Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ensure URL encoding of + as %2B Authorize URL [SDK-691] #259

Merged
merged 3 commits into from
Mar 15, 2019
Merged

Ensure URL encoding of + as %2B Authorize URL [SDK-691] #259

merged 3 commits into from
Mar 15, 2019

Conversation

cocojoe
Copy link
Member

@cocojoe cocojoe commented Mar 12, 2019
edited
Loading

Changes

Please describe both what is changing and why this is important. Include:

URL Encoding has changed to force encoding of + to %2B so + can be used
as expected for the login_hint to pre-populate the ULP form.

References

Internally raised issue.

Testing

Please describe how this can be tested by reviewers. Be specific about anything not tested and reasons why. If this library has unit and/or integration testing, tests should be added for new functionality and existing tests should complete without errors.

  • This change adds unit test coverage
  • This change has been tested on the latest version of the platform/language or why not

Checklist

@cocojoe cocojoe changed the title Force URL encoding of + as %2B for ULP Force URL encoding of + as %2B Authorize URL Mar 13, 2019
@cocojoe cocojoe added this to the vNext milestone Mar 13, 2019
@cocojoe cocojoe changed the title Force URL encoding of + as %2B Authorize URL Force URL encoding of + as %2B Authorize URL [SDK-691] Mar 13, 2019
@cocojoe cocojoe changed the title Force URL encoding of + as %2B Authorize URL [SDK-691] Ensure URL encoding of + as %2B Authorize URL [SDK-691] Mar 13, 2019
cocojoe
cocojoe commented Mar 14, 2019
View reviewed changes
Auth0/SafariWebAuth.swift
@@ -181,6 +181,7 @@ class SafariWebAuth: WebAuth {

entries.forEach { items.append(URLQueryItem(name: $0, value: $1)) }
components.queryItems = self.telemetry.queryItemsWithTelemetry(queryItems: items)
components.percentEncodedQuery = components.percentEncodedQuery?.replacingOccurrences(of: "+", with: "%2B")
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I had a look at encoding at the key value. However, then the URL will end up double encoded. So this also appears to be the okay by apple http://www.openradar.me/24076063

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ugh. Thanks for the link

cocojoe
cocojoe commented Mar 14, 2019
View reviewed changes
Auth0Tests/WebAuthSpec.swift
let url = newWebAuth()
.parameters(["login_hint": "first+last@host.com"])
.buildAuthorizeURL(withRedirectURL: RedirectURL, defaults: defaults, state: "state")
expect(url.absoluteString.contains("first%2Blast@host.com")).to(beTrue())
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ is valid in query

@cocojoe cocojoe merged commit 99a51f0 into master Mar 15, 2019
@cocojoe cocojoe mentioned this pull request Mar 18, 2019
Merged
@cocojoe cocojoe deleted the fixed-url-encode branch July 18, 2019 09:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lbalmaceda lbalmaceda lbalmaceda approved these changes

Assignees
No one assigned
Labels
CH: Changed
Projects
None yet
Milestone
1.14.2
Development

Successfully merging this pull request may close these issues.
2 participants
@cocojoe @lbalmaceda