credentials.conf handling of certain characters in usernames and passwords

[reidsunderland]

I was not able to use a password that had / in it in sr3.

https://username:pass/word@example.com

I was using a plugin, so I was able to workaround it by using %2F in credentials.conf and urllib.parse.unquote in the plugin.

[ERROR] 2181978 sarracenia.credentials isValid credential not found

The problem seems to come from urllib.parse.urlparse:

>>> urllib.parse.urlparse("https://username:pass/word@example.com")
ParseResult(scheme='https', netloc='username:pass', path='/word@example.com', params='', query='', fragment='')

[petersilva]

perhaps we could have an alternative syntax with a separate keyword... aka:

amqp://user@hoho password=lovel/

so use something completely different than urlparse. There is already syntax for other keywords later in the line...

[petersilva]

look at sarracenia/credentials.py syntax examples given with passive= and binary keywords.

[reidsunderland]

Yes, I like that idea!

Another option would be using a keyword to tell sr3 whether the username and password is url encoded or not.

https://u%2Fs3rn%40me:P%40%24%24w0r%2Fd%2F@example.com urlencoded=True

username = u/s3rn@me
password = P@$$w0r/d/

[petersilva]

I like the urlencode keyword idea also... probably that is a better approach

[petersilva]

I vaguely recalle we tried always url encoding in the past, and something bad happenned, so we had to roll back... so use of the keyword does seem necessary. #884 is the thing I remember...

[reidsunderland]

The documentation does say that credentials are URL encoded:

https://metpx.github.io/sarracenia/Reference/sr3_credentials.7.html#credential-details

"These strings are URL encoded, so if an account has a password with a special character, its URL encoded equivalent can be supplied. In the last example above, %2f means that the actual password isi: /dot8 The next to last password is: De:olonize. ( %3a being the url encoded value for a colon character. )"