[PATCH 4 of 6 signedrequest] [py3, test] Encode strings for hmac.new()

Denis Laxalde denis.laxalde at logilab.fr
Fri Jun 1 12:28:35 CEST 2018


# HG changeset patch
# User Denis Laxalde <denis.laxalde at logilab.fr>
# Date 1527844171 -7200
#      Fri Jun 01 11:09:31 2018 +0200
# Node ID 84943f333ac07e2b2b6942c57fba6514d517352e
# Parent  fa3efbc6afa22bda3b61525360e5ffb545dbb3a7
# Available At http://hg.logilab.org/review/cubes/signedrequest
#              hg pull http://hg.logilab.org/review/cubes/signedrequest -r 84943f333ac0
# EXP-Topic py3
[py3,test] Encode strings for hmac.new()

In _build_string_to_sign(), we return an encoded string. In
_build_signature, we encode the token value extract from the result set.

diff --git a/test/__init__.py b/test/__init__.py
--- a/test/__init__.py
+++ b/test/__init__.py
@@ -65,7 +65,8 @@ class SignedRequestBaseTC(object):
             rset = cnx.execute('Any K WHERE T id %(id)s, T token K',
                                {'id': id})
             assert rset
-            return hmac.new(str(rset[0][0]), string_to_sign).hexdigest()
+            return hmac.new(rset[0][0].encode('utf-8'),
+                            string_to_sign).hexdigest()
 
     def _test_header_format(self, method, login, http_method='GET',
                             signature=None, headers=None,
@@ -98,7 +99,7 @@ class SignedRequestBaseTC(object):
             self._assert_auth_failed(req, result)
 
     def test_bad_http_auth_method(self):
-        signature = self._build_signature('admin', '')
+        signature = self._build_signature('admin', b'')
         result, req = self._test_header_format(
             method='AWS', login='admin', signature=signature)
         self._assert_auth_failed(req, result)
@@ -159,7 +160,7 @@ class SignedRequestBaseTC(object):
                 'Content-Disposition: form-data; name="filename"; '
                 'filename="filename"\r\n'
                 'Content-Type: application/octet-stream\r\n\r\nabc\r\n'
-                '--a71da6eca73a45459439dd288f8185a4--\r\n')
+                '--a71da6eca73a45459439dd288f8185a4--\r\n').encode('utf-8')
         result, req = self._test_header_format(method='Cubicweb',
                                                login='admin',
                                                content=body,
diff --git a/test/test_pyramid.py b/test/test_pyramid.py
--- a/test/test_pyramid.py
+++ b/test/test_pyramid.py
@@ -43,7 +43,7 @@ class PyramidSignedRequestTC(SignedReque
     def _build_string_to_sign(self, request):
         get_headers = itemgetter(*HEADERS_TO_SIGN)
         return (request.method + request.url +
-                ''.join(get_headers(request.headers)))
+                ''.join(get_headers(request.headers))).encode('utf-8')
 
     def _test_header_format(self, method, login, http_method='GET',
                             signature=None, headers=None,
diff --git a/test/unittest_authenticate.py b/test/unittest_authenticate.py
--- a/test/unittest_authenticate.py
+++ b/test/unittest_authenticate.py
@@ -39,7 +39,7 @@ class SignedRequestTC(SignedRequestBaseT
     def _build_string_to_sign(self, request):
         return (request.http_method() + request.url() +
                 ''.join(request.get_header(header)
-                        for header in HEADERS_TO_SIGN))
+                        for header in HEADERS_TO_SIGN)).encode('utf-8')
 
     def _test_header_format(self, method, login, http_method='GET',
                             signature=None, headers=None,


More information about the cubicweb-devel mailing list