gremlin-javascript icon indicating copy to clipboard operation
gremlin-javascript copied to clipboard
verified publisher icon jbmusso

buildChallengeResponse: SASL parameter is incorrectly set for Tinkerpop

Open codepope opened this issue 8 years ago • 4 comments

When the BuildChallengeResponse is triggered it sets the SASL key as "SASL":

https://github.com/jbmusso/gremlin-javascript/blob/master/gremlin-client/src/GremlinClient.js#L246

But, examining the Tinkerpop server side, it is looking for the key in lower case "sasl". The difference means the server sees an authentication challenge response with no parameters and returns a 401 Unauthenticated.

I suggest changing the line into:

    var saslbase64=new Buffer('\0' + this.user + '\0' + this.password).toString('base64');
    var args = { sasl: saslbase64 };

Which also does a base64 encoding of the parameters to make them more resilient to string processing and encoding.

codepope avatar Sep 04 '17 15:09 codepope

Thanks for catching this. I'll try to post a fix this weekend.

jbmusso avatar Nov 09 '17 15:11 jbmusso

Hi @jbmusso , we are also having the same problem and the suggested change by @codepope works :) . I'm asking politely if you are currently working on it or is this something we could help by doing the PR. Thanks

pfilion avatar Dec 13 '17 21:12 pfilion

Looks like this can be closed! Which also means #90 can be closed!

dpitera avatar Feb 12 '18 15:02 dpitera

Fix https://github.com/jbmusso/gremlin-javascript/commit/e9c45943371a788b0de5c53ac1d4d3199e4cceae merged on Dec 18, 2017

pluradj avatar Feb 12 '18 15:02 pluradj