SecretServer init does not remove trailing slash from base_url

Question

SecretServer init does not remove trailing slash from base_url

JostLuebbe opened this issue a year ago · 2 comments

Description of the issue

When passing a base_url ending in a slash ("/"), any attempts to get secrets will result in vague errors. We traced this back to to a bug in the __init__ method of the SecretServer class. When declaring the self.api_url class attribute the value used in the f-string is the function variable base_url and NOT the intended self.base_url which has been stripped of any trailing slashes.

Expected behavior

The following code should remove the trailing slash from any string passed into the function for the variable base_url, and then use that stripped value when declaring self.api_url.

self.base_url = base_url.rstrip("/")
self.authorizer = authorizer
self.api_url = f"{base_url}/{api_path_uri.strip('/')}"

Actual behavior

The stripped self.base_url is not used when declaring self.api_url but instead the function argument base_url is used directly in the f-string. This causes the code to not strip the trailing slash from the passed base_url.

Your environment

Debian OS
Python3.11
Latest library version

Steps to reproduce

from delinea.secrets.server import AccessTokenAuthorizer
from delinea.secrets.server import SecretServer

authorizer = AccessTokenAuthorizer(os.getenv("SECRET_SERVER_TOKEN"))

secret_server = SecretServer("https://example.url.com/", authorizer) 

secret_server.get_secret(12345)  # This will fail with very vague "delinea.secrets.server.SecretServerClientError"

secret_server = SecretServer("https://example.url.com", authorizer)

secret_server.get_secret(12345) # This will work

Answer 1 · 2024-06-28T14:18:28.000Z

This will be resolved in #57

Answer 2 · 2024-07-24T14:13:55.000Z

@JostLuebbe this should be resolved now in the 1.2.3 release.