encoding of "://"

[samvy]

Dear Cwaldbieser,

c.CASAuthenticator.cas_service_url = "https://example.com" is converted to

https:/servercas.com/cas/login?service=https%253A%252F%252Fexample.com in my browser

From https://drupal.stackexchange.com/questions/10736/252f-in-the-url i would say that is a double encoding problem but i am not sure...

Regards,

[samvy]

In file cas_auth.py I replaced lines 32 to 37 by the single line : "url = "{0}?service={1}".format(self.authenticator.cas_login_url, self.make_service_url())" and it works for me

[cwaldbieser]

I'm not sure about this one. If I look at tornado's RequestHandler.redirect() source it looks like the url is written to the "Location" header directly. Since service is a query string parameter, it should be encoded once. If you look at this snippet:

In [14]: import urllib.parse
    ...: cas_login_url = "https://cas.example.net/cas/login"
    ...: service_url = 'https://www.example.com/'
    ...: qs_map = dict(service=service_url)
    ...: qs = urllib.parse.urlencode(qs_map)
    ...: url = "{0}?{1}".format(cas_login_url, qs)
    ...: print(url)
    ...: 
https://cas.example.net/cas/login?service=https%3A%2F%2Fwww.example.com%2F

You can see that the url variable is properly encoded.

Could you provide more detail about when you see the double encoding? E.g. when you end up on the CAS login page, is it double-encoded in the URL bar at that point? Or is it after you authenticate and CAS redirects back to jupyterhub?

[cwaldbieser]

I'm not able to replicate this. Are you still experiencing this issue? If I don't hear back in a couple weeks, I'll close the issue.

[samvy]

Dear cwaldbieser Sorry for the delay to answer The double encoding appears in my browser, before authentication. I see the problem because the cas server refuse to authenticate me because the server "https%253A%252F%252Fexample.com" is not allowed. However when I set "url = "{0}?service={1}".format(self.authenticator.cas_login_url, self.make_service_url())" on line 40 (in new version) the url is a simple "https:/servercas.com/cas/login?service=https://example.com" and it works. I hope it could help... And thank you for your package/time ! Regards

[cwaldbieser]

Could you provide a trace of the HTTP requests and responses? Maybe using curl or HTTPie, showing the intermediate redirects [1]? That would probably be the best way that I could see where the double encoding happens.

If you have an example set up in a way I could look at it (e.g. Vagrant file, docker container), I could try that too.

[1] https://httpie.org/doc#showing-intermediary-redirect-responses

[cwaldbieser]

I actually have a Vagrant file set up I use for testing. Maybe you could set up something similar for me to look at? https://github.com/cwaldbieser/vagrant_jhub_cas_test_env

[devnoot]

I know this is an old issue, but I ran into the exact issue and resolved it using the edits suggested by @samvy

[cwaldbieser]

@tonyweed - Could you provide the curl or HTTPie output I requested on May 18, 2018? I'm interested in seeing what the Request/Response looks like with the misbehaving code in place. I basically want to see the GET request, and the HTTP response with the Location header for the redirect to CAS.

[cwaldbieser]

Closing due to no feedback.