kotovalexarian-likes-github
/
rails--rails
mirror of https://github.com/rails/rails.git
1
0
Fork 0
Code Releases Activity

Fix exception in raw_params method 

Prevent the raw_params method from throwing an exception
if the argument auth is blank.

Add tests for the raw_params method

Fix typo

Fix rubocop offenses
This commit is contained in:
kentakag 2021-01-31 00:43:13 +09:00
parent d5386cfba2
commit d7516f471a
2 changed files with 16 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
actionpack/lib/action_controller/metal/http_authentication.rb
View File

@ -484,7 +484,7 @@ module ActionController
def raw_params(auth)
_raw_params = auth.sub(TOKEN_REGEX, "").split(/\s*#{AUTHN_PAIR_DELIMITERS}\s*/)
if !_raw_params.first.start_with?(TOKEN_KEY)
if !_raw_params.first&.start_with?(TOKEN_KEY)
_raw_params[0] = "#{TOKEN_KEY}#{_raw_params.first}"
end

16
actionpack/test/controller/http_token_authentication_test.rb
View File

@ -155,7 +155,7 @@ class HttpTokenAuthenticationTest < ActionController::TestCase
assert_equal(expected, actual)
end
test "token_and_options returns correct token with nounce option" do
test "token_and_options returns correct token with nonce option" do
token = "rcHu+HzSFw89Ypyhn/896A="
nonce_hash = { nonce: "123abc" }
actual = ActionController::HttpAuthentication::Token.token_and_options(sample_request(token, nonce_hash))
@ -177,6 +177,20 @@ class HttpTokenAuthenticationTest < ActionController::TestCase
assert_equal(expected, actual)
end
test "raw_params returns a tuple of key value pair strings when auth does not contain a token key" do
auth = sample_request_without_token_key("rcHu+HzSFw89Ypyhn/896A=").authorization.to_s
actual = ActionController::HttpAuthentication::Token.raw_params(auth)
expected = ["token=rcHu+HzSFw89Ypyhn/896A="]
assert_equal(expected, actual)
end
test "raw_params returns a tuple of key strings when auth does not contain a token key and value" do
auth = sample_request_without_token_key(nil).authorization.to_s
actual = ActionController::HttpAuthentication::Token.raw_params(auth)
expected = ["token="]
assert_equal(expected, actual)
end
test "token_and_options returns right token when token key is not specified in header" do
token = "rcHu+HzSFw89Ypyhn/896A="