Merge pull request #1283 from ballerina-platform/fix-passwrd

Fix incorrect Username and Password Extraction

ballerina/Ballerina.toml

@@ -1,7 +1,7 @@
 [package]
 org = "ballerina"
 name = "auth"
-version = "2.11.0"
+version = "2.11.1"
 authors = ["Ballerina"]
 keywords = ["security", "authentication", "basic auth"]
 repository = "https://github.com/ballerina-platform/module-ballerina-auth"
@@ -15,5 +15,5 @@ graalvmCompatible = true
 [[platform.java17.dependency]]
 groupId = "io.ballerina.stdlib"
 artifactId = "auth-native"
-version = "2.11.0"
-path = "../native/build/libs/auth-native-2.11.0.jar"
+version = "2.11.1"
+path = "../native/build/libs/auth-native-2.11.1-SNAPSHOT.jar"

ballerina/Dependencies.toml

@@ -10,7 +10,7 @@ distribution-version = "2201.9.0"
 [[package]]
 org = "ballerina"
 name = "auth"
-version = "2.11.0"
+version = "2.11.1"
 dependencies = [
 	{org = "ballerina", name = "crypto"},
 	{org = "ballerina", name = "jballerina.java"},
@@ -26,7 +26,7 @@ modules = [
 [[package]]
 org = "ballerina"
 name = "crypto"
-version = "2.7.0"
+version = "2.7.2"
 dependencies = [
 	{org = "ballerina", name = "jballerina.java"},
 	{org = "ballerina", name = "time"}

ballerina/auth_utils.bal

@@ -29,13 +29,15 @@ public isolated function extractUsernameAndPassword(string credential) returns [
     if base64Decoded is byte[] {
         string|error base64DecodedResults = 'string:fromBytes(base64Decoded);
         if base64DecodedResults is string {
-            string[] decodedCredentials = re `:`.split(base64DecodedResults);
-            if decodedCredentials.length() != 2 ||
-                decodedCredentials[0].length() == 0 || decodedCredentials[1].length() == 0 {
-                return prepareError("Incorrect credential format. Format should be username:password");
-            } else {
-                return [decodedCredentials[0], decodedCredentials[1]];
+            int? colonIndex = base64DecodedResults.indexOf(":");
+            if colonIndex is int {
+                string username = base64DecodedResults.substring(0, colonIndex);
+                string password = base64DecodedResults.substring(colonIndex + 1);
+                if username.length() != 0 && password.length() != 0 {
+                    return [username, password];
+                }
             }
+            return prepareError("Incorrect credential format. Format should be username:password");
         } else {
             return prepareError("Failed to convert byte[] credential to string.", base64DecodedResults);
         }

ballerina/tests/auth_utils_test.bal

@@ -67,3 +67,19 @@ isolated function testExtractUsernameAndPasswordForEmptyUsername() returns Error
         test:assertFail("Expected error not found.");
     }
 }
+
+@test:Config {}
+isolated function testExtractUsernameAndPasswordWherePasswordIncludesColon() returns Error? {
+    string usernameAndPassword = "YWxpY2U6YWxpY2U6QDU=";
+    [string, string] [username, password] = check extractUsernameAndPassword(usernameAndPassword);
+    test:assertEquals(username, "alice");
+    test:assertEquals(password, "alice:@5");
+}
+
+@test:Config {}
+isolated function testExtractUsernameAndPasswordWherePasswordEndsWithColon() returns Error? {
+    string usernameAndPassword = "YWxpY2U6YWxpY2UxMjM6YWxpY2U6";
+    [string, string] [username, password] = check extractUsernameAndPassword(usernameAndPassword);
+    test:assertEquals(username, "alice");
+    test:assertEquals(password, "alice123:alice:");
+}

changelog.md

@@ -6,6 +6,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 
 ## [Unreleased]
 
+### Fixed
+- [Fix Incorrect Username and Password Extraction](https://github.com/ballerina-platform/ballerina-library/issues/6773)
+
 ## [2.11.0] - 2024-05-03
 
 - This version maintains compatibility with dependencies without any external changes.