hazza/dspace-angular
1
0
Fork 1
mirror of https://github.com/DSpace/dspace-angular.git synced 2025-10-07 10:04:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

[CST-4767] Password are not properly url encoded at login

Browse Source
This commit is contained in:
Davide Negretti
2021-10-25 18:34:28 +02:00
parent adb40d8712
commit 6ff065cd27
3 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/app/core/auth/auth.service.ts
View File

@@ -42,7 +42,7 @@ import {
UnsetUserAsIdleAction UnsetUserAsIdleAction
} from './auth.actions'; } from './auth.actions';
import { NativeWindowRef, NativeWindowService } from '../services/window.service'; import { NativeWindowRef, NativeWindowService } from '../services/window.service';
import { Base64EncodeUrl } from '../../shared/utils/encode-decode.util'; import { loginEncodeUrl } from '../../shared/utils/encode-decode.util';
import { RouteService } from '../services/route.service'; import { RouteService } from '../services/route.service';
import { EPersonDataService } from '../eperson/eperson-data.service'; import { EPersonDataService } from '../eperson/eperson-data.service';
import { getAllSucceededRemoteDataPayload } from '../shared/operators'; import { getAllSucceededRemoteDataPayload } from '../shared/operators';
@@ -103,7 +103,7 @@ export class AuthService {
*/ */
public authenticate(user: string, password: string): Observable<AuthStatus> { public authenticate(user: string, password: string): Observable<AuthStatus> {
// Attempt authenticating the user using the supplied credentials. // Attempt authenticating the user using the supplied credentials.
const body = (`password=${Base64EncodeUrl(password)}&user=${Base64EncodeUrl(user)}`); const body = (`password=${loginEncodeUrl(password)}&user=${loginEncodeUrl(user)}`);
const options: HttpOptions = Object.create({}); const options: HttpOptions = Object.create({});
let headers = new HttpHeaders(); let headers = new HttpHeaders();
headers = headers.append('Content-Type', 'application/x-www-form-urlencoded'); headers = headers.append('Content-Type', 'application/x-www-form-urlencoded');

8
src/app/shared/utils/encode-decode.util.spec.ts
View File

@@ -1,10 +1,10 @@
import { Base64EncodeUrl } from './encode-decode.util'; import { loginEncodeUrl } from './encode-decode.util';
describe('Encode/Decode Utils', () => { describe('Encode/Decode Utils', () => {
const strng = '+string+/=t-'; const strng = '+string+/=t-%';
const encodedStrng = '%2Bstring%2B%2F%3Dt-'; const encodedStrng = '%2Bstring%2B%2F%3Dt-%25';
it('should return encoded string', () => { it('should return encoded string', () => {
expect(Base64EncodeUrl(strng)).toBe(encodedStrng); expect(loginEncodeUrl(strng)).toBe(encodedStrng);
}); });
}); });

4
src/app/shared/utils/encode-decode.util.ts
View File

@@ -5,6 +5,6 @@
* @param {String} str the encoded string * @param {String} str the encoded string
* @returns {String} the URL friendly encoded String * @returns {String} the URL friendly encoded String
*/ */
export function Base64EncodeUrl(str): string { export function loginEncodeUrl(str): string {
return str.replace(/\+/g, '%2B').replace(/\//g, '%2F').replace(/\=/g, '%3D'); return encodeURIComponent(str);
} }