Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for non-printable HTTP passwords #143

Merged
merged 1 commit into from
Jun 17, 2021
Merged

Add support for non-printable HTTP passwords #143

merged 1 commit into from
Jun 17, 2021

Conversation

robert-s-ubi
Copy link
Contributor

The OCPP 1.6 Security Whitepaper foresees that the AuthorizationKey,
which is a hexadecimal string representation of the HTTP Basic
Authentication password to be used, may use the full byte range, i.e.
including non-printable characters. Thus, passing it as a Java String
object is not suitable.

In contrast, OCPP 2.0.1 specifies the password as being a string of
printable UTF-8 characters. The library already supports that.

To accomodate both, take advantage of the fact that JSONConfiguration
treats all parameters as Objects, so either a String or a byte array can
be set.

Change the code adding the credentials to the HTTP header to correctly
generate the Base64 encoded credentials from either a password string or
a byte array, depending on the object type that was set as the password.

@robert-s-ubi
Add support for non-printable HTTP passwords
f7af06d 
The OCPP 1.6 Security Whitepaper foresees that the AuthorizationKey,
which is a hexadecimal string representation of the HTTP Basic
Authentication password to be used, may use the full byte range, i.e.
including non-printable characters. Thus, passing it as a Java String
object is not suitable.

In contrast, OCPP 2.0.1 specifies the password as being a string of
printable UTF-8 characters. The library already supports that.

To accomodate both, take advantage of the fact that JSONConfiguration
treats all parameters as Objects, so either a String or a byte array can
be set.

Change the code adding the credentials to the HTTP header to correctly
generate the Base64 encoded credentials from either a password string or
a byte array, depending on the object type that was set as the password.
@coveralls
Copy link

Coverage Status

Coverage decreased (-0.09%) to 42.484% when pulling f7af06d on ubitricity:master into 441adb1 on ChargeTimeEU:master.

@robert-s-ubi
Copy link
Contributor Author

Not sure why travis-ci fails. Running "mvn integration-test -B" on my machine yields:

[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary:
[INFO] 
[INFO] Java-OCA-OCPP common 0.5-SNAPSHOT .................. SUCCESS [  7.139 s]
[INFO] Java-OCA-OCPP 0.5-SNAPSHOT ......................... SUCCESS [  0.250 s]
[INFO] Java-OCA-OCPP OCPP-J 0.1-SNAPSHOT .................. SUCCESS [  1.574 s]
[INFO] Java-OCA-OCPP v1.6 0.5-SNAPSHOT .................... SUCCESS [  3.566 s]
[INFO] Java-OCA-OCPP v1.6 - Integration test 0.5-SNAPSHOT . SUCCESS [ 49.864 s]
[INFO] Java-OCA-OCPP v2.0 0.1-SNAPSHOT .................... SUCCESS [  1.842 s]
[INFO] Java-OCA-OCPP v2.0 - Integration test 0.1-SNAPSHOT . SUCCESS [  2.204 s]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time:  01:06 min
[INFO] Finished at: 2021-05-26T11:10:46+02:00
[INFO] ------------------------------------------------------------------------

@TVolden TVolden merged commit 2e7cb69 into ChargeTimeEU:master Jun 17, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@robert-s-ubi @coveralls @TVolden