
 	 `
 	updateSchemaRequireNoGQLErrors(t, schema)
 	time.Sleep(2 * time.Second)
@@ -936,8 +936,8 @@ func TestCustomFieldsShouldForwardHeaders(t *testing.T) {
 		)
   	}
 
-# Dgraph.Secret GITHUB-API-TOKEN some-api-token
-# Dgraph.Secret STRIPE-API-KEY some-api-key
+# Dgraph.Secret GITHUB-API-TOKEN "some-api-token"
+# Dgraph.Secret STRIPE-API-KEY "some-api-key"
   `
 
 	updateSchemaRequireNoGQLErrors(t, schema)
diff --git a/graphql/schema/schemagen.go b/graphql/schema/schemagen.go
@@ -96,12 +96,19 @@ func parseSecrets(sch string) (map[string]string, error) {
 			continue
 		}
 		parts := strings.Fields(text)
-		if len(parts) != 4 {
+		const doubleQuotesCode = 34
+
+		if len(parts) < 4 {
+			return nil, errors.Errorf("incorrect format for specifying Dgraph secret found for "+
+				"comment: `%s`, it should be `# Dgraph.Secret key value`", text)
+		}
+		val := strings.Join(parts[3:], " ")
+		if strings.Count(val, `"`) != 2 || val[0] != doubleQuotesCode || val[len(val)-1] != doubleQuotesCode {
 			return nil, errors.Errorf("incorrect format for specifying Dgraph secret found for "+
 				"comment: `%s`, it should be `# Dgraph.Secret key value`", text)
 		}
 
-		val := strings.Trim(parts[3], `"`)
+		val = strings.Trim(val, `"`)
 		key := strings.Trim(parts[2], `"`)
 		m[key] = val
 	}
diff --git a/graphql/schema/wrappers_test.go b/graphql/schema/wrappers_test.go
@@ -848,7 +848,7 @@ func TestParseSecrets(t *testing.T) {
 				name: String!
 			}
 
-			 # Dgraph.Secret  GITHUB_API_TOKEN   some-super-secret-token
+			 # Dgraph.Secret  GITHUB_API_TOKEN   "some-super-secret-token"
 			# Dgraph.Secret STRIPE_API_KEY "stripe-api-key-value"
 			`,
 			map[string]string{"GITHUB_API_TOKEN": "some-super-secret-token",
@@ -858,7 +858,7 @@ func TestParseSecrets(t *testing.T) {
 		},
 		{"should be able to parse secret where schema also has other comments.",
 			`
-		# Dgraph.Secret  GITHUB_API_TOKEN   some-super-secret-token
+		# Dgraph.Secret  GITHUB_API_TOKEN   "some-super-secret-token"
 
 		type User {
 			id: ID!
@@ -897,7 +897,7 @@ func TestParseSecrets(t *testing.T) {
 				name: String!
 			}
 
-			# Dgraph.Secret  "GITHUB_API_TOKEN"   some-super-secret-token
+			# Dgraph.Secret  "GITHUB_API_TOKEN"   "some-super-secret-token"
 			# Dgraph.Authorization X-Test-Dgraph https://dgraph.io/jwt/claims HS256 "key"
 			# Dgraph.Secret STRIPE_API_KEY "stripe-api-key-value"
 			`,

Original file line number	Diff line number	Diff line change
`@@ -169,8 +169,8 @@ func TestCustomQueryShouldForwardHeaders(t *testing.T) {`
`169`	`169`	`})`
`170`	`170`	`}`
`171`	`171`
`172`		`- # Dgraph.Secret Github-Api-Token random-fake-token`
`173`		`- # Dgraph.Secret X-App-Token should-be-overriden`
	`172`	`+ # Dgraph.Secret Github-Api-Token "random-fake-token"`
	`173`	`+ # Dgraph.Secret X-App-Token "should-be-overriden"`
`174`	`174`	`
`175`	`175`	`updateSchemaRequireNoGQLErrors(t, schema)`
`176`	`176`	`time.Sleep(2 * time.Second)`
`@@ -936,8 +936,8 @@ func TestCustomFieldsShouldForwardHeaders(t *testing.T) {`
`936`	`936`	`)`
`937`	`937`	`}`
`938`	`938`
`939`		`-# Dgraph.Secret GITHUB-API-TOKEN some-api-token`
`940`		`-# Dgraph.Secret STRIPE-API-KEY some-api-key`
	`939`	`+# Dgraph.Secret GITHUB-API-TOKEN "some-api-token"`
	`940`	`+# Dgraph.Secret STRIPE-API-KEY "some-api-key"`
`941`	`941`	`
`942`	`942`
`943`	`943`	`updateSchemaRequireNoGQLErrors(t, schema)`