Open pythrick opened 4 months ago
Issues
4 New issues
0 Accepted issues
Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code
@Colin-b any reason not to merge this?
Hello, I havent had time to review anything from httpx-auth yet. And this PR will require me to add the proper tests on all affected auth classes (not unit tests but functional tests)
Description
This PR addresses an issue in the
decode_base64
function where nested JSON strings within JWT tokens were being corrupted due to incorrect decoding of base64 strings that are not URL-safe. This corruption occurred because the original decoding was not handling certain characters properly, leading to JSON decoding errors when attempting to parse these strings back into JSON objects.Changes
base64.b64decode
withbase64.urlsafe_b64decode
to correctly handle base64 strings that include URL-safe characters.Previous Behavior
Previously, when JWT tokens contained nested JSON strings encoded in base64, the
decode_base64
function would sometimes corrupt these strings. This was particularly apparent when characters like '+' and '/' were included in the base64 string, which were not correctly handled by the standardbase64.b64decode
. The JSON parser would then fail to parse the string due to misplaced or altered characters.For example, decoding a JWT payload with nested JSON would lead to a
JSONDecodeError
:New Behavior
With the new changes, the decode_base64 function correctly decodes the base64 string without corrupting the JSON structure:
This fix ensures that JWT tokens with nested JSON can be handled without errors, improving the robustness of the authentication handling in applications using httpx-auth.
Additional Notes
This update is crucial for applications that depend on precise and error-free handling of JWT tokens, especially in scenarios involving complex data structures within the token payloads.
Closes #92