pass JSON real claims without trailing zeros; use 8 digits precision

complete util/appinfo.c test coverage

Signed-off-by: Hans Zandbelt <[email protected]>

Author: zandbelt

ChangeLog

@@ -1,3 +1,7 @@
+08/31/2025
+- pass JSON real claims without trailing zeros, use 8 digits precision instead of 6
+- test: complete util/appinfo.c coverage
+
 08/27/2025
 - improve Redis (and Metrics) performance on process MPMs by using
   apr_thread_mutex_t (instead of apr_proc_mutex_t) for locking; see #1340

src/util/appinfo.c

@@ -111,13 +111,15 @@ void oidc_util_appinfo_set(request_rec *r, const char *s_key, const char *s_valu
 	}
 }
 
+#define OIDC_JSON_MAX_INT_STR_LEN 64
+
 /*
  * set the user/claims information from the session in HTTP headers passed on to the application
  */
 void oidc_util_appinfo_set_all(request_rec *r, json_t *j_attrs, const char *claim_prefix, const char *claim_delimiter,
 			       oidc_appinfo_pass_in_t pass_in, oidc_appinfo_encoding_t encoding) {
 
-	char s_int[255];
+	char s_int[OIDC_JSON_MAX_INT_STR_LEN];
 	json_t *j_value = NULL;
 	const char *s_key = NULL;
 
@@ -150,18 +152,16 @@ void oidc_util_appinfo_set_all(request_rec *r, json_t *j_attrs, const char *clai
 
 		} else if (json_is_integer(j_value)) {
 
-			if (snprintf(s_int, 255, "%ld", (long)json_integer_value(j_value)) > 0) {
+			if (snprintf(s_int, OIDC_JSON_MAX_INT_STR_LEN, "%ld", (long)json_integer_value(j_value)) > 0) {
 				/* set long value in the application header whose name is based on the key and the
 				 * prefix */
 				oidc_util_appinfo_set(r, s_key, s_int, claim_prefix, pass_in, encoding);
-			} else {
-				oidc_warn(r, "could not convert JSON number to string (> 255 characters?), skipping");
 			}
 
 		} else if (json_is_real(j_value)) {
 
 			/* set float value in the application header whose name is based on the key and the prefix */
-			oidc_util_appinfo_set(r, s_key, apr_psprintf(r->pool, "%lf", json_real_value(j_value)),
+			oidc_util_appinfo_set(r, s_key, apr_psprintf(r->pool, "%.8g", json_real_value(j_value)),
 					      claim_prefix, pass_in, encoding);
 
 		} else if (json_is_object(j_value)) {

test/test.c

@@ -1736,41 +1736,6 @@ static char *test_open_redirect(request_rec *r) {
 	return 0;
 }
 
