Optional whitespace support in Authorization (#1350) (#17145)

Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
This commit is contained in:
Timshel 2024-05-08 15:56:16 +02:00 committed by GitHub
parent 414ddcd457
commit 34a8652366
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 13 additions and 1 deletions

1
changelog.d/17145.bugfix Normal file
View file

@ -0,0 +1 @@
Add support for optional whitespace around the Federation API's `Authorization` header's parameter commas.

View file

@ -180,7 +180,11 @@ def _parse_auth_header(header_bytes: bytes) -> Tuple[str, str, str, Optional[str
"""
try:
header_str = header_bytes.decode("utf-8")
params = re.split(" +", header_str)[1].split(",")
space_or_tab = "[ \t]"
params = re.split(
rf"{space_or_tab}*,{space_or_tab}*",
re.split(r"^X-Matrix +", header_str, maxsplit=1)[1],
)
param_dict: Dict[str, str] = {
k.lower(): v for k, v in [param.split("=", maxsplit=1) for param in params]
}

View file

@ -147,3 +147,10 @@ class BaseFederationAuthorizationTests(unittest.TestCase):
),
("foo", "ed25519:1", "sig", "bar"),
)
# test that "optional whitespace(s)" (space and tabulation) are allowed between comma-separated auth-param components
self.assertEqual(
_parse_auth_header(
b'X-Matrix origin=foo , key="ed25519:1", sig="sig", destination="bar", extra_field=ignored'
),
("foo", "ed25519:1", "sig", "bar"),
)