bug #38647 [HttpClient] relax auth bearer format requirements (xabbuh)

nicolas-grekas · nicolas-grekas · commit 4fcda3c7ce3d · 2020-10-24T11:44:37.000+02:00
This PR was merged into the 4.4 branch.

Discussion
----------

[HttpClient] relax auth bearer format requirements

| Q             | A
| ------------- | ---
| Branch?       | 4.4
| Bug fix?      | yes
| New feature?  | no
| Deprecations? | no
| Tickets       | Fix #38609
| License       | MIT
| Doc PR        |

Commits
-------

ac20594267 [HttpClient] relax auth bearer format requirements
diff --git a/HttpClientTrait.php b/HttpClientTrait.php
@@ -110,8 +110,13 @@ private static function prepareRequest(?string $method, ?string $url, array $opt
             throw new InvalidArgumentException(sprintf('Option "auth_basic" must be string or an array, "%s" given.', \gettype($options['auth_basic'])));
         }
 
-        if (isset($options['auth_bearer']) && (!\is_string($options['auth_bearer']) || !preg_match('{^[-._=:~+/0-9a-zA-Z]++$}', $options['auth_bearer']))) {
-            throw new InvalidArgumentException(sprintf('Option "auth_bearer" must be a string containing only characters from the base 64 alphabet, '.(\is_string($options['auth_bearer']) ? 'invalid string given.' : '"%s" given.'), \gettype($options['auth_bearer'])));
+        if (isset($options['auth_bearer'])) {
+            if (!\is_string($options['auth_bearer'])) {
+                throw new InvalidArgumentException(sprintf('Option "auth_bearer" must be a string, "%s" given.', \gettype($options['auth_bearer'])));
+            }
+            if (preg_match('{[^\x21-\x7E]}', $options['auth_bearer'])) {
+                throw new InvalidArgumentException('Invalid character found in option "auth_bearer": '.json_encode($options['auth_bearer']).'.');
+            }
         }
 
         if (isset($options['auth_basic'], $options['auth_bearer'])) {
diff --git a/Tests/HttpClientTraitTest.php b/Tests/HttpClientTraitTest.php
@@ -179,14 +179,14 @@ public function testAuthBearerOption()
     public function testInvalidAuthBearerOption()
     {
         $this->expectException('Symfony\Component\HttpClient\Exception\InvalidArgumentException');
-        $this->expectExceptionMessage('Option "auth_bearer" must be a string containing only characters from the base 64 alphabet, "object" given.');
+        $this->expectExceptionMessage('Option "auth_bearer" must be a string, "object" given.');
         self::prepareRequest('POST', 'http://example.com', ['auth_bearer' => new \stdClass()], HttpClientInterface::OPTIONS_DEFAULTS);
     }
 
     public function testInvalidAuthBearerValue()
     {
         $this->expectException('Symfony\Component\HttpClient\Exception\InvalidArgumentException');
-        $this->expectExceptionMessage('Option "auth_bearer" must be a string containing only characters from the base 64 alphabet, invalid string given.');
+        $this->expectExceptionMessage('Invalid character found in option "auth_bearer": "a\nb".');
         self::prepareRequest('POST', 'http://example.com', ['auth_bearer' => "a\nb"], HttpClientInterface::OPTIONS_DEFAULTS);
     }
 

Original file line number	Diff line number	Diff line change
`@@ -110,8 +110,13 @@ private static function prepareRequest(?string $method, ?string $url, array $opt`
`110`	`110`	`throw new InvalidArgumentException(sprintf('Option "auth_basic" must be string or an array, "%s" given.', \gettype($options['auth_basic'])));`
`111`	`111`	`}`
`112`	`112`
`113`		`- if (isset($options['auth_bearer']) && (!\is_string($options['auth_bearer']) \|\| !preg_match('{^[-._=:~+/0-9a-zA-Z]++$}', $options['auth_bearer']))) {`
`114`		`- throw new InvalidArgumentException(sprintf('Option "auth_bearer" must be a string containing only characters from the base 64 alphabet, '.(\is_string($options['auth_bearer']) ? 'invalid string given.' : '"%s" given.'), \gettype($options['auth_bearer'])));`
	`113`	`+ if (isset($options['auth_bearer'])) {`
	`114`	`+ if (!\is_string($options['auth_bearer'])) {`
	`115`	`+ throw new InvalidArgumentException(sprintf('Option "auth_bearer" must be a string, "%s" given.', \gettype($options['auth_bearer'])));`
	`116`	`+ }`
	`117`	`+ if (preg_match('{[^\x21-\x7E]}', $options['auth_bearer'])) {`
	`118`	`+ throw new InvalidArgumentException('Invalid character found in option "auth_bearer": '.json_encode($options['auth_bearer']).'.');`
	`119`	`+ }`
`115`	`120`	`}`
`116`	`121`
`117`	`122`	`if (isset($options['auth_basic'], $options['auth_bearer'])) {`
Original file line number	Diff line number	Diff line change
`@@ -179,14 +179,14 @@ public function testAuthBearerOption()`
`179`	`179`	`public function testInvalidAuthBearerOption()`
`180`	`180`	`{`
`181`	`181`	`$this->expectException('Symfony\Component\HttpClient\Exception\InvalidArgumentException');`
`182`		`- $this->expectExceptionMessage('Option "auth_bearer" must be a string containing only characters from the base 64 alphabet, "object" given.');`
	`182`	`+ $this->expectExceptionMessage('Option "auth_bearer" must be a string, "object" given.');`
`183`	`183`	`self::prepareRequest('POST', 'http://example.com', ['auth_bearer' => new \stdClass()], HttpClientInterface::OPTIONS_DEFAULTS);`
`184`	`184`	`}`
`185`	`185`
`186`	`186`	`public function testInvalidAuthBearerValue()`
`187`	`187`	`{`
`188`	`188`	`$this->expectException('Symfony\Component\HttpClient\Exception\InvalidArgumentException');`
`189`		`- $this->expectExceptionMessage('Option "auth_bearer" must be a string containing only characters from the base 64 alphabet, invalid string given.');`
	`189`	`+ $this->expectExceptionMessage('Invalid character found in option "auth_bearer": "a\nb".');`
`190`	`190`	`self::prepareRequest('POST', 'http://example.com', ['auth_bearer' => "a\nb"], HttpClientInterface::OPTIONS_DEFAULTS);`
`191`	`191`	`}`
`192`	`192`