Skip to content

Commit 4bb67f0

Browse files
ReneWerner87ReneWerner87
authored
Merge pull request #150 from gofiber/codex/2025-07-30-07-02-41
2 parents c1f78dc + 0f7a5f9 commit 4bb67f0

File tree

3 files changed

+81
-0
lines changed

3 files changed

+81
-0
lines changed

cmd/internal/migrations/lists.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -59,6 +59,7 @@ var Migrations = []Migration{
5959
v3migrations.MigrateSessionExtractor,
6060
v3migrations.MigrateTimeoutConfig,
6161
v3migrations.MigrateBasicauthAuthorizer,
62+
v3migrations.MigrateBasicauthConfig,
6263
v3migrations.MigrateReqHeaderParser,
6364
MigrateGoVersion("1.24"),
6465
},

cmd/internal/migrations/v3/common.go

Lines changed: 51 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,8 @@
11
package v3
22

33
import (
4+
"crypto/sha256"
5+
"encoding/base64"
46
"fmt"
57
"regexp"
68
"strconv"
@@ -12,6 +14,11 @@ import (
1214
"github.com/gofiber/cli/cmd/internal"
1315
)
1416

17+
var (
18+
hexRe = regexp.MustCompile(`^[0-9a-fA-F]{64}$`)
19+
b64Re = regexp.MustCompile(`^[A-Za-z0-9+/]{43}=?$`)
20+
)
21+
1522
func MigrateHandlerSignatures(cmd *cobra.Command, cwd string, _, _ *semver.Version) error {
1623
sigReplacer := strings.NewReplacer("*fiber.Ctx", "fiber.Ctx")
1724

@@ -715,6 +722,50 @@ func MigrateBasicauthAuthorizer(cmd *cobra.Command, cwd string, _, _ *semver.Ver
715722
return nil
716723
}
717724

725+
// MigrateBasicauthConfig adapts basicauth configuration to the new API
726+
// * removes ContextUsername and ContextPassword fields
727+
// * hashes plaintext Users entries using SHA-256
728+
func MigrateBasicauthConfig(cmd *cobra.Command, cwd string, _, _ *semver.Version) error {
729+
reCtxUser := regexp.MustCompile(`\s*ContextUsername:\s*[^,]+,?\n`)
730+
reCtxPass := regexp.MustCompile(`\s*ContextPassword:\s*[^,]+,?\n`)
731+
reUsers := regexp.MustCompile(`Users:\s*map\[string\]string{([^}]*)}`)
732+
reEntry := regexp.MustCompile(`("[^"]+")\s*:\s*"((?:[^"\\]|\\.)*)"`)
733+
734+
err := internal.ChangeFileContent(cwd, func(content string) string {
735+
content = reCtxUser.ReplaceAllString(content, "")
736+
content = reCtxPass.ReplaceAllString(content, "")
737+
738+
content = reUsers.ReplaceAllStringFunc(content, func(m string) string {
739+
sub := reUsers.FindStringSubmatch(m)
740+
if len(sub) < 2 {
741+
return m
742+
}
743+
body := reEntry.ReplaceAllStringFunc(sub[1], func(s string) string {
744+
es := reEntry.FindStringSubmatch(s)
745+
if len(es) < 3 {
746+
return s
747+
}
748+
pwd := es[2]
749+
if strings.HasPrefix(pwd, "{") || strings.HasPrefix(pwd, "$2") || hexRe.MatchString(pwd) || b64Re.MatchString(pwd) {
750+
return s
751+
}
752+
sum := sha256.Sum256([]byte(pwd))
753+
hashed := base64.StdEncoding.EncodeToString(sum[:])
754+
return fmt.Sprintf("%s: \"{SHA256}%s\"", es[1], hashed)
755+
})
756+
return "Users: map[string]string{" + body + "}"
757+
})
758+
759+
return content
760+
})
761+
if err != nil {
762+
return fmt.Errorf("failed to migrate basicauth config: %w", err)
763+
}
764+
765+
cmd.Println("Migrating basicauth configs")
766+
return nil
767+
}
768+
718769
// MigrateCacheConfig updates cache middleware configuration fields
719770
func MigrateCacheConfig(cmd *cobra.Command, cwd string, _, _ *semver.Version) error {
720771
err := internal.ChangeFileContent(cwd, func(content string) string {

cmd/internal/migrations/v3/common_test.go

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -883,6 +883,35 @@ var _ = basicauth.New(basicauth.Config{
883883
assert.Contains(t, buf.String(), "Migrating basicauth authorizer")
884884
}
885885

886+
func Test_MigrateBasicauthConfig(t *testing.T) {
887+
t.Parallel()
888+
889+
dir, err := os.MkdirTemp("", "mbasiccfg")
890+
require.NoError(t, err)
891+
defer func() { require.NoError(t, os.RemoveAll(dir)) }()
892+
893+
file := writeTempFile(t, dir, `package main
894+
import (
895+
"github.com/gofiber/fiber/v2"
896+
"github.com/gofiber/fiber/v2/middleware/basicauth"
897+
)
898+
var _ = basicauth.New(basicauth.Config{
899+
Users: map[string]string{"john": "doe"},
900+
ContextUsername: "u",
901+
ContextPassword: "p",
902+
})`)
903+
904+
var buf bytes.Buffer
905+
cmd := newCmd(&buf)
906+
require.NoError(t, v3.MigrateBasicauthConfig(cmd, dir, nil, nil))
907+
908+
content := readFile(t, file)
909+
assert.NotContains(t, content, "ContextUsername")
910+
assert.NotContains(t, content, "ContextPassword")
911+
assert.Contains(t, content, "{SHA256}eZ75KhGvkY4/t0HfQpNPO1aO0tk6wd908bjUGieTKm8=")
912+
assert.Contains(t, buf.String(), "Migrating basicauth configs")
913+
}
914+
886915
func Test_MigrateShutdownHook(t *testing.T) {
887916
t.Parallel()
888917

0 commit comments

Comments
 (0)