From a7fa5c4e11f9d2976b03014ad12b728d6ae932c7 Mon Sep 17 00:00:00 2001
From: aricart <alberto@synadia.com>
Date: Fri, 21 Feb 2020 12:48:18 -0400
Subject: [PATCH] Relaxed regex to allow optional carriage returns. Target
 content also had to change from `.+`, to more specifically grab the
 non-whitespace content.

---
 creds_utils.go      |  2 +-
 creds_utils_test.go | 63 +++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 64 insertions(+), 1 deletion(-)

diff --git a/creds_utils.go b/creds_utils.go
index bb913dc..265057f 100644
--- a/creds_utils.go
+++ b/creds_utils.go
@@ -82,7 +82,7 @@ NKEYs are sensitive and should be treated as secrets.
 	return w.Bytes(), nil
 }
 
-var userConfigRE = regexp.MustCompile(`\s*(?:(?:[-]{3,}[^\n]*[-]{3,}\n)(.+)(?:\n\s*[-]{3,}[^\n]*[-]{3,}\n))`)
+var userConfigRE = regexp.MustCompile(`\s*(?:(?:[-]{3,}.*[-]{3,}\r?\n)([\w\-.=]+)(?:\r?\n[-]{3,}.*[-]{3,}\r?\n))`)
 
 // An user config file looks like this:
 //  -----BEGIN NATS USER JWT-----
diff --git a/creds_utils_test.go b/creds_utils_test.go
index 5075274..436f379 100644
--- a/creds_utils_test.go
+++ b/creds_utils_test.go
@@ -209,3 +209,66 @@ func Test_DecorateNKeys(t *testing.T) {
 		t.Fatal("required error parsing bad nkey")
 	}
 }
+
+func Test_ParseCreds(t *testing.T) {
+	token, kp := makeJWT(t)
+	d, err := FormatUserConfig(token, seedKey(kp, t))
+	if err != nil {
+		t.Fatal(err)
+	}
+	pk, err := kp.PublicKey()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	token2, err := ParseDecoratedJWT(d)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if token != token2 {
+		t.Fatal("expected jwts to match")
+	}
+	kp2, err := ParseDecoratedUserNKey(d)
+	if err != nil {
+		t.Fatal(err)
+	}
+	pk2, err := kp2.PublicKey()
+	if err != nil {
+		t.Fatal(err)
+	}
+	if pk != pk2 {
+		t.Fatal("expected keys to match")
+	}
+}
+
+func Test_ParseCredsWithCrLfs(t *testing.T) {
+	token, kp := makeJWT(t)
+	d, err := FormatUserConfig(token, seedKey(kp, t))
+	if err != nil {
+		t.Fatal(err)
+	}
+	pk, err := kp.PublicKey()
+	if err != nil {
+		t.Fatal(err)
+	}
+	d = bytes.ReplaceAll(d, []byte{'\n'}, []byte{'\r', '\n'})
+
+	token2, err := ParseDecoratedJWT(d)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if token != token2 {
+		t.Fatal("expected jwts to match")
+	}
+	kp2, err := ParseDecoratedUserNKey(d)
+	if err != nil {
+		t.Fatal(err)
+	}
+	pk2, err := kp2.PublicKey()
+	if err != nil {
+		t.Fatal(err)
+	}
+	if pk != pk2 {
+		t.Fatal("expected keys to match")
+	}
+}