Optional whitespace support in Authorization (#1350) (#17145)

Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
2024-06-25 22:12:11 +00:00 · 2024-05-08 15:56:16 +02:00 · 2024-05-08 15:56:16 +02:00 · 34a8652366
commit 34a8652366
parent 414ddcd457
3 changed files with 13 additions and 1 deletions
--- a/changelog.d/17145.bugfix
+++ b/changelog.d/17145.bugfix
@ -0,0 +1 @@
+Add support for optional whitespace around the Federation API's `Authorization` header's parameter commas.
--- a/synapse/federation/transport/server/_base.py
+++ b/synapse/federation/transport/server/_base.py
@ -180,7 +180,11 @@ def _parse_auth_header(header_bytes: bytes) -> Tuple[str, str, str, Optional[str
    """
    try:
        header_str = header_bytes.decode("utf-8")
-        params = re.split(" +", header_str)[1].split(",")
+        space_or_tab = "[ \t]"
+        params = re.split(
+            rf"{space_or_tab}*,{space_or_tab}*",
+            re.split(r"^X-Matrix +", header_str, maxsplit=1)[1],
+        )
        param_dict: Dict[str, str] = {
            k.lower(): v for k, v in [param.split("=", maxsplit=1) for param in params]
        }
--- a/tests/federation/transport/server/test__base.py
+++ b/tests/federation/transport/server/test__base.py
@ -147,3 +147,10 @@ class BaseFederationAuthorizationTests(unittest.TestCase):
            ),
            ("foo", "ed25519:1", "sig", "bar"),
        )
+        # test that "optional whitespace(s)" (space and tabulation) are allowed between comma-separated auth-param components
+        self.assertEqual(
+            _parse_auth_header(
+                b'X-Matrix origin=foo , key="ed25519:1",  sig="sig",	destination="bar",		extra_field=ignored'
+            ),
+            ("foo", "ed25519:1", "sig", "bar"),
+        )
				`@ -0,0 +1 @@`
				Add support for optional whitespace around the Federation API's `Authorization` header's parameter commas.