mirror of
https://github.com/rails/rails.git
synced 2022-11-09 12:12:34 -05:00
Fix exception in raw_params method
Prevent the raw_params method from throwing an exception if the argument auth is blank. Add tests for the raw_params method Fix typo Fix rubocop offenses
This commit is contained in:
parent
d5386cfba2
commit
d7516f471a
2 changed files with 16 additions and 2 deletions
|
@ -484,7 +484,7 @@ module ActionController
|
||||||
def raw_params(auth)
|
def raw_params(auth)
|
||||||
_raw_params = auth.sub(TOKEN_REGEX, "").split(/\s*#{AUTHN_PAIR_DELIMITERS}\s*/)
|
_raw_params = auth.sub(TOKEN_REGEX, "").split(/\s*#{AUTHN_PAIR_DELIMITERS}\s*/)
|
||||||
|
|
||||||
if !_raw_params.first.start_with?(TOKEN_KEY)
|
if !_raw_params.first&.start_with?(TOKEN_KEY)
|
||||||
_raw_params[0] = "#{TOKEN_KEY}#{_raw_params.first}"
|
_raw_params[0] = "#{TOKEN_KEY}#{_raw_params.first}"
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -155,7 +155,7 @@ class HttpTokenAuthenticationTest < ActionController::TestCase
|
||||||
assert_equal(expected, actual)
|
assert_equal(expected, actual)
|
||||||
end
|
end
|
||||||
|
|
||||||
test "token_and_options returns correct token with nounce option" do
|
test "token_and_options returns correct token with nonce option" do
|
||||||
token = "rcHu+HzSFw89Ypyhn/896A="
|
token = "rcHu+HzSFw89Ypyhn/896A="
|
||||||
nonce_hash = { nonce: "123abc" }
|
nonce_hash = { nonce: "123abc" }
|
||||||
actual = ActionController::HttpAuthentication::Token.token_and_options(sample_request(token, nonce_hash))
|
actual = ActionController::HttpAuthentication::Token.token_and_options(sample_request(token, nonce_hash))
|
||||||
|
@ -177,6 +177,20 @@ class HttpTokenAuthenticationTest < ActionController::TestCase
|
||||||
assert_equal(expected, actual)
|
assert_equal(expected, actual)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
test "raw_params returns a tuple of key value pair strings when auth does not contain a token key" do
|
||||||
|
auth = sample_request_without_token_key("rcHu+HzSFw89Ypyhn/896A=").authorization.to_s
|
||||||
|
actual = ActionController::HttpAuthentication::Token.raw_params(auth)
|
||||||
|
expected = ["token=rcHu+HzSFw89Ypyhn/896A="]
|
||||||
|
assert_equal(expected, actual)
|
||||||
|
end
|
||||||
|
|
||||||
|
test "raw_params returns a tuple of key strings when auth does not contain a token key and value" do
|
||||||
|
auth = sample_request_without_token_key(nil).authorization.to_s
|
||||||
|
actual = ActionController::HttpAuthentication::Token.raw_params(auth)
|
||||||
|
expected = ["token="]
|
||||||
|
assert_equal(expected, actual)
|
||||||
|
end
|
||||||
|
|
||||||
test "token_and_options returns right token when token key is not specified in header" do
|
test "token_and_options returns right token when token key is not specified in header" do
|
||||||
token = "rcHu+HzSFw89Ypyhn/896A="
|
token = "rcHu+HzSFw89Ypyhn/896A="
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue