From d14cb2b3630bd57414bd3889b4185886996e1979 Mon Sep 17 00:00:00 2001 From: Srdjan Grubor Date: Thu, 31 Jan 2019 13:33:11 -0600 Subject: [PATCH 1/2] Fix escaping of variable spaces Old code would use a `+` instead of `%20` for spaces since it was encoding the string as a query instead of like a path. --- CHANGELOG.md | 1 + _setup.sh | 3 ++- conjurapi/router_v4.go | 2 +- conjurapi/router_v5.go | 2 +- conjurapi/variable_test.go | 14 ++++++++++++++ 5 files changed, 19 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f507fa5..c291574 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. ## [Unreleased] +* Fix path generation of variables with spaces * Modify configuration loading to skip options that check home dirs if there is an error retrieving the home dir diff --git a/_setup.sh b/_setup.sh index 430f9f6..3e0a8d8 100755 --- a/_setup.sh +++ b/_setup.sh @@ -48,9 +48,9 @@ if ! oss_only; then exec_on cuke-master conjur host create --as-group security_admin bob exec_on cuke-master conjur variable create existent-variable-with-undefined-value - vars=( 'existent-variable-with-defined-value' + 'a/ b/c' 'myapp-01' 'alice@devops' 'prod/aws/db-password' @@ -61,6 +61,7 @@ if ! oss_only; then secrets=( 'existent-variable-defined-value' + 'a/ b/c' 'these' 'are' 'all' diff --git a/conjurapi/router_v4.go b/conjurapi/router_v4.go index 27bf090..fa770ad 100644 --- a/conjurapi/router_v4.go +++ b/conjurapi/router_v4.go @@ -114,7 +114,7 @@ func (r RouterV4) variableURL(variableID string) (string, error) { if err != nil { return "", err } - return fmt.Sprintf("%s/variables/%s/value", r.Config.ApplianceURL, url.QueryEscape(id)), nil + return fmt.Sprintf("%s/variables/%s/value", r.Config.ApplianceURL, url.PathEscape(id)), nil } func (r RouterV4) batchVariableURL(variableIDs []string) string { diff --git a/conjurapi/router_v5.go b/conjurapi/router_v5.go index e2fa344..0c74b6b 100644 --- a/conjurapi/router_v5.go +++ b/conjurapi/router_v5.go @@ -167,7 +167,7 @@ func (r RouterV5) variableURL(variableID string) (string, error) { if err != nil { return "", err } - return makeRouterURL(r.secretsURL(account), kind, url.QueryEscape(id)).String(), nil + return makeRouterURL(r.secretsURL(account), kind, url.PathEscape(id)).String(), nil } func (r RouterV5) batchVariableURL(variableIDs []string) string { diff --git a/conjurapi/variable_test.go b/conjurapi/variable_test.go index a291c85..a930673 100644 --- a/conjurapi/variable_test.go +++ b/conjurapi/variable_test.go @@ -92,6 +92,7 @@ func TestClient_RetrieveSecret(t *testing.T) { "research+development": "secret", "sales&marketing": "strings!", "onemore": "{\"json\": \"object\"}", + "a/ b /c": "somevalue", } policy := "" @@ -251,6 +252,19 @@ func TestClient_RetrieveSecret(t *testing.T) { So(string(obtainedSecretValue), ShouldEqual, secretValue) }) + Convey("Returns space-pathed existent variable's defined value", func() { + variableIdentifier := "a/ b/c" + secretValue := "a/ b/c" + + conjur, err := NewClientFromKey(*config, authn.LoginPair{login, apiKey}) + So(err, ShouldBeNil) + + obtainedSecretValue, err := conjur.RetrieveSecret(variableIdentifier) + So(err, ShouldBeNil) + + So(string(obtainedSecretValue), ShouldEqual, secretValue) + }) + Convey("Returns 404 on existent variable with undefined value", func() { variableIdentifier := "existent-variable-with-undefined-value" From 70e997c5f0fd80d214738cc14f988f6748b55d6b Mon Sep 17 00:00:00 2001 From: Srdjan Grubor Date: Fri, 1 Feb 2019 09:41:31 -0600 Subject: [PATCH 2/2] Updated changelog for v0.5.1 release --- CHANGELOG.md | 2 ++ VERSION | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c291574..c4a25b8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. ## [Unreleased] +# [0.5.1] + * Fix path generation of variables with spaces * Modify configuration loading to skip options that check home dirs if there is an error retrieving the home dir diff --git a/VERSION b/VERSION index 8f0916f..4b9fcbe 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -0.5.0 +0.5.1