[HotFix]: Fix base address and blob uri decoding mismatch (#10429)

Author: erdembayar

src/Catalog/Persistence/Storage.cs

@@ -180,7 +180,7 @@ public virtual Task<bool> AreSynchronized(Uri firstResourceUri, Uri secondResour
             return Task.FromResult(false);
         }
 
-        protected string GetName(Uri uri)
+        public string GetName(Uri uri)
         {
             if (uri is null)
             { 
@@ -192,22 +192,22 @@ protected string GetName(Uri uri)
                 throw new InvalidOperationException("BaseAddress must be set.");
             }
 
-            string address = Uri.UnescapeDataString(BaseAddress.GetLeftPart(UriPartial.Path));
+            // The GetLeftPart method performs encoding under the hood, which could be problematic if it contains Unicode characters.
+            // It doesn't perform double encoding; the Uri object knows if it's already encoded and skips encoding it again.
+            // Decoding the base address to remove any encoded characters.
+            string address = Uri.UnescapeDataString(BaseAddress.GetLeftPart(UriPartial.Path)); // Remove potential query or SAS from the URI
             if (!address.EndsWith("/"))
             {
                 address += "/";
             }
 
-            // This method does encoding under the hood, could be a problem if it contains Unicode characters.
-            string fullPath = uri.GetLeftPart(UriPartial.Path); // Remove potential SAS token from the URI
+            // Do the same with the above to get it decoded.
+            string fullPath = Uri.UnescapeDataString(uri.GetLeftPart(UriPartial.Path)); // Remove potential query or SAS from the URI
 
             // handle mismatched scheme (http vs https)
             int schemeLengthDifference = uri.Scheme.Length - BaseAddress.Scheme.Length;
 
-            string encodedName = fullPath.Substring(address.Length + schemeLengthDifference);
-
-            // decode back previous encoding in case of Unicode characters, otherwise it will be double encoded later
-            string name = Uri.UnescapeDataString(encodedName);
+            string name = fullPath.Substring(address.Length + schemeLengthDifference);
 
             if (name.Contains("#"))
             {

tests/CatalogTests/Persistence/StorageTests.cs

@@ -10,9 +10,25 @@ namespace CatalogTests.Persistence
 {
     public class StorageTests
     {
+        [Theory]
+        [InlineData("package.1.0.0.nupkg", "http://contoso.blob.core.windows.net/packages/package.1.0.0.nupkg")]
+        [InlineData("123.8.0.0-preview.7.23368.14.nupkg", "http://contoso.blob.core.windows.net/packages/123.8.0.0-preview.7.23368.14.nupkg")]
+        public void GetUri_ReturnsCorrectUri(string name, string expectedUri)
+        {
+            // Arrange
+            Uri baseAddress = new Uri("http://contoso.blob.core.windows.net/packages/");
+            var storage = new Mock<Storage>(baseAddress) { CallBase = true };
+
+            // Act
+            string uri = storage.Object.GetUri(name).AbsoluteUri;
+
+            // Assert
+            Assert.Equal(expectedUri, uri);
+        }
+
         [Theory]
         [InlineData("http://contoso.blob.core.windows.net/packages/package.1.0.0.nupkg", "package.1.0.0.nupkg")]
-        [InlineData("http://contoso.blob.core.windows.net/packages/another-package123.2.0.0.nupkg", "another-package123.2.0.0.nupkg")]
+        [InlineData("http://contoso.blob.core.windows.net/packages/123.8.0.0-preview.7.23368.14.nupkg", "123.8.0.0-preview.7.23368.14.nupkg")]
         public void GetName_NonUnicodeUri_ReturnsCorrectName(string uriString, string expectedName)
         {
             // Arrange
@@ -21,10 +37,10 @@ public void GetName_NonUnicodeUri_ReturnsCorrectName(string uriString, string ex
             var uri = new Uri(uriString);
 
             // Act
-            var name = storage.Object.GetUri(expectedName).ToString();
+            var name = storage.Object.GetName(uri).ToString();
 
             // Assert
-            Assert.EndsWith(expectedName, name);
+            Assert.Equal(expectedName, name);
         }
 
         [Theory]
@@ -39,10 +55,113 @@ public void GetName_UnicodeUri_ReturnsCorrectName(string uriString, string expec
             var uri = new Uri(uriString);
 
