Merge pull request #92 from VBA-tools/curl-url-header-bugfixes

Bugfixes (cURL escaping, url-encode UrlSegments, add SetHeader)

Author: timhall

authenticators/DigestAuthenticator.cls

@@ -81,7 +81,7 @@ End Sub
 Private Sub IWebAuthenticator_BeforeExecute(ByVal Client As WebClient, ByRef Request As WebRequest)
     If Me.IsAuthenticated Then
         Me.RequestCount = Me.RequestCount + 1
-        Request.AddHeader "Authorization", CreateHeader(Client, Request)
+        Request.SetHeader "Authorization", CreateHeader(Client, Request)
     End If
 End Sub
 
@@ -97,7 +97,7 @@ Private Sub IWebAuthenticator_AfterExecute(ByVal Client As WebClient, ByVal Requ
         WebHelpers.LogDebug "Extract Authenticate and retry 401 request " & Client.GetFullUrl(Request), "Digest.AfterExecute"
         ExtractAuthenticateInformation Response
 
-        Request.AddHeader "Authorization", CreateHeader(Client, Request)
+        Request.SetHeader "Authorization", CreateHeader(Client, Request)
         Response.Update Client.Execute(Request)
     End If
 End Sub
@@ -122,7 +122,7 @@ End Sub
 ''
 Private Sub IWebAuthenticator_PrepareCurl(ByVal Client As WebClient, ByVal Request As WebRequest, ByRef Curl As String)
     ' http://curl.haxx.se/docs/manpage.html#--digest
-    Curl = Curl & " --digest --user " & Me.Username & ":" & Me.Password
+    Curl = Curl & " --digest --user " & WebHelpers.PrepareTextForShell(Me.Username) & ":" & WebHelpers.PrepareTextForShell(Me.Password)
 End Sub
 
 ''

authenticators/GoogleAuthenticator.cls

@@ -242,7 +242,7 @@ Private Sub IWebAuthenticator_BeforeExecute(ByVal Client As WebClient, ByRef Req
             Me.Token = Me.GetToken(Client)
         End If
 
-        Request.AddHeader "Authorization", "Bearer " & Me.Token
+        Request.SetHeader "Authorization", "Bearer " & Me.Token
     End If
 End Sub
 

authenticators/HttpBasicAuthenticator.cls

@@ -57,7 +57,7 @@ End Sub
 ' @param in|out {WebRequest} Request The request about to be executed
 ''
 Private Sub IWebAuthenticator_BeforeExecute(ByVal Client As WebClient, ByRef Request As WebRequest)
-    Request.AddHeader "Authorization", "Basic " & WebHelpers.Base64Encode(Me.Username & ":" & Me.Password)
+    Request.SetHeader "Authorization", "Basic " & WebHelpers.Base64Encode(Me.Username & ":" & Me.Password)
 End Sub
 
 ''
@@ -91,6 +91,6 @@ End Sub
 ''
 Private Sub IWebAuthenticator_PrepareCurl(ByVal Client As WebClient, ByVal Request As WebRequest, ByRef Curl As String)
     ' e.g. Add flags to cURL
-    Curl = Curl & " --basic --user " & Me.Username & ":" & Me.Password
+    Curl = Curl & " --basic --user " & WebHelpers.PrepareTextForShell(Me.Username) & ":" & WebHelpers.PrepareTextForShell(Me.Password)
 End Sub
 

authenticators/OAuth1Authenticator.cls

@@ -70,7 +70,7 @@ End Sub
 ''
 Private Sub IWebAuthenticator_BeforeExecute(ByVal Client As WebClient, ByRef Request As WebRequest)
     ' Add authorization header to request
-    Request.AddHeader "Authorization", CreateHeader(Client, Request)
+    Request.SetHeader "Authorization", CreateHeader(Client, Request)
 End Sub
 
 ''

authenticators/OAuth2Authenticator.cls

@@ -65,7 +65,7 @@ Private Sub IWebAuthenticator_BeforeExecute(ByVal Client As WebClient, ByRef Req
         Me.Token = Me.GetToken(Client)
     End If
 
-    Request.AddHeader "Authorization", "Bearer " & Me.Token
+    Request.SetHeader "Authorization", "Bearer " & Me.Token
 End Sub
 
 ''

authenticators/TwitterAuthenticator.cls

@@ -68,7 +68,7 @@ Private Sub IWebAuthenticator_BeforeExecute(ByVal Client As WebClient, ByRef Req
         Me.Token = Me.GetToken(Client)
     End If
 
-    Request.AddHeader "Authorization", "Bearer " & Me.Token
+    Request.SetHeader "Authorization", "Bearer " & Me.Token
 End Sub
 
 ''
@@ -129,7 +129,7 @@ Public Function GetToken(auth_Client As WebClient) As String
     auth_Request.RequestFormat = WebFormat.FormUrlEncoded
     auth_Request.ResponseFormat = WebFormat.Json
 
-    auth_Request.AddHeader "Authorization", _
+    auth_Request.SetHeader "Authorization", _
         "Basic " & WebHelpers.Base64Encode(Me.ConsumerKey & ":" & Me.ConsumerSecret)
     auth_Request.AddBodyParameter "grant_type", "client_credentials"
 

specs/Specs_HttpBasicAuthenticator.bas

@@ -25,6 +25,7 @@ Public Function Specs() As SpecSuite
         Request.AddUrlSegment "user", "Tim"
         Request.AddUrlSegment "password", "Secret123"
 
+        Set Client.Authenticator = Nothing
         Set Response = Client.Execute(Request)
         .Expect(Response.StatusCode).ToEqual WebStatusCode.Unauthorized
 
@@ -36,6 +37,24 @@ Public Function Specs() As SpecSuite
         .Expect(Response.Data("authenticated")).ToEqual True
     End With
 
