From 137f38169c266668da8b57c3b16413896a79b715 Mon Sep 17 00:00:00 2001 From: evyaffe Date: Tue, 28 Jun 2022 16:50:07 +0300 Subject: [PATCH 1/3] support special characters in context signature without changing the original request --- api/osb/context_signature_plugin.go | 4 +- api/osb/utils.go | 19 +++++++ api/osb/utils_test.go | 57 +++++++++++++++++++ go.mod | 14 ++--- go.sum | 57 +++++++------------ test/common/context_signature.go | 7 ++- .../context_signature_test.go | 4 +- 7 files changed, 109 insertions(+), 53 deletions(-) create mode 100644 api/osb/utils_test.go diff --git a/api/osb/context_signature_plugin.go b/api/osb/context_signature_plugin.go index d0e6ab73c..ebe79c80c 100644 --- a/api/osb/context_signature_plugin.go +++ b/api/osb/context_signature_plugin.go @@ -82,7 +82,7 @@ func (s *ContextSignaturePlugin) signContext(req *web.Request, next web.Handler) return next.Handle(req) } - reqBody, err := json.Marshal(reqBodyMap) + reqBody, err := marshalJSONNoHTMLEscape(reqBodyMap) if err != nil { log.C(req.Context()).Errorf("failed to marshal request body: %v", err) return next.Handle(req) @@ -98,7 +98,7 @@ func (cs *ContextSigner) Sign(ctx context.Context, contextMap map[string]interfa log.C(ctx).Errorf(errorMsg) return fmt.Errorf(errorMsg) } - ctxByte, err := json.Marshal(contextMap) + ctxByte, err := marshalJSONNoHTMLEscape(contextMap) if err != nil { log.C(ctx).Errorf("failed to marshal context: %v", err) return err diff --git a/api/osb/utils.go b/api/osb/utils.go index 143187432..b939c1a1e 100644 --- a/api/osb/utils.go +++ b/api/osb/utils.go @@ -1,7 +1,9 @@ package osb import ( + "bytes" "context" + "encoding/json" "fmt" "github.com/Peripli/service-manager/pkg/client" "github.com/Peripli/service-manager/pkg/log" @@ -58,3 +60,20 @@ func Get(doRequestWithClient util.DoRequestWithClientFunc, brokerAPIVersion stri return responseBytes, nil } + +func marshalJSONNoHTMLEscape(t interface{}) ([]byte, error) { + buffer := &bytes.Buffer{} + encoder := json.NewEncoder(buffer) + encoder.SetEscapeHTML(false) + if err := encoder.Encode(t); err != nil { + return nil, err + } + + outputBytes := buffer.Bytes() + outputLen := len(outputBytes) + if outputLen > 0 && rune(outputBytes[outputLen-1]) == '\n' { // remove line break added by encoder.Encode (https://pkg.go.dev/encoding/json#Encoder.Encode) + return outputBytes[:outputLen-1], nil + } + + return outputBytes, nil +} diff --git a/api/osb/utils_test.go b/api/osb/utils_test.go new file mode 100644 index 000000000..bbf9254b3 --- /dev/null +++ b/api/osb/utils_test.go @@ -0,0 +1,57 @@ +package osb + +import ( + "encoding/json" + . "github.com/onsi/ginkgo" + . "github.com/onsi/gomega" +) + +var _ = Describe("OSB Controller Utils test", func() { + Describe("marshalJSONNoHTMLEscape", func() { + It("keeps special characters", func() { + inputMap := map[string]string{"prop": "a & b"} + expected := []byte(`{"prop":"a & b"}`) + notExpected := []byte(`{"prop":"a \u0026 b"}`) + + marshalNoEscapeBytes, err := marshalJSONNoHTMLEscape(inputMap) + Expect(err).ToNot(HaveOccurred()) + Expect(marshalNoEscapeBytes).To(Equal(expected)) + + marshalBytes, err := json.Marshal(inputMap) + Expect(err).ToNot(HaveOccurred()) + Expect(marshalBytes).To(Equal(notExpected)) + + Expect(marshalNoEscapeBytes).ToNot(Equal(marshalBytes)) + }) + + It("eliminates line break added in the end", func() { + inputMap := map[string]string{"prop": "val"} + expected := []byte(`{"prop":"val"}`) + + marshalNoEscapeBytes, err := marshalJSONNoHTMLEscape(inputMap) + Expect(err).ToNot(HaveOccurred()) + Expect(marshalNoEscapeBytes).To(Equal(expected)) + + marshalBytes, err := json.Marshal(inputMap) + Expect(err).ToNot(HaveOccurred()) + Expect(marshalBytes).To(Equal(expected)) + + Expect(marshalNoEscapeBytes).To(Equal(marshalBytes)) + }) + + It("returns empty byte array properly", func() { + inputMap := map[string]string{} + expected := []byte(`{}`) + + marshalNoEscapeBytes, err := marshalJSONNoHTMLEscape(inputMap) + Expect(err).ToNot(HaveOccurred()) + Expect(marshalNoEscapeBytes).To(Equal(expected)) + + marshalBytes, err := json.Marshal(inputMap) + Expect(err).ToNot(HaveOccurred()) + Expect(marshalBytes).To(Equal(expected)) + + Expect(marshalNoEscapeBytes).To(Equal(marshalBytes)) + }) + }) +}) diff --git a/go.mod b/go.mod index 9022b8673..d2429fcaa 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,6 @@ module github.com/Peripli/service-manager go 1.14 require ( - github.com/AlekSi/gocov-xml v1.0.0 // indirect github.com/DATA-DOG/go-sqlmock v1.3.1-0.20180720083239-852fc940e4b9 github.com/InVisionApp/go-health v2.1.0+incompatible github.com/InVisionApp/go-logger v1.0.1 @@ -11,7 +10,6 @@ require ( github.com/Microsoft/go-winio v0.4.16 // indirect github.com/ajg/form v1.5.1 // indirect github.com/antlr/antlr4 v0.0.0-20210105192202-5c2b686f95e1 - github.com/axw/gocov v1.1.0 // indirect github.com/benjamintf1/unmarshalledmatchers v1.0.0 github.com/cloudfoundry-community/go-cfenv v1.17.1-0.20171115121958-e84b5c116637 github.com/containerd/containerd v1.4.3 // indirect @@ -34,13 +32,12 @@ require ( github.com/gorilla/websocket v1.4.2 github.com/imkira/go-interpol v1.1.0 // indirect github.com/jmoiron/sqlx v1.2.1-0.20201120164427-00c6e74d816a - github.com/jstemmer/go-junit-report v1.0.0 // indirect github.com/k0kubun/colorstring v0.0.0-20150214042306-9440f1994b88 // indirect - github.com/klauspost/compress v1.11.6 // indirect github.com/konsorten/go-windows-terminal-sequences v1.0.3 // indirect github.com/kubernetes-sigs/go-open-service-broker-client v0.0.0-20180330214919-dca737037ce6 github.com/lib/pq v1.9.0 github.com/magiconair/properties v1.8.4 // indirect + github.com/mattn/go-colorable v0.1.8 // indirect github.com/mitchellh/mapstructure v1.4.0 github.com/moby/term v0.0.0-20201216013528-df9cb8a40635 // indirect github.com/morikuni/aec v1.0.0 // indirect @@ -59,26 +56,25 @@ require ( github.com/spf13/jwalterweatherman v1.1.0 // indirect github.com/spf13/pflag v1.0.3 github.com/spf13/viper v1.7.1 - github.com/t-yuki/gocover-cobertura v0.0.0-20180217150009-aaee18c8195c // indirect + github.com/stretchr/testify v1.7.1 // indirect github.com/tidwall/gjson v1.9.3 github.com/tidwall/sjson v1.1.4 github.com/ulule/limiter v2.2.2+incompatible - github.com/valyala/bytebufferpool v1.0.0 // indirect - github.com/valyala/fasthttp v1.34.0 + github.com/valyala/fasthttp v1.38.0 // indirect github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect github.com/xeipuuv/gojsonschema v1.2.0 // indirect github.com/yalp/jsonpath v0.0.0-20180802001716-5cc68e5049a0 // indirect github.com/yudai/gojsondiff v0.0.0-20170107030110-7b1b7adf999d // indirect github.com/yudai/golcs v0.0.0-20170316035057-ecda9a501e82 // indirect github.com/yudai/pp v2.0.1+incompatible // indirect - golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad + golang.org/x/crypto v0.0.0-20220214200702-86341886e292 golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5 google.golang.org/appengine v1.6.7 // indirect gopkg.in/DATA-DOG/go-sqlmock.v1 v1.3.0 // indirect gopkg.in/ini.v1 v1.62.0 // indirect gopkg.in/square/go-jose.v2 v2.5.1 + gopkg.in/yaml.v2 v2.4.0 gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect - gotest.tools/gotestsum v1.8.0 // indirect gotest.tools/v3 v3.0.3 // indirect ) diff --git a/go.sum b/go.sum index 3f49b0d42..710c3dde6 100644 --- a/go.sum +++ b/go.sum @@ -32,8 +32,6 @@ cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohl cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= -github.com/AlekSi/gocov-xml v1.0.0 h1:4QctJBgXEkbzeKz6PJy6bt3JSPNSN4I2mITYW+eKUoQ= -github.com/AlekSi/gocov-xml v1.0.0/go.mod h1:J0qYeZ6tDg4oZubW9mAAgxlqw39PDfoEkzB3HXSbEuA= github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 