external-auth-server: eas fails to handle x-userinfo with non-ascii characters
Hi Travis,
having a user in our OIDC IAM with non-ascii chars in the first- and lastname (not in the username)
leads to this:
eas-hfpsk external-auth-server 2022-10-26T20:45:18.185532248+02:00
{"code":"ERR_INVALID_CHAR","level":"error","message":"Invalid character in header content [\"X-Userinfo\"]",
"service":"external-auth-server","stack":"TypeError [ERR_INVALID_CHAR]: Invalid character in header content
[\"X-Userinfo\"]\n at ServerResponse.setHeader (node:_http_outgoing:606:3)\n at ServerResponse.header
(/home/eas/app/node_modules/express/lib/response.js:794:10)\n at Function.setResponse
(/home/eas/app/src/index.js:19:11)\n at /home/eas/app/src/server.js:533:28\n at runMicrotasks (<anonymous>)\n
at processTicksAndRejections (node:internal/process/task_queues:96:5)\n at async verifyHandler
(/home/eas/app/src/server.js:93:12)","timestamp":"2022-10-26T18:45:18.184Z"}
It’s reproducible with Keycloak as IAM as well.
About this issue
- Original URL
- State: closed
- Created 2 years ago
- Comments: 32 (14 by maintainers)
Hi Travis,
I can report a successful implementation: I have implemented both uri- and base64-encoding in our software and successfully tested both variants with the next branch. Thanks a lot for your help!