Bug 413920

Summary: can not login
Product: [Applications] drkonqi Reporter: Martin Koller <martin>
Component: generalAssignee: Unassigned bugs <unassigned-bugs-null>
Status: RESOLVED FIXED    
Severity: normal CC: sitter
Priority: NOR    
Version First Reported In: unspecified   
Target Milestone: ---   
Platform: Other   
OS: Linux   
Latest Commit: https://commits.kde.org/drkonqi/4e29b8a75635a2084d1cda0f1c9e8721cb8137c8 Version Fixed In: 5.17.3
Sentry Crash Report:

Description Martin Koller 2019-11-07 17:31:01 UTC 
SUMMARY
When trying to report a bug, I can no longer login.
I always get /[300] The login or password you entered is incorrect ...
Altough I can login with the same user/password with e.g. firefox (as you see I can report this bug here).
I retyped the password already manually - in drkonqi and in the browser just to make sure both use the same.


SOFTWARE/OS VERSIONS
Operating System: openSUSE Tumbleweed 20191104
KDE Plasma Version: 5.17.2
KDE Frameworks Version: 5.63.0
Qt Version: 5.13.1
Kernel Version: 5.3.7-1-default
OS Type: 64-bit
Processors: 4 × Intel® Core™ i5-6300U CPU @ 2.40GHz
Memory: 15,5 GiB
Comment 1 Harald Sitter 2019-11-08 10:06:28 UTC 
If you use kwalletmanager to inspect the content of kwallet and search for drkonqi_bugzilla, do those values 100% match the expected data?
If that is the case: you can double click the drkonqi_bugzilla entry and rename it to something like drkonqi_bugzilla.bak. The next time you have to login you'll
be asked to actually enter the data from scratch. Does that fix it? Do you see a difference in the drkonqi_bugzilla and drkonqi_bugzilla.bak entry after that?

There's not much (=anything I can think of) that can go wrong with this, other than incorrect credentials.
Comment 2 Martin Koller 2019-11-08 10:29:45 UTC 
Yes, the data is correct.
I even did explicitely a copy/paste from kwalletmanager into firefox
to test if the data is correct. With firefox I could login, with drkonqi not.
Comment 3 Harald Sitter 2019-11-08 11:06:04 UTC 
Did you rename the entry in kwalletmanager and do a new login via drkonqi though?
Comment 4 Martin Koller 2019-11-08 11:25:02 UTC 
I did, yes, as you suggested.
Comment 5 Harald Sitter 2019-11-08 11:31:39 UTC 
Hm, perhaps the URI builder is actually broken.

Try changing you password on bugzilla to something with only ascii characters and see if that makes login work.
Comment 6 Martin Koller 2019-11-08 11:41:58 UTC 
In fact my password already only contains ASCII chars.
I'll play with it ... AHA ... you nailed it!
My old password contained a + char. Changing this solved the issue.
As you said, there's a bug
Comment 7 Harald Sitter 2019-11-08 11:47:42 UTC 
That makes sense. + is handled a bit weirdly by QUrl. I can confirm it not working.
Comment 8 Harald Sitter 2019-11-08 12:16:04 UTC 
Git commit 4e29b8a75635a2084d1cda0f1c9e8721cb8137c8 by Harald Sitter.
Committed on 08/11/2019 at 12:15.
Pushed by sitter into branch 'Plasma/5.17'.

force-encode passwords on login

QUrlQuery doesn't encode + by default while bugzilla wants it to be.
This prevented passwords that include a plus from working.
Simply force-encode the password string to be fully encoded.

I've confirmed this working with passwords entailing spaces, plus, and
percent characters, all at the same time.
FIXED-IN: 5.17.3

M  +17   -0    src/bugzillaintegration/libbugzilla/autotests/bugzillatest.cpp
M  +3    -1    src/bugzillaintegration/libbugzilla/bugzilla.cpp

https://commits.kde.org/drkonqi/4e29b8a75635a2084d1cda0f1c9e8721cb8137c8
Comment 9 Harald Sitter 2019-11-11 13:11:37 UTC 
Git commit 885a58205ba05af1e04b3a720b0eaf26f18d07ce by Harald Sitter.
Committed on 11/11/2019 at 13:06.
Pushed by sitter into branch 'Plasma/5.17'.

force encoding on all queries

this applies 4e29b8a75635a2084d1cda0f1c9e8721cb8137c8 to everything

I've since gotten an account with +foobar@gmail.com suffix and confirmed
it too needs encoding to properly log in as well.
So does a product with the name 'foo+bar'. I've deduced that bugzilla's
query handling simply always assumes full encoding WRT the plus character
and so we'll force full encoding through the HTTPConnection to always
use full encoding (i.e. including the plus character)

M  +1    -3    src/bugzillaintegration/libbugzilla/bugzilla.cpp
M  +11   -1    src/bugzillaintegration/libbugzilla/connection.cpp

https://commits.kde.org/drkonqi/885a58205ba05af1e04b3a720b0eaf26f18d07ce