-static char *test_set_app_infos(request_rec *r) {
-	apr_byte_t rc = FALSE;
-	json_t *claims = NULL;
-
-	rc = oidc_util_json_decode_object(r,
-					  "{"
-					  "\"simple\":\"hans\","
-					  "\"name\": \"GÜnther\","
-					  "\"dagger\": \"D†gger\""
-					  "}",
-					  &claims);
-	TST_ASSERT("valid JSON", rc == TRUE);
-
-	oidc_util_appinfo_set_all(r, claims, "OIDC_CLAIM_", ",", OIDC_APPINFO_PASS_HEADERS, OIDC_APPINFO_ENCODING_NONE);
-	TST_ASSERT_STR("header plain simple", apr_table_get(r->headers_in, "OIDC_CLAIM_simple"), "hans");
-	TST_ASSERT_STR("header plain name", apr_table_get(r->headers_in, "OIDC_CLAIM_name"), "G\u00DCnther");
-	TST_ASSERT_STR("header plain dagger", apr_table_get(r->headers_in, "OIDC_CLAIM_dagger"), "D\u2020gger");
-
-	oidc_util_appinfo_set_all(r, claims, "OIDC_CLAIM_", ",", OIDC_APPINFO_PASS_HEADERS,
-				  OIDC_APPINFO_ENCODING_BASE64URL);
-	TST_ASSERT_STR("header base64url simple", apr_table_get(r->headers_in, "OIDC_CLAIM_simple"), "aGFucw");
-	TST_ASSERT_STR("header base64url name", apr_table_get(r->headers_in, "OIDC_CLAIM_name"), "R8OcbnRoZXI");
-	TST_ASSERT_STR("header base64url dagger", apr_table_get(r->headers_in, "OIDC_CLAIM_dagger"), "ROKAoGdnZXI");
-
-	oidc_util_appinfo_set_all(r, claims, "OIDC_CLAIM_", ",", OIDC_APPINFO_PASS_HEADERS,
-				  OIDC_APPINFO_ENCODING_LATIN1);
-	TST_ASSERT_STR("header latin1 simple", apr_table_get(r->headers_in, "OIDC_CLAIM_simple"), "hans");
-	TST_ASSERT_STR("header latin1 name", apr_table_get(r->headers_in, "OIDC_CLAIM_name"), "G\xDCnther");
-	TST_ASSERT_STR("header latin1 dagger", apr_table_get(r->headers_in, "OIDC_CLAIM_dagger"), "D?gger");
-
-	json_decref(claims);
-
-	return 0;
-}
-
 static char *test_check_cookie_domain(request_rec *r) {
 	apr_byte_t rv = FALSE;
 	oidc_cfg_t *c = ap_get_module_config(r->server->module_config, &auth_openidc_module);
@@ -1838,7 +1803,6 @@ static char *all_tests(apr_pool_t *pool, request_rec *r) {
 	TST_RUN(test_remote_user, r);
 	TST_RUN(test_is_auth_capable_request, r);
 	TST_RUN(test_open_redirect, r);
-	TST_RUN(test_set_app_infos, r);
 
 #if HAVE_APACHE_24
 	TST_RUN(test_authz_worker, r);

