Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

stable

Clone or download

Read-only

Potential fatal error when signature is wrong on dynamic credentials REST routes

Download Browse

Signatures that are not a valid base64 string can be decoded to false instead of a string. This is part of story #11239: generate dynamic credentials from HashiCorp Vault into a Tuleap instance Change-Id: I37aab905166791bc52efc6006c4493825597f87c

+5 −1
Thomas Gerbet (tgerbet) 2018-03-19 10:15
Thomas Gerbet (tgerbet) 2018-03-19 10:50
c5ffa8cb61dc337ce06b4edb2784b5d15fa789ae
24e85aa30e29e8fa24f959e0cda5b3bc063b2b7a
git #tuleap/stable/c5ffa8cb61dc337ce06b4edb2784b5d15fa789ae

Modified Files

Side by side diff
Inline diff
Name
M plugins/dynamic_credentials/include/REST/RequestSignatureVerifier.php +4 −1 Go to diff View file
M plugins/dynamic_credentials/phpunit/REST/RequestSignatureVerifierTest.php +1 −0 Go to diff View file