From 52b26fd0c7a0e3bc561cdcd11ffa776535f80ff5 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Thu, 20 Jun 2013 17:31:55 -0400
Subject: [PATCH] Documentation

---
 src/main/java/com/gitblit/GitBlit.java |   38 ++++++++++++++++++++++++++++++++------
 1 files changed, 32 insertions(+), 6 deletions(-)

diff --git a/src/main/java/com/gitblit/GitBlit.java b/src/main/java/com/gitblit/GitBlit.java
index ef73978..c6e24d7 100644
--- a/src/main/java/com/gitblit/GitBlit.java
+++ b/src/main/java/com/gitblit/GitBlit.java
@@ -509,7 +509,7 @@
 		if (user == null) {
 			user = UserModel.ANONYMOUS;
 		}
-		String username = UserModel.ANONYMOUS.equals(user) ? "" : user.username;
+		String username = encodeUsername(UserModel.ANONYMOUS.equals(user) ? "" : user.username);
 
 		List<RepositoryUrl> list = new ArrayList<RepositoryUrl>();
 		// http/https url
@@ -735,6 +735,7 @@
 			// can not authenticate empty username
 			return null;
 		}
+		String usernameDecoded = decodeUsername(username);
 		String pw = new String(password);
 		if (StringUtils.isEmpty(pw)) {
 			// can not authenticate empty password
@@ -743,7 +744,7 @@
 
 		// check to see if this is the federation user
 		if (canFederate()) {
-			if (username.equalsIgnoreCase(Constants.FEDERATION_USER)) {
+			if (usernameDecoded.equalsIgnoreCase(Constants.FEDERATION_USER)) {
 				List<String> tokens = getFederationTokens();
 				if (tokens.contains(pw)) {
 					// the federation user is an administrator
@@ -758,7 +759,7 @@
 		if (userService == null) {
 			return null;
 		}
-		return userService.authenticate(username, password);
+		return userService.authenticate(usernameDecoded, password);
 	}
 
 	/**
@@ -929,7 +930,10 @@
 		if (userService == null) {
 			return;
 		}
-		if (userService.supportsCookies()) {
+		GitBlitWebSession session = GitBlitWebSession.get();
+		boolean standardLogin = session.authenticationType.isStandard();
+
+		if (userService.supportsCookies() && standardLogin) {
 			Cookie userCookie;
 			if (user == null) {
 				// clear cookie for logout
@@ -964,6 +968,26 @@
 	}
 
 	/**
+	 * Encode the username for user in an url.
+	 * 
+	 * @param name
+	 * @return the encoded name
+	 */
+	protected String encodeUsername(String name) {
+		return name.replace("@", "%40").replace(" ", "%20").replace("\\", "%5C");	
+	}
+
+	/**
+	 * Decode a username from an encoded url.
+	 * 
+	 * @param name
+	 * @return the decoded name
+	 */
+	protected String decodeUsername(String name) {
+		return name.replace("%40", "@").replace("%20", " ").replace("%5C", "\\");
+	}
+	
+	/**
 	 * Returns the list of all users available to the login service.
 	 * 
 	 * @see IUserService.getAllUsernames()
@@ -996,7 +1020,8 @@
 		if (StringUtils.isEmpty(username)) {
 			return false;
 		}
-		return userService.deleteUser(username);
+		String usernameDecoded = decodeUsername(username);
+		return userService.deleteUser(usernameDecoded);
 	}
 
 	/**
@@ -1010,7 +1035,8 @@
 		if (StringUtils.isEmpty(username)) {
 			return null;
 		}
-		UserModel user = userService.getUserModel(username);		
+		String usernameDecoded = decodeUsername(username);
+		UserModel user = userService.getUserModel(usernameDecoded);		
 		return user;
 	}
 	

--
Gitblit v1.9.1