From 4efb90107d7f99d9e4c45b78c2946aee0f419f68 Mon Sep 17 00:00:00 2001 From: Dillon Luther Date: Thu, 11 Apr 2024 18:20:33 -0400 Subject: [PATCH 1/2] use URI.parse to handle url edge cases --- lib/assent/strategy.ex | 7 ++----- test/assent/strategy_test.exs | 18 ++++++++++++++++-- 2 files changed, 18 insertions(+), 7 deletions(-) diff --git a/lib/assent/strategy.ex b/lib/assent/strategy.ex index 47d8549..ae70676 100644 --- a/lib/assent/strategy.ex +++ b/lib/assent/strategy.ex @@ -183,11 +183,8 @@ defmodule Assent.Strategy do defp encode_value(value), do: URI.encode_www_form(Kernel.to_string(value)) - defp endpoint(base_url, <<"/"::utf8, _::binary>> = uri), - do: base_url <> uri - - defp endpoint(_base_url, url), - do: url + defp endpoint(base_url, uri), + do: URI.merge(URI.parse(base_url), uri) |> URI.to_string() @doc """ Normalize API user request response into standard claims diff --git a/test/assent/strategy_test.exs b/test/assent/strategy_test.exs index cd5f016..0b8c3d5 100644 --- a/test/assent/strategy_test.exs +++ b/test/assent/strategy_test.exs @@ -247,9 +247,23 @@ defmodule Assent.StrategyTest do Strategy.verify_jwt(@token, @secret, json_library: CustomJSONLibrary) end - test "to_url/3" do - assert Strategy.to_url("http://localhost", "/path", a: 1, b: [c: 2, d: [e: 3]], f: [4, 5]) == + describe "to_url/3" do + test "with trailing slash in domain and leading slash in path" do + assert Strategy.to_url("http://localhost/", "/path") == "http://localhost/path" + end + + test "with trailing slash in domain" do + assert Strategy.to_url("http://localhost/", "path") == "http://localhost/path" + end + + test "with leading slash in path" do + assert Strategy.to_url("http://localhost", "/path") == "http://localhost/path" + end + + test "with valid inputs" do + assert Strategy.to_url("http://localhost", "path", a: 1, b: [c: 2, d: [e: 3]], f: [4, 5]) == "http://localhost/path?a=1&b[c]=2&b[d][e]=3&f[]=4&f[]=5" + end end test "normalize_userinfo/2" do From 42d45c129488d00669f6e4e98a890e9ee5dd000d Mon Sep 17 00:00:00 2001 From: Dan Schultzer <1254724+danschultzer@users.noreply.github.com> Date: Thu, 11 Apr 2024 17:27:19 -0700 Subject: [PATCH 2/2] Omit trailing base_url slash --- CHANGELOG.md | 2 ++ lib/assent/strategy.ex | 10 ++++++++-- test/assent/strategy_test.exs | 26 ++++++++++++-------------- 3 files changed, 22 insertions(+), 16 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b759e60..6c491b4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,8 @@ Requires Elixir 1.13+ +- Fixed bug with trailing slash in `:base_url` not being ommitted when concatenating with relative path + ## v0.2.9 (2023-11-22) - Fixed bug where `Req` was not used by default if included in project diff --git a/lib/assent/strategy.ex b/lib/assent/strategy.ex index ae70676..44bb622 100644 --- a/lib/assent/strategy.ex +++ b/lib/assent/strategy.ex @@ -183,8 +183,14 @@ defmodule Assent.Strategy do defp encode_value(value), do: URI.encode_www_form(Kernel.to_string(value)) - defp endpoint(base_url, uri), - do: URI.merge(URI.parse(base_url), uri) |> URI.to_string() + defp endpoint(base_url, "/" <> uri = all) do + case :binary.last(base_url) do + ?/ -> base_url <> uri + _ -> base_url <> all + end + end + + defp endpoint(_base_url, uri), do: uri @doc """ Normalize API user request response into standard claims diff --git a/test/assent/strategy_test.exs b/test/assent/strategy_test.exs index 0b8c3d5..0f2a107 100644 --- a/test/assent/strategy_test.exs +++ b/test/assent/strategy_test.exs @@ -247,23 +247,21 @@ defmodule Assent.StrategyTest do Strategy.verify_jwt(@token, @secret, json_library: CustomJSONLibrary) end - describe "to_url/3" do - test "with trailing slash in domain and leading slash in path" do - assert Strategy.to_url("http://localhost/", "/path") == "http://localhost/path" - end + test "to_url/3" do + assert Strategy.to_url("http://example.com", "/path") == "http://example.com/path" + assert Strategy.to_url("http://example.com/", "/path") == "http://example.com/path" - test "with trailing slash in domain" do - assert Strategy.to_url("http://localhost/", "path") == "http://localhost/path" - end + assert Strategy.to_url("http://example.com/path", "/other-path") == + "http://example.com/path/other-path" - test "with leading slash in path" do - assert Strategy.to_url("http://localhost", "/path") == "http://localhost/path" - end + assert Strategy.to_url("http://example.com/path/", "/other-path") == + "http://example.com/path/other-path" - test "with valid inputs" do - assert Strategy.to_url("http://localhost", "path", a: 1, b: [c: 2, d: [e: 3]], f: [4, 5]) == - "http://localhost/path?a=1&b[c]=2&b[d][e]=3&f[]=4&f[]=5" - end + assert Strategy.to_url("http://example.com/path", "http://example.org/other-path") == + "http://example.org/other-path" + + assert Strategy.to_url("http://example.com", "/path", a: 1, b: [c: 2, d: [e: 3]], f: [4, 5]) == + "http://example.com/path?a=1&b[c]=2&b[d][e]=3&f[]=4&f[]=5" end test "normalize_userinfo/2" do