From 6227e2bd07246de7a751b8de8cece6020802c264 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mert=20Yaz=C4=B1c=C4=B1o=C4=9Flu?= Date: Sun, 16 Dec 2018 15:45:40 +0300 Subject: vauth/oauth2: Fix OAUTHBEARER token generation OAUTHBEARER tokens were incorrectly generated in a format similar to XOAUTH2 tokens. These changes make OAUTHBEARER tokens conform to the RFC7628. Fixes: #2487 Reported-by: Paolo Mossino Closes https://github.com/curl/curl/pull/3377 --- tests/data/test842 | 4 ++-- tests/data/test843 | 2 +- tests/data/test844 | 5 +++-- tests/data/test845 | 2 +- tests/data/test887 | 4 ++-- tests/data/test888 | 2 +- tests/data/test889 | 4 ++-- tests/data/test890 | 2 +- tests/data/test946 | 4 ++-- tests/data/test947 | 2 +- tests/data/test948 | 4 ++-- tests/data/test949 | 2 +- 12 files changed, 19 insertions(+), 18 deletions(-) (limited to 'tests') diff --git a/tests/data/test842 b/tests/data/test842 index e86abd430..1d9181e17 100644 --- a/tests/data/test842 +++ b/tests/data/test842 @@ -15,7 +15,7 @@ RFC7628 AUTH OAUTHBEARER REPLY AUTHENTICATE + -REPLY dXNlcj11c2VyAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMwFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== A002 OK AUTHENTICATE completed +REPLY bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMwFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== A002 OK AUTHENTICATE completed From: me@somewhere @@ -53,7 +53,7 @@ perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' A001 CAPABILITY A002 AUTHENTICATE OAUTHBEARER -dXNlcj11c2VyAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMwFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== +bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMwFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== A003 SELECT 842 A004 FETCH 1 BODY[] A005 LOGOUT diff --git a/tests/data/test843 b/tests/data/test843 index e286fd93f..bd39dd907 100644 --- a/tests/data/test843 +++ b/tests/data/test843 @@ -53,7 +53,7 @@ perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' A001 CAPABILITY -A002 AUTHENTICATE OAUTHBEARER dXNlcj11c2VyAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMwFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== +A002 AUTHENTICATE OAUTHBEARER bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMwFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== A003 SELECT 843 A004 FETCH 1 BODY[] A005 LOGOUT diff --git a/tests/data/test844 b/tests/data/test844 index 2cdb265fa..c5093d2b8 100644 --- a/tests/data/test844 +++ b/tests/data/test844 @@ -15,7 +15,8 @@ RFC7628 AUTH OAUTHBEARER REPLY AUTHENTICATE + -REPLY dXNlcj11c2VyAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMwFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== + eyJzdGF0dXMiOiJpbnZhbGlkX3Rva2VuIiwic2NvcGUiOiJleGFtcGxlX3Njb3BlIiwib3BlbmlkLWNvbmZpZ3VyYXRpb24iOiJodHRwczovL2V4YW1wbGUuY29tLy53ZWxsLWtub3duL29wZW5pZC1jb25maWd1cmF0aW9uIn0= +REPLY bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMwFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== + +eyJzdGF0dXMiOiJpbnZhbGlkX3Rva2VuIiwic2NvcGUiOiJleGFtcGxlX3Njb3BlIiwib3BlbmlkLWNvbmZpZ3VyYXRpb24iOiJodHRwczovL2V4YW1wbGUuY29tLy53ZWxsLWtub3duL29wZW5pZC1jb25maWd1cmF0aW9uIn0= REPLY AQ== A002 NO Authentication failed @@ -52,7 +53,7 @@ perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' A001 CAPABILITY A002 AUTHENTICATE OAUTHBEARER -dXNlcj11c2VyAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMwFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== +bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMwFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== AQ== diff --git a/tests/data/test845 b/tests/data/test845 index d8b557488..70562c7ab 100644 --- a/tests/data/test845 +++ b/tests/data/test845 @@ -52,7 +52,7 @@ perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' # transfer and such a connection will not get a "LOGOUT" A001 CAPABILITY -A002 AUTHENTICATE OAUTHBEARER dXNlcj11c2VyAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMwFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== +A002 AUTHENTICATE OAUTHBEARER bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMwFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== AQ== diff --git a/tests/data/test887 b/tests/data/test887 index fed4e3d92..35419b502 100644 --- a/tests/data/test887 +++ b/tests/data/test887 @@ -17,7 +17,7 @@ RFC7628 AUTH OAUTHBEARER REPLY AUTH + -REPLY dXNlcj11c2VyAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== +OK Login successful +REPLY bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== +OK Login successful From: me@somewhere @@ -55,7 +55,7 @@ perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' CAPA AUTH OAUTHBEARER -dXNlcj11c2VyAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== +bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== RETR 887 QUIT diff --git a/tests/data/test888 b/tests/data/test888 index c52974f19..78463feaa 100644 --- a/tests/data/test888 +++ b/tests/data/test888 @@ -54,7 +54,7 @@ perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' CAPA -AUTH OAUTHBEARER dXNlcj11c2VyAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== +AUTH OAUTHBEARER bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== RETR 888 QUIT diff --git a/tests/data/test889 b/tests/data/test889 index da26a3729..2edb371e9 100644 --- a/tests/data/test889 +++ b/tests/data/test889 @@ -17,7 +17,7 @@ RFC7628 AUTH OAUTHBEARER REPLY AUTH + -REPLY dXNlcj11c2VyAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== + eyJzdGF0dXMiOiJpbnZhbGlkX3Rva2VuIiwic2NvcGUiOiJleGFtcGxlX3Njb3BlIiwib3BlbmlkLWNvbmZpZ3VyYXRpb24iOiJodHRwczovL2V4YW1wbGUuY29tLy53ZWxsLWtub3duL29wZW5pZC1jb25maWd1cmF0aW9uIn0 +REPLY bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== + eyJzdGF0dXMiOiJpbnZhbGlkX3Rva2VuIiwic2NvcGUiOiJleGFtcGxlX3Njb3BlIiwib3BlbmlkLWNvbmZpZ3VyYXRpb24iOiJodHRwczovL2V4YW1wbGUuY29tLy53ZWxsLWtub3duL29wZW5pZC1jb25maWd1cmF0aW9uIn0 REPLY AQ== -ERR Authentication failed @@ -54,7 +54,7 @@ perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' CAPA AUTH OAUTHBEARER -dXNlcj11c2VyAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== +bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== AQ== diff --git a/tests/data/test890 b/tests/data/test890 index 30aa0b232..ca0ccc7b5 100644 --- a/tests/data/test890 +++ b/tests/data/test890 @@ -53,7 +53,7 @@ perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' # transfer and such a connection will not get a "QUIT" CAPA -AUTH OAUTHBEARER dXNlcj11c2VyAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== +AUTH OAUTHBEARER bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwMQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== AQ== diff --git a/tests/data/test946 b/tests/data/test946 index da4b924f9..c6753dc1e 100644 --- a/tests/data/test946 +++ b/tests/data/test946 @@ -16,7 +16,7 @@ RFC7628 AUTH OAUTHBEARER REPLY AUTH 334 OAUTHBEARER supported -REPLY dXNlcj11c2VyAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwNQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== 235 Authenticated +REPLY bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwNQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== 235 Authenticated @@ -48,7 +48,7 @@ perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' EHLO 946 AUTH OAUTHBEARER -dXNlcj11c2VyAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwNQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== +bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwNQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== MAIL FROM: RCPT TO: DATA diff --git a/tests/data/test947 b/tests/data/test947 index d33a55931..03c3fbe37 100644 --- a/tests/data/test947 +++ b/tests/data/test947 @@ -47,7 +47,7 @@ perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' EHLO 947 -AUTH OAUTHBEARER dXNlcj11c2VyAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwNQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== +AUTH OAUTHBEARER bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwNQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== MAIL FROM: RCPT TO: DATA diff --git a/tests/data/test948 b/tests/data/test948 index 9c1e31deb..8385f0cd2 100644 --- a/tests/data/test948 +++ b/tests/data/test948 @@ -16,7 +16,7 @@ RFC7628 AUTH OAUTHBEARER REPLY AUTH 334 OAUTHBEARER supported -REPLY dXNlcj11c2VyAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwNQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== 334 eyJzdGF0dXMiOiJpbnZhbGlkX3Rva2VuIiwic2NvcGUiOiJleGFtcGxlX3Njb3BlIiwib3BlbmlkLWNvbmZpZ3VyYXRpb24iOiJodHRwczovL2V4YW1wbGUuY29tLy53ZWxsLWtub3duL29wZW5pZC1jb25maWd1cmF0aW9uIn0 +REPLY bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwNQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== 334 eyJzdGF0dXMiOiJpbnZhbGlkX3Rva2VuIiwic2NvcGUiOiJleGFtcGxlX3Njb3BlIiwib3BlbmlkLWNvbmZpZ3VyYXRpb24iOiJodHRwczovL2V4YW1wbGUuY29tLy53ZWxsLWtub3duL29wZW5pZC1jb25maWd1cmF0aW9uIn0 REPLY AQ== 535 Username and Password not accepted. Learn more at\r\n535 http://support.example.com/mail/oauth @@ -56,7 +56,7 @@ perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' EHLO 948 AUTH OAUTHBEARER -dXNlcj11c2VyAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwNQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== +bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwNQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== AQ== diff --git a/tests/data/test949 b/tests/data/test949 index 9145d61e9..345940077 100644 --- a/tests/data/test949 +++ b/tests/data/test949 @@ -55,7 +55,7 @@ perl -e "print 'Test requires default test server host and port' if ( '%HOSTIP' # transfer and such a connection will not get a "QUIT" EHLO 949 -AUTH OAUTHBEARER dXNlcj11c2VyAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwNQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== +AUTH OAUTHBEARER bixhPXVzZXIsAWhvc3Q9MTI3LjAuMC4xAXBvcnQ9OTAwNQFhdXRoPUJlYXJlciBtRl85LkI1Zi00LjFKcU0BAQ== AQ== -- cgit v1.2.3