Bug 1527316
| Summary: | CFME - usage of non standard special characters (e.g. accents) in password causes user is not able to login | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat CloudForms Management Engine | Reporter: | Vladimir Dulava <vdulava> | ||||
| Component: | UI - Service | Assignee: | Martin Hradil <mhradil> | ||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Mike Shriver <mshriver> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | high | ||||||
| Version: | 5.8.0 | CC: | awight, bascar, cpelland, dclarizi, greartes, juwatts, lavenel, mpusater, obarenbo, simaishi, smallamp, vdulava | ||||
| Target Milestone: | GA | Keywords: | TestOnly, ZStream | ||||
| Target Release: | 5.10.0 | ||||||
| Hardware: | x86_64 | ||||||
| OS: | Linux | ||||||
| Whiteboard: | auth:db | ||||||
| Fixed In Version: | 5.10.0.0 | Doc Type: | If docs needed, set a value | ||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | |||||||
| : | 1562797 1562798 (view as bug list) | Environment: | |||||
| Last Closed: | 2018-07-30 14:45:05 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | Bug | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | CFME Core | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Bug Depends On: | |||||||
| Bug Blocks: | 1562797, 1562798 | ||||||
| Attachments: |
|
||||||
|
Description
Vladimir Dulava
2017-12-19 08:18:19 UTC
*** Bug 1527317 has been marked as a duplicate of this bug. *** Are these uses in database users, or are using some sort of LDAP auth? (In reply to Matt Pusateri from comment #3) > Are these uses in database users, or are using some sort of LDAP auth? Hi, in this case local user (in database) but it doesn't really matter. You can hit this issue just by e.g. typing any French or Czech accent character into password field. It doesn't have to be correct password. There is no communicatione between the client side and the server itself it is blocked by the user end of the app as you can see here (from my reproducer): From the web browser debug: ~~~ InvalidCharacterError: String contains an invalid character application-8300ac8b714be2ce58b31b99836d1bc030e4067369d809b2eb38e05d76d9ed34.js:390 e.login https://t7/assets/application-8300ac8b714be2ce58b31b99836d1bc030e4067369d809b2eb38e05d76d9ed34.js:390:21074 miqAjaxAuth https://t7/assets/application-8300ac8b714be2ce58b31b99836d1bc030e4067369d809b2eb38e05d76d9ed34.js:3:4466 onclick ~~~ Created attachment 1380057 [details]
Looks like this issue is not isolated to the SUI
New commits detected on ManageIQ/manageiq-ui-classic/master: https://github.com/ManageIQ/manageiq-ui-classic/commit/1964cfc54fe0167026899089dda54ea84d4aea21 commit 1964cfc54fe0167026899089dda54ea84d4aea21 Author: Martin Hradil <mhradil> AuthorDate: Mon Mar 26 12:28:12 2018 -0400 Commit: Martin Hradil <mhradil> CommitDate: Mon Mar 26 12:28:12 2018 -0400 base64encode - a utf-8 aware btoa implementation `window.btoa("sněhulák")` fails on InvalidCharacterError: String contains an invalid character because it only expects latin1 chars We need to base64 encode the login:password pair even when the password uses non-latin1 chars :) Implementation adapted from https://developer.mozilla.org/en-US/docs/Web/API/WindowBase64/Base64_encoding_and_decoding#Solution_2_%E2%80%93_rewrite_the_DOMs_atob()_and_btoa()_using_JavaScript's_TypedArrays_and_UTF-8 https://bugzilla.redhat.com/show_bug.cgi?id=1527316 app/javascript/packs/compat-common.js | 8 + package.json | 2 + 2 files changed, 10 insertions(+) https://github.com/ManageIQ/manageiq-ui-classic/commit/6a0688bdc591be091cbb0cd822c9e827a9031745 commit 6a0688bdc591be091cbb0cd822c9e827a9031745 Author: Martin Hradil <mhradil> AuthorDate: Mon Mar 26 12:30:07 2018 -0400 Commit: Martin Hradil <mhradil> CommitDate: Mon Mar 26 12:30:07 2018 -0400 miq_api - use utf8 aware base64encode instead of window.btoa Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1527316 app/assets/javascripts/miq_api.js | 2 - 1 file changed, 2 deletions(-) New commits detected on ManageIQ/manageiq-ui-service/master: https://github.com/ManageIQ/manageiq-ui-self_service/commit/83273df13bd34afc633a07141450307c3c7719dc commit 83273df13bd34afc633a07141450307c3c7719dc Author: Martin Hradil <mhradil> AuthorDate: Mon Mar 26 12:45:15 2018 -0400 Commit: Martin Hradil <mhradil> CommitDate: Mon Mar 26 12:45:15 2018 -0400 Remove angular-base64 suffers from the same problem as window.btoa - can't handle unicode strings https://bugzilla.redhat.com/show_bug.cgi?id=1527316 client/app.js | 1 - client/app/core/authentication-api.factory.js | 2 +- client/app/core/core.module.js | 1 - package.json | 1 - yarn.lock | 6 - 5 files changed, 1 insertion(+), 10 deletions(-) https://github.com/ManageIQ/manageiq-ui-self_service/commit/c635a8a52473342b948269985d97a4371e152e11 commit c635a8a52473342b948269985d97a4371e152e11 Author: Martin Hradil <mhradil> AuthorDate: Mon Mar 26 12:46:17 2018 -0400 Commit: Martin Hradil <mhradil> CommitDate: Mon Mar 26 12:46:17 2018 -0400 base64encode - a utf-8 aware base64encode implementation `window.btoa("sněhulák")` fails on InvalidCharacterError: String contains an invalid character because it only expects latin1 chars `$base64.encode` from `angular-base64` has the same problem. We need to base64 encode the login:password pair even when the password uses non-latin1 chars :) Implementation adapted from https://developer.mozilla.org/en-US/docs/Web/API/WindowBase64/Base64_encoding_and_decoding#Solution_2_%E2%80%93_rewrite_the_DOMs_atob()_and_btoa()_using_JavaScript's_TypedArrays_and_UTF-8 https://bugzilla.redhat.com/show_bug.cgi?id=1527316 client/app/core/authentication-api.factory.js | 9 + package.json | 2 + yarn.lock | 8 +- 3 files changed, 17 insertions(+), 2 deletions(-) https://github.com/ManageIQ/manageiq-ui-self_service/commit/bdbc83b28fee51d20a37d3de7022e90a4d4b2bf6 commit bdbc83b28fee51d20a37d3de7022e90a4d4b2bf6 Author: Martin Hradil <mhradil> AuthorDate: Mon Mar 26 12:46:47 2018 -0400 Commit: Martin Hradil <mhradil> CommitDate: Mon Mar 26 12:46:47 2018 -0400 AuthenticationAPI - use utf8 aware base64encode instead of $base64.encode Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1527316 client/app/core/authentication-api.factory.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Verified release: 5.9.2.2.20180410215257_6961422 Tested logging in with passwords such as ê, ã, ñ. Verified using the auth:database *** Bug 1579501 has been marked as a duplicate of this bug. *** Closing this as its already been verified in two z-streams and has test coverage around it. *** Bug 1579501 has been marked as a duplicate of this bug. *** |