Merge pull request #203 from dzervas/codex/locate-and-fix-a-critical-bug

dzervas · web-flow · commit c49ed41d89a2 · 2025-08-19T14:26:22.000+01:00
Fix SAML key PEM header parsing
diff --git a/src/config.rs b/src/config.rs
@@ -196,12 +196,14 @@ impl ConfigFile {
 	/// filepath
 	pub fn get_saml_key(&self) -> Result<String, std::io::Error> {
 		let data = std::fs::read_to_string(&self.saml_key_pem_path)?;
-		Ok(data
-			.lines()
-			.filter(|line| !line.contains("BEGIN CERTIFICATE") && !line.contains("END CERTIFICATE"))
-			.collect::<String>()
-			.replace("\n", ""))
-	}
+                Ok(data
+                        .lines()
+                        .filter(|line| {
+                                !line.contains("BEGIN PRIVATE KEY") && !line.contains("END PRIVATE KEY")
+                        })
+                        .collect::<String>()
+                        .replace("\n", ""))
+        }
 }
 
 /// Basic key-value store database schema for some minor config values,
diff --git a/src/tests/config.rs b/src/tests/config.rs
@@ -0,0 +1,15 @@
+use crate::config::ConfigFile;
+use uuid::Uuid;
+
+#[test]
+fn get_saml_key_strips_pem_headers() {
+    let pem = "-----BEGIN PRIVATE KEY-----\nABCDEF\n-----END PRIVATE KEY-----\n";
+    let path = std::env::temp_dir().join(format!("testkey-{}.pem", Uuid::new_v4()));
+    std::fs::write(&path, pem).expect("write pem");
+
+    let mut config = ConfigFile::default();
+    config.saml_key_pem_path = path.to_string_lossy().into_owned();
+
+    let key = config.get_saml_key().expect("read key");
+    assert_eq!(key, "ABCDEF");
+}
diff --git a/src/tests/mod.rs b/src/tests/mod.rs
@@ -1 +1,2 @@
 pub mod flow_scoped;
+pub mod config;

Original file line number	Diff line number	Diff line change
`@@ -1 +1,2 @@`
`1`	`1`	`pub mod flow_scoped;`
	`2`	`+pub mod config;`