search

dlindahl / omniauth-cas

A CAS OmniAuth Strategy
MIT License
88 stars 79 forks source link

Strip whitespace from username #32

Open andla46 opened 10 years ago

andla46 commented 10 years ago

I'm using omniauth-cas together with Gitlab and an external CAS 2.0 server, which works very well besides one issue:

The server happily authenticates usernames with trailing whitespaces (i.e. the server obviously strips ws internally before validating) but then sends the whole username string (including ws) on to the cas module.

This caused us some issues, since gitlab then updates the users table with the new username string (again, inc ws).

This is the first time I've seen this issue, since most of our other CASified systems are behind apache/mod_auth_cas which filters ws before handing on the username.

This fixes it pretty thoroughly, even though it does a bit more than ws-strip uid: 

       def prune!(hash)
         hash.delete_if do |_, value|
+          value.strip! if value.is_a?(String)
           prune!(value) if value.is_a?(Hash)
           value.nil? || (value.respond_to?(:empty?) && value.empty?)
         end

Is this a suitable fix? Should I fix a PR?

dlindahl commented 8 years ago

I no longer have access to a CAS server and therefore am no longer fit to maintain this project.

If you would like to volunteer to be a maintainer of this project, please let me know by opening an Issue.