From f2c36fb96f89789fd7eabdc5467f049e01fd0229 Mon Sep 17 00:00:00 2001 From: Julius Liu Date: Thu, 22 Jun 2023 12:37:32 -0700 Subject: [PATCH] fix. ensure values are encoded --- src/plugins/authenticate.rs | 30 ++++++++++++++++-------------- 1 file changed, 16 insertions(+), 14 deletions(-) diff --git a/src/plugins/authenticate.rs b/src/plugins/authenticate.rs index 1f93b11..9ee5b3e 100644 --- a/src/plugins/authenticate.rs +++ b/src/plugins/authenticate.rs @@ -119,20 +119,22 @@ impl Authenticate { https://$registry/oauth2/token */ - let body = format!( - "{}&grant_type=password&username={}&password={}", - challenge_uri.query().unwrap(), - user, - password - ); - - let req = Request::builder() - .uri(challenge_uri) - .header("Content-Type", "application/x-www-form-urlencoded") - .method(Method::POST) - .body(body); - - (ns, req) + if let Ok(encoded) = serde_urlencoded::to_string(&[ + ("grant_type", "password"), + ("username", user.as_str()), + ("password", password.as_str()), + ]) { + let body = format!("{}&{}", challenge_uri.query().unwrap(), encoded); + let req = Request::builder() + .uri(challenge_uri) + .header("Content-Type", "application/x-www-form-urlencoded") + .method(Method::POST) + .body(body); + (ns, req) + } else { + tracing::error!("Could not encode username/password authn body"); + return None; + } } else if let (Some(ns), Some(token)) = ( tc.search().find_symbol("REGISTRY_NAMESPACE"), tc.search().find_symbol("REGISTRY_TOKEN"),