Cannot register to eureka if password contains special character

[chrno1209]

I have an eureka server with basic authentication, the password contains special character which is ! I have tested on Postman and it works. But when using python-eureka-client, it does not. After some investigation in the code, in eureka_client.py, if I change the code of password = quote(eureka_basic_auth_password) to password = eureka_basic_auth_password then it works.

[keijack]

According to http://www.faqs.org/rfcs/rfc3986.html , user name and password should be encoded. Please check whether your password was already encoded before being set to the eureka_basic_auth_password.

[chrno1209]

the thing is, if I encode password before being set to eureka_basic_auth_password, you will encode against the encoded password and the final password will be more different from the original.

[chrno1209]

for example: my password is Disc!123! First encode by me before being set to eureka_basic_auth_password: Disc%21123%21 Second encode by you: Disc%2521123%2521

[keijack]

for example: my password is Disc!123! First encode by me before being set to eureka_basic_auth_password: Disc%21123%21 Second encode by you: Disc%2521123%2521

I see, then you can pass the original password to the eureka_basic_auth_password, and that will work.

[chrno1209]

That's what I did in the first place and it didn't work, that's why I had to dig into your code and found out the quote(eureka_basic_auth_password). Until I remove the quote function, it works.

[keijack]

That's what I did in the first place and it didn't work, that's why I had to dig into your code and found out the quote(eureka_basic_auth_password). Until I remove the quote function, it works.

You mean:

You pass Disc!123! and not remove quote() function, it didn't work. But by passing Disc%21123%21 and remove quote() function, it worked?

Is that right?

[chrno1209]

Let me explain more:

With your original code: even if I pass Disc!123! and Disc%21123%21, it does not work With my modification (remove quote()): it works on Disc!123! but not on Disc%21123%21

I am using an Eureka registry generated from Jhipster.

[keijack]

Let me explain more:

With your original code: even if I pass Disc!123! and Disc%21123%21, it does not work With my modification (remove quote()): it works on Disc!123! but not on Disc%21123%21

I am using an Eureka registry generated from Jhipster.

I see now. That means the server which do no decode action when receive the password, which does not match the standard RFC 3986.

If that works for you, please fork the project and just remove the quote method. And the main branch here will keep the quote to meet the standard requirement.

[chrno1209]

One more thing I am aware of, when using Postman or some online tool (https://www.blitter.se/utils/basic-authentication-header-generator/) to encode header for basic authentication. Given my account is:

• Username: admin
• Password: Disc!123!

Both of them are always not encode the password and return exactly the same encoded string for header authentication YWRtaW46RGlzYyExMjMh.

So I am not sure if encode username/password here is right or not.

The eureka server I am using is the basic one from the framework, if it's not decode username/password from client, it means the server only require origin data.

[keijack]

One more thing I am aware of, when using Postman or some online tool (https://www.blitter.se/utils/basic-authentication-header-generator/) to encode header for basic authentication. Given my account is:

* Username: admin

* Password: Disc!123!

Both of them are always not encode the password and return exactly the same encoded string for header authentication YWRtaW46RGlzYyExMjMh.

So I am not sure if encode username/password here is right or not.

The eureka server I am using is the basic one from the framework, if it's not decode username/password from client, it means the server only require origin data.

I will check it out and make it clear that whether the username and password should be encoded or not in header field, may be the only when setting it to the url should be encoded.

[keijack]

One more thing I am aware of, when using Postman or some online tool (https://www.blitter.se/utils/basic-authentication-header-generator/) to encode header for basic authentication. Given my account is:

* Username: admin

* Password: Disc!123!

Both of them are always not encode the password and return exactly the same encoded string for header authentication YWRtaW46RGlzYyExMjMh.

So I am not sure if encode username/password here is right or not.

The eureka server I am using is the basic one from the framework, if it's not decode username/password from client, it means the server only require origin data.

You are right. Username and password should be encoded when they are put to the URL, but not headers, which is implemented. Please upgrade to 0.11.5.

[keijack]

close for long time silence.