+    With Specs.It("should properly escape username and password")
+        Set Request = New WebRequest
+        Request.Resource = "basic-auth/{user}/{password}"
+        Request.AddUrlSegment "user", "Tim\`$""!"
+        Request.AddUrlSegment "password", "Secret123\`$""!"
+        
+        Set Client.Authenticator = Nothing
+        Set Response = Client.Execute(Request)
+        .Expect(Response.StatusCode).ToEqual WebStatusCode.Unauthorized
+        
+        Auth.Setup "Tim\`$""!", "Secret123\`$""!"
+        Set Client.Authenticator = Auth
+        
+        Set Response = Client.Execute(Request)
+        .Expect(Response.StatusCode).ToEqual 200
+        .Expect(Response.Data("authenticated")).ToEqual True
+    End With
+    
     InlineRunner.RunSuite Specs
 End Function
 

specs/Specs_WebHelpers.bas

@@ -399,8 +399,7 @@ Public Function Specs() As SpecSuite
     ' ============================================= '
     ' 7. Mac
     ' ============================================= '
-
-#If Mac Then
+    
     ' ExecuteInShell
 
     ' PrepareTextForShell
@@ -410,7 +409,6 @@ Public Function Specs() As SpecSuite
         .Expect(WebHelpers.PrepareTextForShell("!abc!123!")).ToEqual "'!'""abc""'!'""123""'!'"
         .Expect(WebHelpers.PrepareTextForShell("`!$\""%")).ToEqual """\`""'!'""\$\\\""\%"""
     End With
-#End If
 
     ' ============================================= '
     ' 8. Cryptography

specs/Specs_WebRequest.bas

@@ -224,6 +224,15 @@ Public Function Specs() As SpecSuite
         .Expect(Request.FormattedResource).ToEqual "A/B/C/D"
     End With
 
+    With Specs.It("FormattedResource should url-encode Url Segments")
+        Set Request = New WebRequest
+        
+        Request.Resource = "{segment}"
+        Request.AddUrlSegment "segment", "$&+,/:;=?@"
+        
+        .Expect(Request.FormattedResource).ToEqual "%24%26%2B%2C%2F%3A%3B%3D%3F%40"
+    End With
+    
     With Specs.It("FormattedResource should include querystring parameters")
         Set Request = New WebRequest
 
@@ -302,24 +311,6 @@ Public Function Specs() As SpecSuite
         .Expect(Request.Body).ToEqual "{""A"":123,""B"":456}"
     End With
 
-    ' TODO
-    'With Specs.It("AddBodyParameter should throw TODO if adding to existing Body this is not Dictionary")
-    '    On Error Resume Next
-    '    Set Request = New WebRequest
-    '
-    '    Request.Body = Array("A", "B", "C")
-    '    Request.AddBodyParameter "D", 123
-    '
-    '    ' TODO Check actual error number
-    '    .Expect(Err.Number).ToNotEqual 0
-    '    Debug.Print Err.Number & ": " & Err.Description
-    '    .Expect(Err.Description).ToEqual _
-    '        "The existing body is not a Dictionary. Adding body parameters can only be used with Dictionaries"
-    '
-    '    Err.Clear
-    '    On Error GoTo 0
-    'End With
-    
     ' AddCookie
     ' --------------------------------------------- '
     With Specs.It("should AddCookie")
@@ -346,6 +337,21 @@ Public Function Specs() As SpecSuite
         .Expect(Request.Headers(2)("Value")).ToEqual "header 2"
     End With
 
+    ' SetHeader
+    ' --------------------------------------------- '
+    With Specs.It("should SetHeader")
+        Set Request = New WebRequest
+        
+        Request.AddHeader "A", "add"
+        
+        Request.SetHeader "A", "set"
+        Request.SetHeader "B", "header"
+        
+        .Expect(Request.Headers.Count).ToEqual 2
+        .Expect(Request.Headers(1)("Value")).ToEqual "set"
+        .Expect(Request.Headers(2)("Key")).ToEqual "B"
+    End With
+    
     ' AddQuerystringParam
     ' --------------------------------------------- '
     With Specs.It("should AddQuerystringParam")

src/WebHelpers.bas

@@ -1244,7 +1244,9 @@ Public Sub AddOrReplaceInKeyValues(KeyValues As Collection, Key As Variant, Valu
             ' Replace existing
             KeyValues.Remove web_Index
 
-            If web_Index > KeyValues.Count Then
+            If KeyValues.Count = 0 Then
+                KeyValues.Add web_NewKeyValue
+            ElseIf web_Index > KeyValues.Count Then
                 KeyValues.Add web_NewKeyValue, After:=web_Index - 1
             Else
                 KeyValues.Add web_NewKeyValue, Before:=web_Index
@@ -1414,7 +1416,6 @@ End Sub
 ' ============================================= '
 ' 7. Mac
 ' ============================================= '
-#If Mac Then
 
 ''
 ' Execute the given command
@@ -1425,6 +1426,7 @@ End Sub
 ' @return {ShellResult}
 ''
 Public Function ExecuteInShell(web_Command As String) As ShellResult
+#If Mac Then
     Dim web_File As Long
     Dim web_Chunk As String
     Dim web_Read As Long
@@ -1450,6 +1452,7 @@ Public Function ExecuteInShell(web_Command As String) As ShellResult
 web_Cleanup:
 
     ExecuteInShell.ExitCode = web_pclose(web_File)
+#End If
 End Function
 
 ''
@@ -1488,8 +1491,6 @@ Public Function PrepareTextForShell(ByVal web_Text As String) As String
     PrepareTextForShell = web_Text
 End Function
 
-#End If
-
 ' ============================================= '
 ' 8. Cryptography
 ' ============================================= '