From c524ad5f6d341b533c8cf3775a600663ee748a1d Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Tue, 21 Nov 2023 14:19:16 +0300 Subject: [PATCH 1/4] Excaped special characters on path segments --- .../Cmdlets/InvokeMgGraphRequest.cs | 29 +++++++++++++++++-- 1 file changed, 27 insertions(+), 2 deletions(-) diff --git a/src/Authentication/Authentication/Cmdlets/InvokeMgGraphRequest.cs b/src/Authentication/Authentication/Cmdlets/InvokeMgGraphRequest.cs index 8f0ba357b5..31f5aa3223 100644 --- a/src/Authentication/Authentication/Cmdlets/InvokeMgGraphRequest.cs +++ b/src/Authentication/Authentication/Cmdlets/InvokeMgGraphRequest.cs @@ -20,6 +20,7 @@ using System.Text; using System.Threading; using System.Threading.Tasks; +using System.Web; using static Microsoft.Graph.PowerShell.Authentication.Helpers.AsyncHelpers; using DriveNotFoundException = System.Management.Automation.DriveNotFoundException; @@ -294,6 +295,7 @@ private async Task ReportResponseStatusASync(HttpMessageFormatter responseMessag /// private HttpRequestMessage GetRequest(HttpClient httpClient, Uri uri) { + var requestUri = PrepareUri(httpClient, uri); var httpMethod = GetHttpMethod(Method); // create the base WebRequest object @@ -346,7 +348,6 @@ private HttpRequestMessage GetRequest(HttpClient httpClient, Uri uri) request.Headers.Add(HttpKnownHeaderNames.UserAgent, GraphRequestSession.UserAgent); } } - return request; } @@ -359,6 +360,7 @@ private HttpRequestMessage GetRequest(HttpClient httpClient, Uri uri) private Uri PrepareUri(HttpClient httpClient, Uri uri) { UriBuilder uriBuilder; + // For AbsoluteUri such as /beta/groups?$count=true, Get the scheme and host from httpClient // Then use them to compose a new Url with the URL fragment. if (uri.IsAbsoluteUri) @@ -401,8 +403,31 @@ private Uri PrepareUri(HttpClient httpClient, Uri uri) // set body to null to prevent later FillRequestStream Body = null; } + return EscapeDataStrings(uriBuilder.Uri); + } - return uriBuilder.Uri; + /// + /// Escape data string/url encode Uris that have paths containing special characters like #. + /// For a path like /beta/users/first.last_foo.com#EXT#@contoso.onmicrosoft.com, the last segment contains special characters that need to be escaped + /// + /// + /// + private Uri EscapeDataStrings(Uri uri) + { + int counter = 0; + var pathSegments = uri.OriginalString.Split('/'); + StringBuilder sb = new StringBuilder(); + foreach (var segment in pathSegments) + { + //Skips the left part of the uri i.e https://graph.microsoft.com + if (counter > 2) + { + sb.Append("/" + Uri.EscapeDataString(segment)); + } + counter++; + } + Uri escapedUri = new Uri(uri.GetLeftPart(UriPartial.Authority) + sb.ToString()); + return escapedUri; } private void ThrowIfError(ErrorRecord error) From 2bbc232d4ed428b37dd14dc713d788351dcdf828 Mon Sep 17 00:00:00 2001 From: Tim Date: Tue, 21 Nov 2023 22:07:52 +0300 Subject: [PATCH 2/4] Update src/Authentication/Authentication/Cmdlets/InvokeMgGraphRequest.cs Co-authored-by: Peter Ombwa --- .../Authentication/Cmdlets/InvokeMgGraphRequest.cs | 1 - 1 file changed, 1 deletion(-) diff --git a/src/Authentication/Authentication/Cmdlets/InvokeMgGraphRequest.cs b/src/Authentication/Authentication/Cmdlets/InvokeMgGraphRequest.cs index 31f5aa3223..c87fd8e70b 100644 --- a/src/Authentication/Authentication/Cmdlets/InvokeMgGraphRequest.cs +++ b/src/Authentication/Authentication/Cmdlets/InvokeMgGraphRequest.cs @@ -20,7 +20,6 @@ using System.Text; using System.Threading; using System.Threading.Tasks; -using System.Web; using static Microsoft.Graph.PowerShell.Authentication.Helpers.AsyncHelpers; using DriveNotFoundException = System.Management.Automation.DriveNotFoundException; From ba5a320bd5d74c36b13d38d4e4f526ae5328f819 Mon Sep 17 00:00:00 2001 From: Timothy Wamalwa Date: Wed, 22 Nov 2023 08:54:19 +0300 Subject: [PATCH 3/4] Moved method to hepers and added unit test for the helper method as per review suggestion --- .../Helpers/EncodeUriPathTests.cs | 26 ++++++++++++++ .../Cmdlets/InvokeMgGraphRequest.cs | 26 +------------- .../Authentication/Helpers/EncodeUriPath.cs | 34 +++++++++++++++++++ 3 files changed, 61 insertions(+), 25 deletions(-) create mode 100644 src/Authentication/Authentication.Test/Helpers/EncodeUriPathTests.cs create mode 100644 src/Authentication/Authentication/Helpers/EncodeUriPath.cs diff --git a/src/Authentication/Authentication.Test/Helpers/EncodeUriPathTests.cs b/src/Authentication/Authentication.Test/Helpers/EncodeUriPathTests.cs new file mode 100644 index 0000000000..800cf62790 --- /dev/null +++ b/src/Authentication/Authentication.Test/Helpers/EncodeUriPathTests.cs @@ -0,0 +1,26 @@ + +using Xunit; +using System; +using Microsoft.Graph.PowerShell.Authentication.Helpers; + +namespace Microsoft.Graph.Authentication.Test.Helpers +{ + public class EncodeUriPathTests + { + private string url = "https://graph.microsoft.com/beta/users/first.last_foo.com#EXT#@contoso.onmicrosoft.com"; + private string encodedUrl = "https://graph.microsoft.com/beta/users/first.last_foo.com%23EXT%23%40contoso.onmicrosoft.com"; + + [Fact] + public void ShouldReturnAnEncodedUriGivenAUrlWithSpecialCharactersInPathSegments() + { + //arrange + Uri uri = new Uri(url); + + //act + Uri result = uri.EscapeDataStrings(); + + //assert + Assert.Equal(encodedUrl, result.ToString()); + } + } +} diff --git a/src/Authentication/Authentication/Cmdlets/InvokeMgGraphRequest.cs b/src/Authentication/Authentication/Cmdlets/InvokeMgGraphRequest.cs index c87fd8e70b..86ebdad20c 100644 --- a/src/Authentication/Authentication/Cmdlets/InvokeMgGraphRequest.cs +++ b/src/Authentication/Authentication/Cmdlets/InvokeMgGraphRequest.cs @@ -402,31 +402,7 @@ private Uri PrepareUri(HttpClient httpClient, Uri uri) // set body to null to prevent later FillRequestStream Body = null; } - return EscapeDataStrings(uriBuilder.Uri); - } - - /// - /// Escape data string/url encode Uris that have paths containing special characters like #. - /// For a path like /beta/users/first.last_foo.com#EXT#@contoso.onmicrosoft.com, the last segment contains special characters that need to be escaped - /// - /// - /// - private Uri EscapeDataStrings(Uri uri) - { - int counter = 0; - var pathSegments = uri.OriginalString.Split('/'); - StringBuilder sb = new StringBuilder(); - foreach (var segment in pathSegments) - { - //Skips the left part of the uri i.e https://graph.microsoft.com - if (counter > 2) - { - sb.Append("/" + Uri.EscapeDataString(segment)); - } - counter++; - } - Uri escapedUri = new Uri(uri.GetLeftPart(UriPartial.Authority) + sb.ToString()); - return escapedUri; + return uriBuilder.Uri.EscapeDataStrings(); } private void ThrowIfError(ErrorRecord error) diff --git a/src/Authentication/Authentication/Helpers/EncodeUriPath.cs b/src/Authentication/Authentication/Helpers/EncodeUriPath.cs new file mode 100644 index 0000000000..2acd056dfc --- /dev/null +++ b/src/Authentication/Authentication/Helpers/EncodeUriPath.cs @@ -0,0 +1,34 @@ +// ------------------------------------------------------------------------------ +// Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. +// ------------------------------------------------------------------------------ + +using System; +using System.Text; + +namespace Microsoft.Graph.PowerShell.Authentication.Helpers +{ + /// + /// Escape data string/url encode Uris that have paths containing special characters like #. + /// For a path like /beta/users/first.last_foo.com#EXT#@contoso.onmicrosoft.com, the last segment contains special characters that need to be escaped + /// + public static class EncodeUriPaths + { + public static Uri EscapeDataStrings(this Uri uri) + { + int counter = 0; + var pathSegments = uri.OriginalString.Split('/'); + StringBuilder sb = new StringBuilder(); + foreach (var segment in pathSegments) + { + //Skips the left part of the uri i.e https://graph.microsoft.com + if (counter > 2) + { + sb.Append("/" + Uri.EscapeDataString(segment)); + } + counter++; + } + Uri escapedUri = new Uri(uri.GetLeftPart(UriPartial.Authority) + sb.ToString()); + return escapedUri; + } + } +} \ No newline at end of file From 1430b80f27b908db5abee7ad19bccc5e8c125e1b Mon Sep 17 00:00:00 2001 From: Tim Date: Thu, 23 Nov 2023 08:01:19 +0300 Subject: [PATCH 4/4] Update src/Authentication/Authentication/Helpers/EncodeUriPath.cs Co-authored-by: Caleb Kiage <747955+calebkiage@users.noreply.github.com> --- src/Authentication/Authentication/Helpers/EncodeUriPath.cs | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/Authentication/Authentication/Helpers/EncodeUriPath.cs b/src/Authentication/Authentication/Helpers/EncodeUriPath.cs index 2acd056dfc..72d8790a19 100644 --- a/src/Authentication/Authentication/Helpers/EncodeUriPath.cs +++ b/src/Authentication/Authentication/Helpers/EncodeUriPath.cs @@ -23,7 +23,8 @@ public static Uri EscapeDataStrings(this Uri uri) //Skips the left part of the uri i.e https://graph.microsoft.com if (counter > 2) { - sb.Append("/" + Uri.EscapeDataString(segment)); + sb.Append('/'); + sb.Append(Uri.EscapeDataString(segment)); } counter++; }