             // Act
-            var name = storage.Object.GetUri(expectedName).ToString();
+            var name = storage.Object.GetName(uri).ToString();
+
+            // Assert
+            Assert.Equal(expectedName, name);
+        }
+
+        [Theory]
+        [InlineData(
+            "https://contoso.blob.core.windows.net/v3-flatcontainer/package123/",
+            "https://contoso.blob.core.windows.net/v3-flatcontainer/package123/2.1.0/package123.nuspec",
+            "2.1.0/package123.nuspec")]
+        [InlineData(
+            "https://contoso.blob.core.windows.net/v3-flatcontainer/пакет123/",
+            "https://contoso.blob.core.windows.net/v3-flatcontainer/пакет123/2.1.0/пакет123.nuspec",
+            "2.1.0/пакет123.nuspec")]
+        [InlineData(
+            "https://contoso.blob.core.windows.net/v3-flatcontainer/%D0%BF%D0%B0%D0%BA%D0%B5%D1%82123/",
+            "https://contoso.blob.core.windows.net/v3-flatcontainer/%D0%BF%D0%B0%D0%BA%D0%B5%D1%82123/2.1.0/%D0%BF%D0%B0%D0%BA%D0%B5%D1%82123.nuspec",
+            "2.1.0/пакет123.nuspec")]
+        [InlineData(
+            "https://contoso.blob.core.windows.net/v3-flatcontainer/пакет123/",
+            "https://contoso.blob.core.windows.net/v3-flatcontainer/%D0%BF%D0%B0%D0%BA%D0%B5%D1%82123/2.1.0/%D0%BF%D0%B0%D0%BA%D0%B5%D1%82123.nuspec",
+            "2.1.0/пакет123.nuspec")]
+        [InlineData(
+            "https://contoso.blob.core.windows.net/v3-flatcontainer/%D0%BF%D0%B0%D0%BA%D0%B5%D1%82123/",
+            "https://contoso.blob.core.windows.net/v3-flatcontainer/пакет123/2.1.0/%D0%BF%D0%B0%D0%BA%D0%B5%D1%82123.nuspec",
+            "2.1.0/пакет123.nuspec")]
+        [InlineData(
+            "https://contoso.blob.core.windows.net/v3-flatcontainer/%D0%BF%D0%B0%D0%BA%D0%B5%D1%82123/",
+            "https://contoso.blob.core.windows.net/v3-flatcontainer/пакет123/2.1.0/пакет123.nuspec",
+            "2.1.0/пакет123.nuspec")]
+        [InlineData(
+            "https://contoso.blob.core.windows.net/v3-flatcontainer/пакет123/",
+            "https://contoso.blob.core.windows.net/v3-flatcontainer/%D0%BF%D0%B0%D0%BA%D0%B5%D1%82123/2.1.0/пакет123.nuspec",
+            "2.1.0/пакет123.nuspec")]
+        public void GetName_EncodedAndDecodedUnicodeUris_ReturnsCorrectName(string baseAddressString, string uriString, string expectedName)
+        {
+            // Arrange
+            Uri baseAddress = new Uri(baseAddressString);
+            var storage = new Mock<Storage>(baseAddress) { CallBase = true };
+            var uri = new Uri(uriString);
+
+            // Act
+            var name = storage.Object.GetName(uri).ToString();
+
+            // Assert
+            Assert.Equal(expectedName, name);
+        }
+
+
+        [Theory]
+        [InlineData(
+            "https://contoso.blob.core.windows.net/v3-flatcontainer/package123/",
+            "https://contoso.blob.core.windows.net/v3-flatcontainer/package123/2.1.0/package123.nuspec?sv=2019-12-12&ss=b&srt=co&sp=rlx&se=2023-01-01T00:00:00Z&st=2022-01-01T00:00:00Z&spr=https&sig=abcdef123456",
+            "2.1.0/package123.nuspec")]
+        [InlineData(
+            "https://contoso.blob.core.windows.net/v3-flatcontainer/пакет123/",
+            "https://contoso.blob.core.windows.net/v3-flatcontainer/пакет123/2.1.0/пакет123.nuspec?sv=2019-12-12&ss=b&srt=co&sp=rlx&se=2023-01-01T00:00:00Z&st=2022-01-01T00:00:00Z&spr=https&sig=abcdef123456",
+            "2.1.0/пакет123.nuspec")]
+        public void GetName_UriWithSasToken_RemovesSasTokenAndReturnsCorrectName(string baseAddressString, string uriString, string expectedName)
+        {
+            // Arrange
+            Uri baseAddress = new Uri(baseAddressString);
+            var storage = new Mock<Storage>(baseAddress) { CallBase = true };
+            var uri = new Uri(uriString);
+
+            // Act
+            var name = storage.Object.GetName(uri).ToString();
+
+            // Assert
+            Assert.Equal(expectedName, name);
+        }
+
+        [Theory]
+        [InlineData("http://contoso.blob.core.windows.net/packages/", "https://contoso.blob.core.windows.net/packages/package.1.0.0.nupkg", "package.1.0.0.nupkg")]
+        [InlineData("https://contoso.blob.core.windows.net/packages/", "http://contoso.blob.core.windows.net/packages/package.1.0.0.nupkg", "package.1.0.0.nupkg")]
+        public void GetName_DifferentSchemes_HandlesSchemeDifferenceCorrectly(string baseAddressString, string uriString, string expectedName)
+        {
+            // Arrange
+            Uri baseAddress = new Uri(baseAddressString);
+            var storage = new Mock<Storage>(baseAddress) { CallBase = true };
+            var uri = new Uri(uriString);
+
+            // Act
+            var name = storage.Object.GetName(uri).ToString();
+
+            // Assert
+            Assert.Equal(expectedName, name);
+        }
+
+        [Theory]
+        [InlineData("https://contoso.blob.core.windows.net/v3-flatcontainer/пакет.2.0.0.nupkg#/metadata/core-properties", "пакет.2.0.0.nupkg")]
+        [InlineData("https://contoso.blob.core.windows.net/v3-flatcontainer/пакет.2.0.0.nupkg#/metadata/core-properties/", "пакет.2.0.0.nupkg")]
+        [InlineData("https://contoso.blob.core.windows.net/v3-flatcontainer/package123.2.0.0.nupkg#/metadata/core-properties", "package123.2.0.0.nupkg")]
+        [InlineData("https://contoso.blob.core.windows.net/v3-flatcontainer/package123.2.0.0.nupkg#/metadata/core-properties/", "package123.2.0.0.nupkg")]
+        public void GetName_UriWithFragment_RemovesFragmentAndReturnsCorrectName(string uriString, string expectedName)
+        {
+            // Arrange
+            Uri baseAddress = new Uri("https://contoso.blob.core.windows.net/v3-flatcontainer/");
+            var storage = new Mock<Storage>(baseAddress) { CallBase = true };
+            var uri = new Uri(uriString);
+
+            // Act
+            var name = storage.Object.GetName(uri).ToString();
 
             // Assert
-            Assert.EndsWith(expectedName, name);
+            Assert.Equal(expectedName, name);
         }
     }
 }