From c694591e4ce053278c190f5e09779fc71c72e7a7 Mon Sep 17 00:00:00 2001 From: Thomas Rittson <31796059+eliykat@users.noreply.github.com> Date: Wed, 11 Aug 2021 06:33:15 +1000 Subject: [PATCH] Use UrlB64 encoding for auth-email header (#450) --- common/src/misc/utils.ts | 4 ++++ common/src/models/request/tokenRequest.ts | 4 +++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/common/src/misc/utils.ts b/common/src/misc/utils.ts index e353fcbfec..4501716c87 100644 --- a/common/src/misc/utils.ts +++ b/common/src/misc/utils.ts @@ -159,6 +159,10 @@ export class Utils { } } + static fromUtf8ToUrlB64(utfStr: string): string { + return Utils.fromBufferToUrlB64(Utils.fromUtf8ToArray(utfStr)); + } + static fromB64ToUtf8(b64Str: string): string { if (Utils.isNode || Utils.isNativeScript) { return Buffer.from(b64Str, 'base64').toString('utf8'); diff --git a/common/src/models/request/tokenRequest.ts b/common/src/models/request/tokenRequest.ts index 0797fe8fa4..41797eb065 100644 --- a/common/src/models/request/tokenRequest.ts +++ b/common/src/models/request/tokenRequest.ts @@ -3,6 +3,8 @@ import { TwoFactorProviderType } from '../../enums/twoFactorProviderType'; import { CaptchaProtectedRequest } from './captchaProtectedRequest'; import { DeviceRequest } from './deviceRequest'; +import { Utils } from '../../misc/utils'; + export class TokenRequest implements CaptchaProtectedRequest { email: string; masterPasswordHash: string; @@ -76,7 +78,7 @@ export class TokenRequest implements CaptchaProtectedRequest { alterIdentityTokenHeaders(headers: Headers) { if (this.clientSecret == null && this.masterPasswordHash != null && this.email != null) { - headers.set('Auth-Email', this.email); + headers.set('Auth-Email', Utils.fromUtf8ToUrlB64(this.email)); } } }