You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@arrow.apache.org by ze...@apache.org on 2022/02/24 17:54:38 UTC
[arrow] branch master updated: ARROW-15772: [Go][Flight] Server Basic Auth Middleware/Interceptor wrongly base64 decode
This is an automated email from the ASF dual-hosted git repository.
zeroshade pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/arrow.git
The following commit(s) were added to refs/heads/master by this push:
new efbc1cd ARROW-15772: [Go][Flight] Server Basic Auth Middleware/Interceptor wrongly base64 decode
efbc1cd is described below
commit efbc1cd5fad6c1a5dbe8189c82b293f8e1f9b6b1
Author: Corentin <co...@mail.com>
AuthorDate: Thu Feb 24 12:52:37 2022 -0500
ARROW-15772: [Go][Flight] Server Basic Auth Middleware/Interceptor wrongly base64 decode
The proposed fixed made the server auth works for both actual go implementation and other. I am not sure if the base64 padding should be used but in all cases having the server being able to read both seems better (being liberal with the inputs, strict with the output).
An other fix would be to change the Go implementation of the client to use the padded base64 (in `client.go` l.299). But I think making the server more robust is better.
Closes #12503 from Corentin-pro/auth-base64-fix
Authored-by: Corentin <co...@mail.com>
Signed-off-by: Matthew Topol <mt...@factset.com>
---
go/arrow/flight/server_auth.go | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/go/arrow/flight/server_auth.go b/go/arrow/flight/server_auth.go
index d3980bf..cc78d85 100644
--- a/go/arrow/flight/server_auth.go
+++ b/go/arrow/flight/server_auth.go
@@ -187,7 +187,10 @@ func createServerBearerTokenStreamInterceptor(validator BasicAuthValidator) grpc
if auth[0] == basicAuthPrefix {
val, err := base64.RawStdEncoding.DecodeString(auth[1])
if err != nil {
- return status.Errorf(codes.Unauthenticated, "invalid basic auth encoding: %s", err)
+ val, err = base64.StdEncoding.DecodeString(auth[1])
+ if err != nil {
+ return status.Errorf(codes.Unauthenticated, "invalid basic auth encoding: %s", err)
+ }
}
creds := strings.SplitN(string(val), ":", 2)