Skip to content

/ chalice

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix for _generate_arn() in AuthResponse #1212

Open
wants to merge 1 commit into
base: master
from
Open

fix for _generate_arn() in AuthResponse #1212

wants to merge 1 commit into from

Conversation

@anthonygrant
Copy link

anthonygrant commented Aug 13, 2019
edited

CustomAuthorizer fails when querystring params contain : or /

If the user passes pathParams that contain : or / and the Chalice app uses a CustomAuthorizer then the incoming_arn will be incorrect. Adding .split('?')[0] fixes this issue.

Issue #, if available:
#1211

Description of changes:
The _generate_arn function in AuthResponse will fail to create the propper arn if querystring parameters are passed that contain : or /. This change simply removes the querystring portion of the url before generating the arn.
@anthonygrant
fix for _generate_arn in AuthResponse
Verified
This commit was created on GitHub.com and signed with a verified signature using GitHub’s key.
GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits
Loading status checks…
2a0e605 
CustomAuthorizer fails when querystring params contain : or /

If the user passes pathParams that contain : or / and the Chalice app uses a CustomAuthorizer then the incoming_arn will be incorrect. Adding .split('?')[0] fixes this issue.
@codecov-io
Copy link

codecov-io commented Aug 13, 2019

Codecov Report

Merging #1212 into master will not change coverage.
The diff coverage is 100%.

Impacted file tree graph

@@           Coverage Diff           @@
##           master    #1212   +/-   ##
=======================================
  Coverage   95.98%   95.98%           
=======================================
  Files          28       28           
  Lines        5176     5176           
  Branches      658      658           
=======================================
  Hits         4968     4968           
  Misses        135      135           
  Partials       73       73
Impacted Files Coverage Δ
chalice/app.py 97.4% <100%> (ø) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 4ecde2b...2a0e605. Read the comment docs.
@anthonygrant anthonygrant changed the title fix for _generate_arn in AuthResponse fix for _generate_arn() in AuthResponse Aug 13, 2019
@stealthycoin
Copy link
Contributor

stealthycoin commented Aug 15, 2019

Thanks for the PR. Can you add test cases for this please? There is also the case where the API Gateway itself has a ? in the name where this code won't work. Can you add a test case for that as well.
@anthonygrant
Copy link
Author

anthonygrant commented Aug 16, 2019
edited

Thanks @stealthycoin . I'll look to create some tests soon. Can you be specific about the case where there would be a ? in the API Gateway in the name. I was thinking you might mean a custom domain name but a quick search confirms that that character is illegal so I think I'm looking in the wrong direction. Can you help me here so I can make sure my solution works in all situations and the tests can confirm that outcome.
@stealthycoin
Copy link
Contributor

stealthycoin commented Sep 17, 2019

Ah, I don't think its illegal. I made an api gateway API with ? in its name.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
changes-requested
Projects
None yet
Milestone
No milestone
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants
@anthonygrant @codecov-io @stealthycoin
You can’t perform that action at this time.