feat: UTF-8 HTTP Basic authentication (RFC-7617)

Username/password encoding in HTTP Basic authentication is broken for non-latin1 char. UTF-8 Basic authentication is allowed since RFC-7617. Previously, RFC-2616 only allowed to use ISO-8859-1 text which is basically `latin1`. CouchDB correctly encodes and decodes credentials using UTF-8: https://github.com/apache/couchdb/blob/0059b8f90e58e10b199a4b768a06a762d12a30d3/dev/pbkdf2.py#L65 aiohttp still uses `latin1` as default: https://github.com/aio-libs/aiohttp/blob/72d3d4b1f68cca5ad15ef50bffb0419b798c7f23/aiohttp/helpers.py#L139 aiocouch is made for CouchDB, and CouchDB follows RFC-7617, so I think aiocouch should follow RFC-7617 too.
metricq · May 31, 2022 · c5f2800 · c5f2800
1 parent 56167f8
commit c5f2800
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/.github/workflows/pythonpackage.yml b/.github/workflows/pythonpackage.yml
@@ -59,7 +59,7 @@ jobs:
           python -m pytest --cov-report xml --cov aiocouch
         env:
           COUCHDB_USER: admin
-          COUCHDB_PASS: password
+          COUCHDB_PASS: passwor§
       - name: Upload coverage to Codecov
         uses: codecov/codecov-action@v1
         if: ${{ matrix.python-version == '3.9' && matrix.couchdb == '3.1' }}

diff --git a/aiocouch/remote.py b/aiocouch/remote.py
@@ -74,7 +74,7 @@ def __init__(
         **kwargs: Any,
     ):
         self._server = server
-        auth = aiohttp.BasicAuth(user, password) if user and password else None
+        auth = aiohttp.BasicAuth(user, password, "utf-8") if user and password else None
         headers = {"Cookie": "AuthSession=" + cookie} if cookie else None
         self._http_session = aiohttp.ClientSession(headers=headers, auth=auth, **kwargs)
         # self._databases = {}