h1:w+iIsaOQNcT7OZ575w+acHgRric5iCyQh+xv+KJ4HB8= github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= @@ -53,14 +51,13 @@ github.com/ajg/form v1.5.1 h1:t9c7v8JUKu/XxOGBU0yjNpaMloxGEJhUkqFRq0ibGeU= github.com/ajg/form v1.5.1/go.mod h1:uL1WgH+h2mgNtvBq0339dVnzXdBETtL2LeUXaIv25UY= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= +github.com/andybalholm/brotli v1.0.4 h1:V7DdXeJtZscaqfNuAdSRuRFzuiKlHSC/Zh3zl9qY3JY= +github.com/andybalholm/brotli v1.0.4/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig= github.com/antlr/antlr4 v0.0.0-20210105192202-5c2b686f95e1 h1:9K5yytxEEQc4yIn6c1rvQD6qQilQn9mYIF7pXKPT8i4= github.com/antlr/antlr4 v0.0.0-20210105192202-5c2b686f95e1/go.mod h1:T7PbCXFs94rrTttyxjbyT5+/1V8T2TYDejxUfHJjw1Y= github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o= github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY= github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= -github.com/axw/gocov v1.0.0/go.mod h1:LvQpEYiwwIb2nYkXY2fDWhg9/AsYqkhmrCshjlUJECE= -github.com/axw/gocov v1.1.0 h1:y5U1krExoJDlb/kNtzxyZQmNRprFOFCutWbNjcQvmVM= -github.com/axw/gocov v1.1.0/go.mod h1:H9G4tivgdN3pYSSVrTFBr6kGDCmAkgbJhtxFzAvgcdw= github.com/benjamintf1/unmarshalledmatchers v1.0.0 h1:JUhctHQVNarMXg5x3m0Tkp7WnDLzNVxeWc1qbKQPylI= github.com/benjamintf1/unmarshalledmatchers v1.0.0/go.mod h1:IVZdtAzpNyBTuhobduAjo5CjTLczWWbiXnWDVxIgSko= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= @@ -92,8 +89,6 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= -github.com/dnephin/pflag v1.0.7 h1:oxONGlWxhmUct0YzKTgrpQv9AUA1wtPBn7zuSjJqptk= -github.com/dnephin/pflag v1.0.7/go.mod h1:uxE91IoWURlOiTUIA8Mq5ZZkAv3dPUfZNaT80Zm7OQE= github.com/docker/distribution v2.7.1+incompatible h1:a5mlkVzth6W5A4fOsS3D2EO5BUmsJpcB+cRlLU7cSug= github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docker/docker v20.10.2+incompatible h1:vFgEHPqWBTp4pTjdLwjAA4bSo3gvIGOYwuJTlEjVBCw= @@ -107,8 +102,6 @@ github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.m github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= -github.com/fatih/color v1.10.0 h1:s36xzo75JdqLaaWoiEHk767eHiwo0598uUxyfiPkDsg= -github.com/fatih/color v1.10.0/go.mod h1:ELkj/draVOlAH/xkhN6mQ50Qd0MPOk5AAr3maGEBuJM= github.com/fatih/structs v1.0.0 h1:BrX964Rv5uQ3wwS+KRUAJCBBw5PQmgJfJ6v4yly5QwU= github.com/fatih/structs v1.0.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= @@ -193,8 +186,6 @@ github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hf github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= -github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4= -github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8= @@ -237,13 +228,9 @@ github.com/imkira/go-interpol v1.1.0/go.mod h1:z0h2/2T3XF8kyEPpRgJ3kmNv+C43p+I/C github.com/jmoiron/sqlx v1.2.1-0.20201120164427-00c6e74d816a h1:74FsVHi8zuvyUTv1W3Wry/oiAQYhZzcB5vEKLYEAv0E= github.com/jmoiron/sqlx v1.2.1-0.20201120164427-00c6e74d816a/go.mod h1:ClpsPFzLpSBl7MvJ+BhV0JHz4vmKRBarpvZ9644v9Oo= github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= -github.com/jonboulle/clockwork v0.2.2 h1:UOGuzwb1PwsrDAObMuhUnj0p5ULPj8V/xJ7Kx9qUBdQ= -github.com/jonboulle/clockwork v0.2.2/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8= github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= -github.com/jstemmer/go-junit-report v1.0.0 h1:8X1gzZpR+nVQLAht+L/foqOeX2l9DTZoaIPbEQHxsds= -github.com/jstemmer/go-junit-report v1.0.0/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo= github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= @@ -251,8 +238,8 @@ github.com/k0kubun/colorstring v0.0.0-20150214042306-9440f1994b88 h1:uC1QfSlInpQ github.com/k0kubun/colorstring v0.0.0-20150214042306-9440f1994b88/go.mod h1:3w7q1U84EfirKl04SVQ/s7nPm1ZPhiXd34z40TNz36k= github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/klauspost/compress v1.11.6 