base64::decode is too strict

[danpayne17]

Describe the bug
The base64::decode Rhai function is too strict and does not support decoding base64 strings that exclude padding characters and it does not support decoding base64 strings that were encoded using the URL-safe alphabet. Instead, we have to manually add the padding and convert all characters exclusive to URL-safe alphabet to the standard alphabet:

  let remainder = base64_encoded_str.len % 4;
  switch remainder {
    2 => base64_encoded_str += "==",
    3 => base64_encoded_str += "=",
  }

  base64_encoded_str.replace("-", "+");
  base64_encoded_str.replace("_", "/");

  base64::decode(base64_encoded_str);

We use the base64::decode function to decode JWT tokens (we can't use the router's built-in JWT decoding feature for...reasons) and these tokens always exclude padding and always use the URL-safe alphabet but they are not compatible with this decode method.

More information about base64 alphabets and padding can be found here on this related Rust page: https://docs.rs/base64/latest/base64/
And Wikipedia's section for base64 on URL applications: https://en.wikipedia.org/wiki/Base64#URL_applications

To Reproduce
Steps to reproduce the behavior:

1. Decode the following base64 string using base64::decode in a Rhai script: LSTCoXlGeBXCuMORSkHCgTzCpMKAw6jDkcOTw7t-IEDCrG7Dl8OyHn_DmTAdyZ0lw6zDksOHfwfCjA
2. Observe it throws an error

Expected behavior
It decodes the base64 encoded string without error

Router:

• Version: 1.45.1

Additional context
Add any other context about the problem here.

[Geal]

thanks for the report. The rhai base64 decoding supports multiple alphabets already, but it looks like it was not documented: #3885

[Geal]

I just looked into it, the base64 alphabet documentation was moved to the right place