Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion lib/redfish_client/connector.rb
Original file line number Diff line number Diff line change
Expand Up @@ -324,7 +324,7 @@ def save_session_oid!(body, headers)
end

def basic_login
payload = Base64.encode64("#{@username}:#{@password}").strip
payload = Base64.strict_encode64("#{@username}:#{@password}")
add_headers(BASIC_AUTH_HEADER => "Basic #{payload}")
return if auth_valid?

Expand Down
13 changes: 13 additions & 0 deletions spec/redfish_client/connector_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -324,6 +324,19 @@
expect(stub).to have_been_requested.once
end

it "does not add newlines to long basic auth credentials" do
password = "p" * 100
expected_header = "Basic #{Base64.strict_encode64("user:#{password}")}"
stub = stub_request(:get, "http://auth.demo/test")
.with(headers: { "Authorization" => expected_header })

connector = described_class.new("http://auth.demo")
connector.set_auth_info("user", password, "/test")
connector.login

expect(stub).to have_been_requested.once
end

it "raises error if basic auth fails" do
stub_request(:get, "http://auth.demo/test").to_return(status: 401)
connector = described_class.new("http://auth.demo")
Expand Down