diff --git a/actix-http-test/CHANGES.md b/actix-http-test/CHANGES.md index 028fe3ddc..4864943f4 100644 --- a/actix-http-test/CHANGES.md +++ b/actix-http-test/CHANGES.md @@ -2,6 +2,7 @@ ## Unreleased - 2022-xx-xx - Minimum supported Rust version (MSRV) is now 1.59. +- Upgrade `base64` dependency to `0.21`. ## 3.0.0 - 2022-07-24 diff --git a/actix-http-test/Cargo.toml b/actix-http-test/Cargo.toml index 1162c0a38..b0f6808e5 100644 --- a/actix-http-test/Cargo.toml +++ b/actix-http-test/Cargo.toml @@ -37,7 +37,7 @@ actix-rt = "2.2" actix-server = "2" awc = { version = "3", default-features = false } -base64 = "0.13" +base64 = "0.21" bytes = "1" futures-core = { version = "0.3.17", default-features = false } http = "0.2.5" diff --git a/actix-http/CHANGES.md b/actix-http/CHANGES.md index 7feec2a1a..d2ef1c703 100644 --- a/actix-http/CHANGES.md +++ b/actix-http/CHANGES.md @@ -25,6 +25,9 @@ [#2955]: https://github.com/actix/actix-web/pull/2955 [#2956]: https://github.com/actix/actix-web/pull/2956 +### Changed +- Upgrade `base64` dependency to `0.21`. + ## 3.2.2 - 2022-09-11 ### Changed diff --git a/actix-http/Cargo.toml b/actix-http/Cargo.toml index 9939089b9..f10a069c6 100644 --- a/actix-http/Cargo.toml +++ b/actix-http/Cargo.toml @@ -86,7 +86,7 @@ h2 = { version = "0.3.9", optional = true } # websockets local-channel = { version = "0.1", optional = true } -base64 = { version = "0.13", optional = true } +base64 = { version = "0.21", optional = true } rand = { version = "0.8", optional = true } sha1 = { version = "0.10", optional = true } diff --git a/actix-http/src/ws/proto.rs b/actix-http/src/ws/proto.rs index 7222168b7..02d5c3e1f 100644 --- a/actix-http/src/ws/proto.rs +++ b/actix-http/src/ws/proto.rs @@ -244,7 +244,12 @@ pub fn hash_key(key: &[u8]) -> [u8; 28] { }; let mut hash_b64 = [0; 28]; - let n = base64::encode_config_slice(hash, base64::STANDARD, &mut hash_b64); + let n = base64::Engine::encode_slice( + &base64::engine::general_purpose::STANDARD, + hash, + &mut hash_b64, + ) + .unwrap(); assert_eq!(n, 28); hash_b64 diff --git a/awc/CHANGES.md b/awc/CHANGES.md index 7892d9339..9577dc77a 100644 --- a/awc/CHANGES.md +++ b/awc/CHANGES.md @@ -3,6 +3,7 @@ ## Unreleased - 2022-xx-xx ### Changed - Minimum supported Rust version (MSRV) is now 1.59 due to transitive `time` dependency. +- Upgrade `base64` dependency to `0.21`. ## 3.0.1 - 2022-08-25 diff --git a/awc/Cargo.toml b/awc/Cargo.toml index 41be3ef83..c1ad669a9 100644 --- a/awc/Cargo.toml +++ b/awc/Cargo.toml @@ -63,7 +63,7 @@ actix-tls = { version = "3", features = ["connect", "uri"] } actix-utils = "3" ahash = "0.7" -base64 = "0.13" +base64 = "0.21" bytes = "1" cfg-if = "1" derive_more = "0.99.5" diff --git a/awc/src/builder.rs b/awc/src/builder.rs index 34a5f8505..3136ac23e 100644 --- a/awc/src/builder.rs +++ b/awc/src/builder.rs @@ -204,14 +204,11 @@ where where N: fmt::Display, { - let auth = match password { - Some(password) => format!("{}:{}", username, password), - None => format!("{}:", username), - }; - self.add_default_header(( - header::AUTHORIZATION, - format!("Basic {}", base64::encode(auth)), - )) + let auth = base64::Engine::encode( + &base64::engine::general_purpose::STANDARD, + format!("{}:{}", username, password.unwrap_or("")), + ); + self.add_default_header((header::AUTHORIZATION, format!("Basic {auth}"))) } /// Set client wide HTTP bearer authentication header diff --git a/awc/src/request.rs b/awc/src/request.rs index 331c80af7..60aaab393 100644 --- a/awc/src/request.rs +++ b/awc/src/request.rs @@ -234,12 +234,11 @@ impl ClientRequest { /// /// If no password is needed, just provide an empty string. pub fn basic_auth(self, username: impl fmt::Display, password: impl fmt::Display) -> Self { - let auth = format!("{}:{}", username, password); - - self.insert_header(( - header::AUTHORIZATION, - format!("Basic {}", base64::encode(auth)), - )) + let auth = base64::Engine::encode( + &base64::engine::general_purpose::STANDARD, + format!("{}:{}", username, password), + ); + self.insert_header((header::AUTHORIZATION, format!("Basic {auth}"))) } /// Set HTTP bearer authentication header diff --git a/awc/src/ws.rs b/awc/src/ws.rs index f905b8ef2..8a6990ea3 100644 --- a/awc/src/ws.rs +++ b/awc/src/ws.rs @@ -232,11 +232,11 @@ impl WebsocketsRequest { where U: fmt::Display, { - let auth = match password { - Some(password) => format!("{}:{}", username, password), - None => format!("{}:", username), - }; - self.header(AUTHORIZATION, format!("Basic {}", base64::encode(auth))) + let auth = base64::Engine::encode( + &base64::engine::general_purpose::STANDARD, + format!("{}:{}", username, password.unwrap_or("")), + ); + self.header(AUTHORIZATION, format!("Basic {auth}")) } /// Set HTTP bearer authentication header @@ -320,8 +320,10 @@ impl WebsocketsRequest { // Generate a random key for the `Sec-WebSocket-Key` header which is a base64-encoded // (see RFC 4648 §4) value that, when decoded, is 16 bytes in length (RFC 6455 §1.3). - let sec_key: [u8; 16] = rand::random(); - let key = base64::encode(sec_key); + let key = base64::Engine::encode( + &base64::engine::general_purpose::STANDARD, + rand::random::<[u8; 16]>(), + ); self.head.headers.insert( header::SEC_WEBSOCKET_KEY, diff --git a/awc/tests/test_client.rs b/awc/tests/test_client.rs index 0949595cb..107a6d7b9 100644 --- a/awc/tests/test_client.rs +++ b/awc/tests/test_client.rs @@ -777,13 +777,20 @@ async fn client_basic_auth() { App::new().route( "/", web::to(|req: HttpRequest| { + let auth = format!( + "Basic {}", + base64::Engine::encode( + &base64::engine::general_purpose::STANDARD, + "username:password", + ) + ); if req .headers() .get(header::AUTHORIZATION) .unwrap() .to_str() .unwrap() - == format!("Basic {}", base64::encode("username:password")) + == auth { HttpResponse::Ok() } else {