From 9e1dc90aef39951cafc10f65dddb3fd6c6090453 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 4 Jul 2022 09:53:40 -0400 Subject: [PATCH] Rough in remove_password function + tests --- src/zm_utils.cpp | 27 ++++++++++++++++++++++ src/zm_utils.h | 1 + tests/zm_utils.cpp | 56 ++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 84 insertions(+) diff --git a/src/zm_utils.cpp b/src/zm_utils.cpp index dcf4c7330..a1ed57642 100644 --- a/src/zm_utils.cpp +++ b/src/zm_utils.cpp @@ -440,3 +440,30 @@ std::string mask_authentication(const std::string &url) { } return masked_url; } + +std::string remove_authentication(const std::string &url) { + std::size_t at_at = url.find("@"); + if (at_at == std::string::npos) { + return url; + } + std::string result; + std::size_t password_at = url.rfind(":", at_at); + + if (password_at == std::string::npos) { + // no : means no http:// either so something like username@192.168.1.1 + result = url.substr(at_at+1); + } else if (url[password_at+1] == '/') { + // no password, something like http://username@192.168.1.1 + result = url.substr(0, password_at+3) + url.substr(at_at+1); + } else { + std::size_t username_at = url.rfind("/", password_at); + if (username_at == std::string::npos) { + // Something like username:password@192.168.1.1 + result = url.substr(at_at+1); + } else { + // have username and password, something like http://username:password@192.168.1.1/ + result = url.substr(0, username_at+1) + url.substr(at_at+1); + } + } + return result; +} diff --git a/src/zm_utils.h b/src/zm_utils.h index 8a7ba3561..ebef109e2 100644 --- a/src/zm_utils.h +++ b/src/zm_utils.h @@ -110,6 +110,7 @@ typedef std::chrono::steady_clock::time_point TimePoint; typedef std::chrono::system_clock::time_point SystemTimePoint; std::string mask_authentication(const std::string &url); +std::string remove_authentication(const std::string &url); std::string UriDecode(const std::string &encoded); diff --git a/tests/zm_utils.cpp b/tests/zm_utils.cpp index 4745ad60b..92bbefadb 100644 --- a/tests/zm_utils.cpp +++ b/tests/zm_utils.cpp @@ -238,3 +238,59 @@ TEST_CASE("QueryString") { REQUIRE(p2->values()[0] == "value2"); } } + +TEST_CASE("mask_authentication") { + SECTION("no authentication") { + std::string url("http://192.168.1.1"); + std::string result = mask_authentication(url); + REQUIRE(url == result); + } + SECTION("has username no password has scheme") { + std::string url("http://username@192.168.1.1"); + std::string result = mask_authentication(url); + REQUIRE(result == "http://********@192.168.1.1"); + } + SECTION("has username no password no scheme") { + std::string url("username@192.168.1.1"); + std::string result = mask_authentication(url); + REQUIRE(result == "********@192.168.1.1"); + } + SECTION("has username has password no scheme") { + std::string url("username:password@192.168.1.1"); + std::string result = mask_authentication(url); + REQUIRE(result == "********:********@192.168.1.1"); + } + SECTION("has username has password has scheme") { + std::string url("http://username:password@192.168.1.1"); + std::string result = mask_authentication(url); + REQUIRE(result == "http://********:********@192.168.1.1"); + } +} + +TEST_CASE("remove_authentication") { + SECTION("no authentication") { + std::string url("http://192.168.1.1"); + std::string result = remove_authentication(url); + REQUIRE(url == result); + } + SECTION("has username no password has scheme") { + std::string url("http://username@192.168.1.1"); + std::string result = remove_authentication(url); + REQUIRE(result == "http://192.168.1.1"); + } + SECTION("has username no password no scheme") { + std::string url("username@192.168.1.1"); + std::string result = remove_authentication(url); + REQUIRE(result == "192.168.1.1"); + } + SECTION("has username has password no scheme") { + std::string url("username:password@192.168.1.1"); + std::string result = remove_authentication(url); + REQUIRE(result == "192.168.1.1"); + } + SECTION("has username has password has scheme") { + std::string url("http://username:password@192.168.1.1"); + std::string result = remove_authentication(url); + REQUIRE(result == "http://192.168.1.1"); + } +}