h1:EgWPCW6O3n1D5n99Zq3xXBt9uCwRGvpwGOusOLNBRSQ= -github.com/klauspost/compress v1.11.6/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= +github.com/klauspost/compress v1.15.0 h1:xqfchp4whNFxn5A4XFyyYtitiWI8Hy5EW59jEwcyL6U= +github.com/klauspost/compress v1.15.0/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.3 h1:CE8S1cTafDpPvMhIxNJKvHsGVBgn1xWYf1NbHQhywc8= github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= @@ -271,11 +258,9 @@ github.com/lib/pq v1.9.0/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/magiconair/properties v1.8.4 h1:8KGKTcQQGm0Kv7vEbKFErAoAOFyyacLStRtQSeYtvkY= github.com/magiconair/properties v1.8.4/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= -github.com/mattn/go-colorable v0.0.9 h1:UVL0vNpWh04HeJXV0KLcaT7r06gOH2l4OW6ddYRUIY4= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= github.com/mattn/go-colorable v0.1.8 h1:c1ghPdyEDarC70ftn0y+A/Ee++9zz8ljHG1b13eJ0s8= github.com/mattn/go-colorable v0.1.8/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= -github.com/mattn/go-isatty v0.0.3 h1:ns/ykhmWi7G9O+8a448SecJU3nSMBXJfqQkl0upE1jI= github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= github.com/mattn/go-isatty v0.0.12 h1:wuysRhFDzyxgEmMf5xjvJ2M9dZoWAXNNr5LSBS7uHXY= github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= @@ -380,14 +365,11 @@ github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXf github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= -github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1 h1:5TQK59W5E3v0r2duFAb7P95B6hEeOyEnHRa8MjYSMTY= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/subosito/gotenv v1.2.0 h1:Slr1R9HxAlEKefgq5jn9U+DnETlIUa6HfgEzj0g5d7s= github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= -github.com/t-yuki/gocover-cobertura v0.0.0-20180217150009-aaee18c8195c h1:+aPplBwWcHBo6q9xrfWdMrT9o4kltkmmvpemgIjep/8= -github.com/t-yuki/gocover-cobertura v0.0.0-20180217150009-aaee18c8195c/go.mod h1:SbErYREK7xXdsRiigaQiQkI9McGRzYMvlKYaP3Nimdk= github.com/tidwall/gjson v1.6.7/go.mod h1:zeFuBCIqD4sN/gmqBzZ4j7Jd6UcA2Fc56x7QFsv+8fI= github.com/tidwall/gjson v1.9.3 h1:hqzS9wAHMO+KVBBkLxYdkEeeFHuqr95GfClRLKlgK0E= github.com/tidwall/gjson v1.9.3/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk= @@ -404,8 +386,9 @@ github.com/ulule/limiter v2.2.2+incompatible h1:1lk9jesmps1ziYHHb4doL7l5hFkYYYA3 github.com/ulule/limiter v2.2.2+incompatible/go.mod h1:VJx/ZNGmClQDS5F6EmsGqK8j3jz1qJYZ6D9+MdAD+kw= github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw= github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= -github.com/valyala/fasthttp v0.0.0-20171207120941-e5f51c11919d h1:pAXG0woN37FQD08beB53orVchWU97qUUdjKtSuMGqi4= -github.com/valyala/fasthttp v0.0.0-20171207120941-e5f51c11919d/go.mod h1:+g/po7GqyG5E+1CNgquiIxJnsXEi5vwFn5weFujbO78= +github.com/valyala/fasthttp v1.38.0 h1:yTjSSNjuDi2PPvXY2836bIwLmiTS2T4T9p1coQshpco= +github.com/valyala/fasthttp v1.38.0/go.mod h1:t/G+3rLek+CyY9bnIE+YlMRddxVAAGjhxndDB4i4C0I= +github.com/valyala/tcplisten v1.0.0/go.mod h1:T0xQ8SeCZGxckz9qRXTfG43PvQ/mcWh7FwZEA7Ioqkc= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb h1:zGWFAtiMcyryUHoUjUJX0/lt1H2+i2Ka2n+D3DImSNo= github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= @@ -443,8 +426,8 @@ golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad h1:DN0cp81fZ3njFcrLCytUHRSUkqBjfTo4Tx9RJTWs0EY= -golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= +golang.org/x/crypto v0.0.0-20220214200702-86341886e292 h1:f+lwQ+GtmgoY+A2YaQxlSOnDjXcQ7ZRLWOHbC6HtRqE= +golang.org/x/crypto v0.0.0-20220214200702-86341886e292/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -474,7 +457,6 @@ golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.3.0 h1:RM4zey1++hCTbCVQfnWeKs9/IEsaBLA8vTkd0WVtmH4= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -510,6 +492,7 @@ golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81R golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= +golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220225172249-27dd8689420f h1:oA4XRj0qtSt8Yo1Zms0CUlsT3KG69V2UGQWPBxujDmc= golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= @@ -527,7 +510,6 @@ golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9 h1:SQFwaSi55rU7vdNs9Yr0Z324VNlrF+0wMqRXT4St8ck= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -548,7 +530,6 @@ golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -571,14 +552,12 @@ golang.org/x/sys v0.0.0-20200831180312-196b9ba8737a/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e h1:fLOSk5Q00efkSvAm+4xcoXD+RRmLmmulPn5I3Y9F2EM= golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= +golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9 h1:nhht2DYV/Sn3qOayu8lM+cU1ii9sTLUeBQwQQfUHtrs= +golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 h1:JGgROgKl9N8DuW20oFS5gxc+lE67/N3FcwmBPMe7ArY= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -604,7 +583,6 @@ golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBn golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190617190820-da514acc4774/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190624222133-a101b041ded4/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= @@ -638,8 +616,6 @@ golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.1.0 h1:po9/4sTYwZU9lPhi1tOrb4hCv3qrhiQ77LZfGa2OjwY= -golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -742,11 +718,16 @@ gopkg.in/square/go-jose.v2 v2.5.1 h1:7odma5RETjNHWJnR32wx8t+Io4djHE1PqxCFx3iiZ2w gopkg.in/square/go-jose.v2 v2.5.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= +gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= +gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo= gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gotest.tools/gotestsum v1.8.0 h1:ltj5KWhbQjt1Yx+IPBj0Dk2HVDUs9OlLmGC2JvivTMo= -gotest.tools/gotestsum v1.8.0/go.mod h1:ctqdxBSCPv80kAFjYvFNpPntBrE5HAQnLiOKBGLmOBs= gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk= gotest.tools/v3 v3.0.3 h1:4AuOwCGf4lLR9u3YOe2awrHygurzhO/HeQ6laiA6Sx0= gotest.tools/v3 v3.0.3/go.mod h1:Z7Lb0S5l+klDB31fvDQX8ss/FlKDxtlFlw3Oa8Ymbl8= diff --git a/test/common/context_signature.go b/test/common/context_signature.go index 379c93ab0..8c64c4a65 100644 --- a/test/common/context_signature.go +++ b/test/common/context_signature.go @@ -22,6 +22,8 @@ import ( "net/http" ) +const CFOrgNameWithSpecialChars = "Test & Org < with > special = chars" + var ( CFContext = `{ "service_id": "%s", @@ -30,6 +32,7 @@ var ( "context":{ "platform":"cloudfoundry", "organization_guid":"1113aa0-124e-4af2-1526-6bfacf61b111", + "organization_name": "%s", "space_guid":"aaaa1234-da91-4f12-8ffa-b51d0336aaaa", "instance_name":"%s", "extra_metadata":{ @@ -132,7 +135,7 @@ func VerifySignatureNotPersisted(ctx *TestContext, objType types.ObjectType, id func GetOsbProvisionFunc(ctx *TestContext, instanceID, osbURL, catalogServiceID, catalogPlanID string) func() string { return func() string { ctx.SMWithBasic.PUT(osbURL + "/v2/service_instances/" + instanceID). - WithBytes([]byte(fmt.Sprintf(CFContext, catalogServiceID, catalogPlanID, "instance-name"))). + WithBytes([]byte(fmt.Sprintf(CFContext, catalogServiceID, catalogPlanID, CFOrgNameWithSpecialChars, "instance-name"))). Expect(). Status(http.StatusCreated) return instanceID @@ -158,7 +161,7 @@ func GetSMAAPProvisionInstanceFunc(ctx *TestContext, async, planID string) func( func OsbBind(ctx *TestContext, instanceID, bindingID, osbURL, catalogServiceID, catalogPlanID string) *httpexpect.Response { return ctx.SMWithBasic.PUT(osbURL + "/v2/service_instances/" + instanceID + "/service_bindings/" + bindingID). - WithJSON(JSONToMap(fmt.Sprintf(CFContext, catalogServiceID, catalogPlanID, "instance-name"))). + WithJSON(JSONToMap(fmt.Sprintf(CFContext, catalogServiceID, catalogPlanID, CFOrgNameWithSpecialChars, "instance-name"))). Expect(). Status(http.StatusCreated) } diff --git a/test/service_instance_and_binding_test/context_signature/context_signature_test.go b/test/service_instance_and_binding_test/context_signature/context_signature_test.go index c1604d6ac..947e7ffba 100644 --- a/test/service_instance_and_binding_test/context_signature/context_signature_test.go +++ b/test/service_instance_and_binding_test/context_signature/context_signature_test.go @@ -28,7 +28,7 @@ var _ = Describe("context signature verification tests", func() { provisionFunc = common.GetOsbProvisionFunc(ctx, instanceID, osbURL, catalogServiceID, catalogPlanID) }) When("provisioning a service instance", func() { - It("should have a valid context signature on the request body", func() { + FIt("should have a valid context signature on the request body", func() { common.ProvisionInstanceAndVerifySignature(ctx, brokerServer, provisionFunc, publicKeyStr) }) }) @@ -36,7 +36,7 @@ var _ = Describe("context signature verification tests", func() { It("should have a valid context signature on the request body", func() { common.ProvisionInstanceAndVerifySignature(ctx, brokerServer, provisionFunc, publicKeyStr) ctx.SMWithBasic.PATCH(osbURL + "/v2/service_instances/" + instanceID). - WithJSON(common.JSONToMap(fmt.Sprintf(common.CFContext, catalogServiceID, catalogPlanID, "updated-instance-name"))). + WithJSON(common.JSONToMap(fmt.Sprintf(common.CFContext, catalogServiceID, catalogPlanID, common.CFOrgNameWithSpecialChars, "updated-instance-name"))). Expect(). Status(http.StatusOK) common.VerifySignatureNotPersisted(ctx, types.ServiceInstanceType, instanceID) From a0ddc4eabe33a83336ea600bfa971e76308ce45e Mon Sep 17 00:00:00 2001 From: evyaffe Date: Tue, 28 Jun 2022 16:53:43 +0300 Subject: [PATCH 2/3] remove test focus --- .../context_signature/context_signature_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/service_instance_and_binding_test/context_signature/context_signature_test.go b/test/service_instance_and_binding_test/context_signature/context_signature_test.go index 947e7ffba..10ddf21ca 100644 --- a/test/service_instance_and_binding_test/context_signature/context_signature_test.go +++ b/test/service_instance_and_binding_test/context_signature/context_signature_test.go @@ -28,7 +28,7 @@ var _ = Describe("context signature verification tests", func() { provisionFunc = common.GetOsbProvisionFunc(ctx, instanceID, osbURL, catalogServiceID, catalogPlanID) }) When("provisioning a service instance", func() { - FIt("should have a valid context signature on the request body", func() { + It("should have a valid context signature on the request body", func() { common.ProvisionInstanceAndVerifySignature(ctx, brokerServer, provisionFunc, publicKeyStr) }) }) From 7de8e9f4b770eb68a9e6d4fc73b43e5e273a9219 Mon Sep 17 00:00:00 2001 From: evyaffe Date: Tue, 28 Jun 2022 18:19:31 +0300 Subject: [PATCH 3/3] tests --- api/osb/utils_test.go | 6 ++--- test/common/context_signature.go | 23 +++++++++++++------ .../context_signature_test.go | 18 +++++++-------- 3 files changed, 28 insertions(+), 19 deletions(-) diff --git a/api/osb/utils_test.go b/api/osb/utils_test.go index bbf9254b3..3a9acee79 100644 --- a/api/osb/utils_test.go +++ b/api/osb/utils_test.go @@ -9,9 +9,9 @@ import ( var _ = Describe("OSB Controller Utils test", func() { Describe("marshalJSONNoHTMLEscape", func() { It("keeps special characters", func() { - inputMap := map[string]string{"prop": "a & b"} - expected := []byte(`{"prop":"a & b"}`) - notExpected := []byte(`{"prop":"a \u0026 b"}`) + inputMap := map[string]string{"ampersand": "a & b", "smallerThen": "a < b", "biggerThen": "a > b"} + expected := []byte(`{"ampersand":"a & b","biggerThen":"a > b","smallerThen":"a < b"}`) + notExpected := []byte(`{"ampersand":"a \u0026 b","biggerThen":"a \u003e b","smallerThen":"a \u003c b"}`) marshalNoEscapeBytes, err := marshalJSONNoHTMLEscape(inputMap) Expect(err).ToNot(HaveOccurred()) diff --git a/test/common/context_signature.go b/test/common/context_signature.go index 8c64c4a65..b7b4189d8 100644 --- a/test/common/context_signature.go +++ b/test/common/context_signature.go @@ -22,7 +22,7 @@ import ( "net/http" ) -const CFOrgNameWithSpecialChars = "Test & Org < with > special = chars" +const StringWithSpecialChars = "Test & string < with > special chars &" var ( CFContext = `{ @@ -32,7 +32,7 @@ var ( "context":{ "platform":"cloudfoundry", "organization_guid":"1113aa0-124e-4af2-1526-6bfacf61b111", - "organization_name": "%s", + "string_with_special_chars": "%s", "space_guid":"aaaa1234-da91-4f12-8ffa-b51d0336aaaa", "instance_name":"%s", "extra_metadata":{ @@ -43,7 +43,7 @@ var ( }` ) -func GetVerifyContextHandlerFunc(publicKeyStr string) func(http.ResponseWriter, *http.Request) { +func GetVerifyContextHandlerFunc(publicKeyStr string, isOSB bool) func(http.ResponseWriter, *http.Request) { return func(rw http.ResponseWriter, r *http.Request) { defer GinkgoRecover() bytes, err := util.BodyToBytes(r.Body) @@ -61,6 +61,15 @@ func GetVerifyContextHandlerFunc(publicKeyStr string) func(http.ResponseWriter, instanceID := gjson.GetBytes(bytes, "context.service_instance_id") Expect(instanceID.Exists()).To(Equal(true), "context should have a service_instance_id field") + if isOSB { + //verify string_with_special_chars was not html escaped + specialCharStr := gjson.GetBytes(bytes, "context.string_with_special_chars").Raw // not using String() as it automatically converts the escaped string to a normal one + Expect(specialCharStr).To(Equal(fmt.Sprintf(`"%s"`, StringWithSpecialChars)), "context should have a non escaped string_with_special_chars") + notExpectedOrgName, err := json.Marshal(StringWithSpecialChars) + Expect(err).ToNot(HaveOccurred()) + Expect(specialCharStr).ToNot(Equal(notExpectedOrgName)) + } + //decode the public key key, err := base64.StdEncoding.DecodeString(publicKeyStr) Expect(err).ToNot(HaveOccurred()) @@ -135,7 +144,7 @@ func VerifySignatureNotPersisted(ctx *TestContext, objType types.ObjectType, id func GetOsbProvisionFunc(ctx *TestContext, instanceID, osbURL, catalogServiceID, catalogPlanID string) func() string { return func() string { ctx.SMWithBasic.PUT(osbURL + "/v2/service_instances/" + instanceID). - WithBytes([]byte(fmt.Sprintf(CFContext, catalogServiceID, catalogPlanID, CFOrgNameWithSpecialChars, "instance-name"))). + WithBytes([]byte(fmt.Sprintf(CFContext, catalogServiceID, catalogPlanID, StringWithSpecialChars, "instance-name"))). Expect(). Status(http.StatusCreated) return instanceID @@ -161,7 +170,7 @@ func GetSMAAPProvisionInstanceFunc(ctx *TestContext, async, planID string) func( func OsbBind(ctx *TestContext, instanceID, bindingID, osbURL, catalogServiceID, catalogPlanID string) *httpexpect.Response { return ctx.SMWithBasic.PUT(osbURL + "/v2/service_instances/" + instanceID + "/service_bindings/" + bindingID). - WithJSON(JSONToMap(fmt.Sprintf(CFContext, catalogServiceID, catalogPlanID, CFOrgNameWithSpecialChars, "instance-name"))). + WithJSON(JSONToMap(fmt.Sprintf(CFContext, catalogServiceID, catalogPlanID, StringWithSpecialChars, "instance-name"))). Expect(). Status(http.StatusCreated) } @@ -181,8 +190,8 @@ func SmaapBind(ctx *TestContext, async, instanceID string) string { return resp.JSON().Object().Value("id").String().Raw() } -func ProvisionInstanceAndVerifySignature(ctx *TestContext, brokerServer *BrokerServer, provisionFunc func() string, publicKeyStr string) string { - brokerServer.ServiceInstanceHandler = GetVerifyContextHandlerFunc(publicKeyStr) +func ProvisionInstanceAndVerifySignature(ctx *TestContext, brokerServer *BrokerServer, provisionFunc func() string, publicKeyStr string, isOSB bool) string { + brokerServer.ServiceInstanceHandler = GetVerifyContextHandlerFunc(publicKeyStr, isOSB) instanceID := provisionFunc() diff --git a/test/service_instance_and_binding_test/context_signature/context_signature_test.go b/test/service_instance_and_binding_test/context_signature/context_signature_test.go index 10ddf21ca..66a5c0da2 100644 --- a/test/service_instance_and_binding_test/context_signature/context_signature_test.go +++ b/test/service_instance_and_binding_test/context_signature/context_signature_test.go @@ -29,14 +29,14 @@ var _ = Describe("context signature verification tests", func() { }) When("provisioning a service instance", func() { It("should have a valid context signature on the request body", func() { - common.ProvisionInstanceAndVerifySignature(ctx, brokerServer, provisionFunc, publicKeyStr) + common.ProvisionInstanceAndVerifySignature(ctx, brokerServer, provisionFunc, publicKeyStr, true) }) }) When("updating a service instance", func() { It("should have a valid context signature on the request body", func() { - common.ProvisionInstanceAndVerifySignature(ctx, brokerServer, provisionFunc, publicKeyStr) + common.ProvisionInstanceAndVerifySignature(ctx, brokerServer, provisionFunc, publicKeyStr, true) ctx.SMWithBasic.PATCH(osbURL + "/v2/service_instances/" + instanceID). - WithJSON(common.JSONToMap(fmt.Sprintf(common.CFContext, catalogServiceID, catalogPlanID, common.CFOrgNameWithSpecialChars, "updated-instance-name"))). + WithJSON(common.JSONToMap(fmt.Sprintf(common.CFContext, catalogServiceID, catalogPlanID, common.StringWithSpecialChars, "updated-instance-name"))). Expect(). Status(http.StatusOK) common.VerifySignatureNotPersisted(ctx, types.ServiceInstanceType, instanceID) @@ -44,9 +44,9 @@ var _ = Describe("context signature verification tests", func() { }) When("binding a service instance", func() { It("should have a context signature on the request body", func() { - common.ProvisionInstanceAndVerifySignature(ctx, brokerServer, provisionFunc, publicKeyStr) + common.ProvisionInstanceAndVerifySignature(ctx, brokerServer, provisionFunc, publicKeyStr, true) - brokerServer.BindingHandler = common.GetVerifyContextHandlerFunc(publicKeyStr) + brokerServer.BindingHandler = common.GetVerifyContextHandlerFunc(publicKeyStr, false) bindingID := "signed-ctx-instance-binding-id" common.OsbBind(ctx, instanceID, bindingID, osbURL, catalogServiceID, catalogPlanID) @@ -70,12 +70,12 @@ var _ = Describe("context signature verification tests", func() { }) When("provisioning a service instance", func() { It("should have a valid context signature on the request body", func() { - common.ProvisionInstanceAndVerifySignature(ctx, brokerServer, provisionFunc, publicKeyStr) + common.ProvisionInstanceAndVerifySignature(ctx, brokerServer, provisionFunc, publicKeyStr, false) }) }) When("updating a service instance", func() { It("should have a valid context signature on the request body", func() { - instanceID := common.ProvisionInstanceAndVerifySignature(ctx, brokerServer, provisionFunc, publicKeyStr) + instanceID := common.ProvisionInstanceAndVerifySignature(ctx, brokerServer, provisionFunc, publicKeyStr, false) patchRequestBody := common.Object{ "name": "updated-test-instance", } @@ -94,9 +94,9 @@ var _ = Describe("context signature verification tests", func() { }) When("binding a service instance", func() { It("should have a context signature on the request body", func() { - instanceID := common.ProvisionInstanceAndVerifySignature(ctx, brokerServer, provisionFunc, publicKeyStr) + instanceID := common.ProvisionInstanceAndVerifySignature(ctx, brokerServer, provisionFunc, publicKeyStr, false) - brokerServer.BindingHandler = common.GetVerifyContextHandlerFunc(publicKeyStr) + brokerServer.BindingHandler = common.GetVerifyContextHandlerFunc(publicKeyStr, false) bindingID := common.SmaapBind(ctx, "false", instanceID)