test/test_util.c

@@ -87,6 +87,72 @@ START_TEST(test_util_base64url_decode) {
 }
 END_TEST
 
+START_TEST(test_util_appinfo_set) {
+	apr_byte_t rc = FALSE;
+	json_t *claims = NULL;
+	request_rec *r = oidc_test_request_get();
+
+	rc = oidc_util_json_decode_object(r,
+					  "{"
+					  "\"simple\":\"hans\","
+					  "\"name\": \"GÜnther\","
+					  "\"dagger\": \"D†gÿger\","
+					  "\"anarr\" : [ false, \"hans\", \"piet\", true, {} ],"
+					  "\"names\" : [ \"hans\", \"piet\" ],"
+					  "\"abool\": true,"
+					  "\"anint\": 5,"
+					  "\"lint\": 111111111111111,"
+					  "\"areal\": 1.5,"
+					  "\"anobj\" : { \"hans\": \"piet\", \"abool\": false },"
+					  "\"anull\": null"
+					  "}",
+					  &claims);
+	ck_assert_int_eq(rc, TRUE);
+
+	oidc_util_appinfo_set_all(r, NULL, "OIDC_CLAIM_", ",", OIDC_APPINFO_PASS_HEADERS, OIDC_APPINFO_ENCODING_NONE);
+
+	oidc_util_appinfo_set_all(r, claims, "OIDC_CLAIM_", ",", OIDC_APPINFO_PASS_HEADERS, OIDC_APPINFO_ENCODING_NONE);
+	ck_assert_str_eq(apr_table_get(r->headers_in, "OIDC_CLAIM_simple"), "hans");
+	ck_assert_str_eq(apr_table_get(r->headers_in, "OIDC_CLAIM_name"), "G\u00DCnther");
+	ck_assert_str_eq(apr_table_get(r->headers_in, "OIDC_CLAIM_dagger"), "D\u2020gÿger");
+	ck_assert_str_eq(apr_table_get(r->headers_in, "OIDC_CLAIM_anarr"), "0,hans,piet,1");
+	ck_assert_str_eq(apr_table_get(r->headers_in, "OIDC_CLAIM_names"), "hans,piet");
+	ck_assert_str_eq(apr_table_get(r->headers_in, "OIDC_CLAIM_abool"), "1");
+	ck_assert_str_eq(apr_table_get(r->headers_in, "OIDC_CLAIM_anint"), "5");
+	ck_assert_str_eq(apr_table_get(r->headers_in, "OIDC_CLAIM_lint"), "111111111111111");
+	ck_assert_str_eq(apr_table_get(r->headers_in, "OIDC_CLAIM_areal"), "1.5");
+	ck_assert_str_eq(apr_table_get(r->headers_in, "OIDC_CLAIM_anobj"), "{\"hans\":\"piet\",\"abool\":false}");
+
+	ck_assert_ptr_null(apr_table_get(r->headers_in, "OIDC_CLAIM_anull"));
+	ck_assert_ptr_null(apr_table_get(r->subprocess_env, "OIDC_CLAIM_names"));
+
+	oidc_util_appinfo_set_all(r, claims, "MYPREFIX_", "#", OIDC_APPINFO_PASS_HEADERS | OIDC_APPINFO_PASS_ENVVARS,
+				  OIDC_APPINFO_ENCODING_NONE);
+	ck_assert_str_eq(apr_table_get(r->headers_in, "MYPREFIX_simple"), "hans");
+	ck_assert_str_eq(apr_table_get(r->headers_in, "MYPREFIX_name"), "G\u00DCnther");
+	ck_assert_str_eq(apr_table_get(r->headers_in, "MYPREFIX_dagger"), "D\u2020gÿger");
+	ck_assert_str_eq(apr_table_get(r->headers_in, "MYPREFIX_anarr"), "0#hans#piet#1");
+
+	ck_assert_ptr_null(apr_table_get(r->subprocess_env, "OIDC_CLAIM_names"));
+	ck_assert_str_eq(apr_table_get(r->subprocess_env, "MYPREFIX_anarr"), "0#hans#piet#1");
+
+	oidc_util_appinfo_set_all(r, claims, "OIDC_CLAIM_", ",", OIDC_APPINFO_PASS_HEADERS,
+				  OIDC_APPINFO_ENCODING_BASE64URL);
+	ck_assert_str_eq(apr_table_get(r->headers_in, "OIDC_CLAIM_simple"), "aGFucw");
+	ck_assert_str_eq(apr_table_get(r->headers_in, "OIDC_CLAIM_name"), "R8OcbnRoZXI");
+	ck_assert_str_eq(apr_table_get(r->headers_in, "OIDC_CLAIM_dagger"), "ROKAoGfDv2dlcg");
+	ck_assert_str_eq(apr_table_get(r->headers_in, "OIDC_CLAIM_anarr"), "MCxoYW5zLHBpZXQsMQ");
+
+	oidc_util_appinfo_set_all(r, claims, "OIDC_CLAIM_", ",", OIDC_APPINFO_PASS_HEADERS,
+				  OIDC_APPINFO_ENCODING_LATIN1);
+	ck_assert_str_eq(apr_table_get(r->headers_in, "OIDC_CLAIM_simple"), "hans");
+	ck_assert_str_eq(apr_table_get(r->headers_in, "OIDC_CLAIM_name"), "G\xDCnther");
+	ck_assert_str_eq(apr_table_get(r->headers_in, "OIDC_CLAIM_dagger"), "D?g\xFFger");
+
+	json_decref(claims);
+}
+END_TEST
+
 int main(void) {
 	TCase *core = tcase_create("base64");
 	tcase_add_checked_fixture(core, oidc_test_setup, oidc_test_teardown);
@@ -95,7 +161,9 @@ int main(void) {
 	tcase_add_test(core, test_util_base64_decode);
 	tcase_add_test(core, test_util_base64url_decode);
 
-	Suite *s = suite_create("metadata");
+	tcase_add_test(core, test_util_appinfo_set);
+
+	Suite *s = suite_create("util");
 	suite_add_tcase(s, core);
 
 	return oidc_test_suite_run(s);