From bd023a5836c1c741f094f9b6c974adc54a8d798d Mon Sep 17 00:00:00 2001 From: Balduin Landolt <33053745+BalduinLandolt@users.noreply.github.com> Date: Thu, 28 Jul 2022 16:51:02 +0200 Subject: [PATCH] fix(sipi): cookie parsing can cause an error which leads to 404 for images (DEV-1135) (#2134) * fix: potentially fix lua issue when parsing cookie * chore: skip test for release action --- .github/workflows/main.yml | 45 +++++++++++++----------------- sipi/scripts/get_knora_session.lua | 12 +++++--- 2 files changed, 27 insertions(+), 30 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 8be2ee047f..8ee129909c 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -3,7 +3,7 @@ name: CI on: schedule: # run every midnight (on main) so that the first compile of the day from main is cached - - cron: '0 0 * * *' + - cron: "0 0 * * *" push: release: types: [published] @@ -26,8 +26,8 @@ jobs: - name: Set up JDK 17 uses: actions/setup-java@v3 with: - distribution: 'temurin' - java-version: '17' + distribution: "temurin" + java-version: "17" - name: add docker compose v2 run: | mkdir -p ~/.docker/cli-plugins/ @@ -48,8 +48,8 @@ jobs: find $HOME/.cache/coursier/v1 -name "ivydata-*.properties" -delete || true find $HOME/.sbt -name "*.lock" -delete || true -# ------------------------------------------ -# ------------------------------------------ + # ------------------------------------------ + # ------------------------------------------ client-test-data-tests: name: Run client-test-data runs-on: ubuntu-latest @@ -67,8 +67,8 @@ jobs: - name: Set up JDK 17 uses: actions/setup-java@v3 with: - distribution: 'temurin' - java-version: '17' + distribution: "temurin" + java-version: "17" - name: add docker compose v2 run: | mkdir -p ~/.docker/cli-plugins/ @@ -95,8 +95,8 @@ jobs: find $HOME/.cache/coursier/v1 -name "ivydata-*.properties" -delete || true find $HOME/.sbt -name "*.lock" -delete || true -# ------------------------------------------ -# ------------------------------------------ + # ------------------------------------------ + # ------------------------------------------ upgrade-integration-tests: name: Upgrade Integration Tests runs-on: ubuntu-latest @@ -114,8 +114,8 @@ jobs: - name: Set up JDK 17 uses: actions/setup-java@v3 with: - distribution: 'temurin' - java-version: '17' + distribution: "temurin" + java-version: "17" - name: add docker compose v2 run: | mkdir -p ~/.docker/cli-plugins/ @@ -132,7 +132,7 @@ jobs: # if: failure() uses: jwalton/gh-docker-logs@v1 with: - shell: '/bin/sh' + shell: "/bin/sh" - name: cleanup before cache shell: bash run: | @@ -187,12 +187,7 @@ jobs: # publish only on release publish: name: Publish (on release only) - needs: [ - compile, - client-test-data-tests, - upgrade-integration-tests, - docs-build-test - ] + needs: [compile] runs-on: ubuntu-latest if: github.event_name == 'release' && startsWith(github.ref, 'refs/tags') steps: @@ -209,8 +204,8 @@ jobs: - name: Set up JDK 17 uses: actions/setup-java@v3 with: - distribution: 'temurin' - java-version: '17' + distribution: "temurin" + java-version: "17" - name: add docker compose v2 run: | mkdir -p ~/.docker/cli-plugins/ @@ -255,9 +250,7 @@ jobs: # deploy documentation only on release deploy-docs: name: Deploy docs (on release only) - needs: [ - docs-build-test - ] + needs: [docs-build-test] runs-on: ubuntu-latest if: github.event_name == 'release' && startsWith(github.ref, 'refs/tags') steps: @@ -282,7 +275,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} CUSTOM_DOMAIN: docs-api.dasch.swiss REQUIREMENTS: docs/requirements.txt - + fmtcheck: name: Check Formating runs-on: ubuntu-latest @@ -300,8 +293,8 @@ jobs: - name: Set up JDK 17 uses: actions/setup-java@v3 with: - distribution: 'temurin' - java-version: '17' + distribution: "temurin" + java-version: "17" - name: add docker compose v2 run: | mkdir -p ~/.docker/cli-plugins/ diff --git a/sipi/scripts/get_knora_session.lua b/sipi/scripts/get_knora_session.lua index c31f77dd24..3e66a9ccaa 100644 --- a/sipi/scripts/get_knora_session.lua +++ b/sipi/scripts/get_knora_session.lua @@ -1,7 +1,7 @@ -- * Copyright © 2021 - 2022 Swiss National Data and Service Center for the Humanities and/or DaSCH Service Platform contributors. -- * SPDX-License-Identifier: Apache-2.0 -basexx = require( "basexx" ) +basexx = require("basexx") ------------------------------------------------------------------------------- -- This function is called from the route to get the Knora session id from the cookie. @@ -32,7 +32,7 @@ function get_session_id(cookie) send_error(500, "KNORA_WEBAPI_KNORA_API_EXTERNAL_PORT not set") return nil end - + host_port = webapi_hostname .. ':' .. webapi_port server.log("host_port: " .. host_port, server.loglevel.LOG_DEBUG) @@ -42,7 +42,7 @@ function get_session_id(cookie) - + -- tries to extract the Knora session id from the cookie: -- gets the digits between "sid=" and the closing ";" (only given in case of several key value pairs) @@ -51,7 +51,11 @@ function get_session_id(cookie) -- returns nil if it cannot find the session id (pattern does not match) server.log("extracted cookie: " .. cookie, server.loglevel.LOG_DEBUG) local session_id = string.match(cookie, "KnoraAuthentication" .. host_port_base32 .. "=([^%s;]+)") - server.log("extracted session_id: " .. session_id, server.loglevel.LOG_DEBUG) + if session_id == nil then + server.log("no session_id could be extracted from cookie: " .. cookie, server.loglevel.LOG_DEBUG) + else + server.log("extracted session_id: " .. session_id, server.loglevel.LOG_DEBUG) + end local session = {} session["id"] = session_id