search

Scout24 / afp-cli

CLI for the AWS Federation Proxy
Apache License 2.0
13 stars 8 forks source link

Handle special characters in password #42

Closed mriehl closed 8 years ago

mriehl commented 8 years ago 
» afpv2 show account-name
Password for mriehl: 
Traceback (most recent call last):
  File "/usr/local/bin/afpv2", line 9, in <module>
    load_entry_point('afp-cli==1.3.1.post166', 'console_scripts', 'afpv2')()
  File "/usr/local/lib/python2.7/dist-packages/afp_cli/cliv2.py", line 59, in main
    unprotected_main()
  File "/usr/local/lib/python2.7/dist-packages/afp_cli/cliv2.py", line 106, in unprotected_main
    role = arguments['<rolename>'] or get_first_role(federation_client, account)
  File "/usr/local/lib/python2.7/dist-packages/afp_cli/cli_functions.py", line 48, in get_first_role
    accounts_and_roles = federation_client.get_account_and_role_list()
  File "/usr/local/lib/python2.7/dist-packages/afp_cli/client.py", line 43, in get_account_and_role_list
    accounts_and_roles = self.call_api("/account")
  File "/usr/local/lib/python2.7/dist-packages/afp_cli/client.py", line 30, in call_api
    self._password))
  File "/usr/local/lib/python2.7/dist-packages/requests/api.py", line 67, in get
    return request('get', url, params=params, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/requests/api.py", line 53, in request
    return session.request(method=method, url=url, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/requests/sessions.py", line 454, in request
    prep = self.prepare_request(req)
  File "/usr/local/lib/python2.7/dist-packages/requests/sessions.py", line 388, in prepare_request
    hooks=merge_hooks(request.hooks, self.hooks),
  File "/usr/local/lib/python2.7/dist-packages/requests/models.py", line 297, in prepare
    self.prepare_auth(auth, url)
  File "/usr/local/lib/python2.7/dist-packages/requests/models.py", line 490, in prepare_auth
    r = auth(self)
  File "/usr/local/lib/python2.7/dist-packages/requests/auth.py", line 51, in __call__
    r.headers['Authorization'] = _basic_auth_str(self.username, self.password)
  File "/usr/local/lib/python2.7/dist-packages/requests/auth.py", line 31, in _basic_auth_str
    b64encode(('%s:%s' % (username, password)).encode('latin1')).strip()
UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 8: ordinal not in range(128)
schlomo commented 8 years ago

We won't fix this at the moment because we use Basic Auth which does not handle UTF-8 well (see http://stackoverflow.com/a/703341 for why).

We also found out that using a password with non-ascii characters brakes the login on Linux. As long as we don't find a solution for this on the AFP server we don't need to invest into the client as well.

As mentioned in #41 there are other approaches that take the password out of the communication altogether.

karolyi commented 8 years ago

https://github.com/ImmobilienScout24/afp-cli/pull/47 introduces a change where whenafp-cli encounters UTF-8 characters, exits with a detailed error message.