Skip to content

fix(wecom): accept urlsafe unpadded inbound aeskey#11899

Open
LeonSGP43 wants to merge 1 commit into
NousResearch:mainfrom
LeonSGP43:fix/wecom-urlsafe-aeskey-11890
Open

fix(wecom): accept urlsafe unpadded inbound aeskey#11899
LeonSGP43 wants to merge 1 commit into
NousResearch:mainfrom
LeonSGP43:fix/wecom-urlsafe-aeskey-11890

Conversation

@LeonSGP43

@LeonSGP43 LeonSGP43 commented Apr 18, 2026

Copy link
Copy Markdown
Contributor

Summary

  • normalize WeCom inbound aeskey values before decrypting downloaded attachments
  • accept urlsafe base64 and restore missing padding before decoding
  • add regression coverage for unpadded urlsafe keys and cached inbound media decryption

Fixes #11890

Testing

  • python3 -m pytest -o addopts='' tests/gateway/test_wecom.py -k 'decrypt_file_bytes_accepts_unpadded_urlsafe_aes_key or cache_media_decrypts_url_payload_before_writing or decrypt_file_bytes_round_trip'
  • python3 -m pytest -o addopts='' tests/gateway/test_wecom.py

This was referenced Apr 23, 2026
Open
Open
Open
@alt-glitch alt-glitch added type/bug Something isn't working P2 Medium — degraded but workaround exists comp/gateway Gateway runner, session dispatch, delivery platform/wecom WeCom / WeChat Work adapter labels Apr 24, 2026
This was referenced Apr 27, 2026
Open
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

comp/gateway Gateway runner, session dispatch, delivery P2 Medium — degraded but workaround exists platform/wecom WeCom / WeChat Work adapter type/bug Something isn't working

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

WeCom inbound file decryption fails for urlsafe unpadded aeskey values

2 participants

@LeonSGP43 @alt-glitch