Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Secrets with a plus sign not recognized #33

Closed
icelander opened this issue Mar 19, 2019 · 2 comments
Closed

Secrets with a plus sign not recognized #33

icelander opened this issue Mar 19, 2019 · 2 comments

Comments

@icelander
Copy link

icelander commented Mar 19, 2019
edited
Loading

Summary

Testing the Jira plugin with a curl is a common way of figuring out if it's working. However, if there is a + in the secret it is not recognized by the plugin.

Environment

  • Mattermost Server: 5.8.0

Steps to Reproduce

  1. Edit config.json so that the PluginSettings.Plugins.jira.secret value has a + in it. For example: KBcCZm_JWQWM2WD9tr5IMo+fUo5zGJwS
  2. curl the URL:
curl -XPOST "https://mattermost.example.com/plugins/jira/webhook?secret=KBcCZm_JWQWM2WD9tr5IMo+fUo5zGJwS&team=a-team&channel=town-square

Expected Behavior

curl command outputs this:

EOF

Observed Behavior

curl command outputs this:

You must provide the configured secret

Recommended Fixes

Scrub secrets of + character when generating them.
@levb
Copy link
Contributor

levb commented Mar 19, 2019

Right. We can (must?!) URI-encode the secret.

BTW, your secret should be fine if you replace + with %2B in that URL

@jasonblais jasonblais mentioned this issue May 9, 2019
Merged
@jasonblais
Copy link
Contributor

Resolved by #53, to be included in Jira v2.0 build next month.

levb added a commit that referenced this issue Aug 10, 2020
@levb
Fixed #31, #33 (#54)
8644811 
- Use plugin URL as the "home" for app links
- Added extra logging for suspicious callbacks
- Use templates for `/jira instance install` output
levb added a commit that referenced this issue Aug 10, 2020
@jfrerich @levb @mickmister
Updated /jira subscribe list (#43)
36ac2fa 
* iterate through instances when printing out the channel subscriptions
update tests for new printing output format

don't require --intance for subscribelist

* Update tests

* shorten field name

* several PR feedback fixes

* remove unused variable
rename map variable

* Disconnect users on instance uninstall (#41)

* [GH-4] add EE license check (#22)

* restrict plugin activation based on license

* run go mod tidy -v

* wip

* add enterprise package

* rename license naming to enterprise
if user does not have enterprise license, check number of instances
  installed before allowed to install another cloud or server instance

* remove function

* fix review feedback

* Add license checking tests

* wip

* wip by Lev

* wip

* wip

* remove comments

* remove function to return pointer to true bool value

* getMockInstanceStoreKV(0) should return initialized empty store
was returning instance store with one instance
correct all occurences call of getMockInstanceStoreKV(0) to call with 1
instanance. This fixes many failing tests
Add tests for InstallInstance function with extensive license checking

* fix linting

Co-authored-by: Lev Brouk <lev@mattermost.com>

* Fixed #31, #33 (#54)

- Use plugin URL as the "home" for app links
- Added extra logging for suspicious callbacks
- Use templates for `/jira instance install` output

* Fix test (#64)

* GH-21 Fixed websocket update on user disconnect, instance uninstall (#61)

* Fixed websocket update on user disconnect

* Revert "Fixed websocket update on user disconnect"

This reverts commit 84ca4b27ca2a3ed55408bf359786b3162dc1b29a.

* Fixed empty set refresh, defaulting in commands

* fixed instance status update

* GH-49: Fixed webhook, transition commands (#67)

* Use connectInstances array for userConnected redux selector (#71)

* Use connectInstances array for userConnected redux selector

* add null check

* [GH-45] Make sure frontend has up-to-date default instance data (#65)

* fetch instances on modal open

* Fix errors regarding redux update and missing channelId prop

* Get instances when subscribe modal opens

* fix tests

* Handle case where default instance value in frontend is stale (uninstalled)

* Make if statement more safe

* Make if statement more safe

* fix test

* lint

* GH-60: Fixed multi-work command alias parsing in webapp (#72)

* Fixed --instance

Co-authored-by: Lev <1187448+levb@users.noreply.github.com>
Co-authored-by: Lev Brouk <lev@mattermost.com>
Co-authored-by: Michael Kochell <6913320+mickmister@users.noreply.github.com>
mickmister pushed a commit that referenced this issue Jan 18, 2024
@Nityanand13 @ayusht2810 @raghavaggarwal2308
[GH-830]: Explained the jira subscription modal in the doc (#904)
ea9ab23 
* [MI-2608]: Explained the jira subscription modal in the doc. (#31)

* [MI-2608]: Explained the jira subscription modal in the doc.

* [MI-2608]:Review fixes done
1. Modified the doc
2. Connected the doc from frontend

* [MI-2608]: Review fixes done
1. Modified the administrator guide doc

* Fixed CI errors

* [MI-2698]: Review fixes done of PR #904 (#33)

* [MI-2698]: Review fixes done of PR #904

* [MI-2698]: Review fixes done
1. Improved the content of a administrative guide doc

* [MI-2799]: Done review fixes of Jira PR #904 (#38)

* Fixed CI errrors

* [MM-830] Remove extra file

* [MM-830] Update snapshot

* [MM-830] Remove extra parameter from link

* [MM-830] Update snapshot

---------

Co-authored-by: ayusht2810 <ayush.thakur@brightscout.com>
Co-authored-by: raghavaggarwal2308 <raghav.aggarwal@brightscout.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@icelander @levb @jasonblais