send bytes to josepy, fixes #189 (#190)

* send bytes to josepy, fixes #189 * use force_bytes instead * use smart_bytes instead
mozilla · Oct 25, 2017 · 7d16d5a · 7d16d5a
1 parent c6d8537
commit 7d16d5a
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 7 deletions.
diff --git a/mozilla_django_oidc/auth.py b/mozilla_django_oidc/auth.py
@@ -4,7 +4,7 @@
 import logging
 import requests
 
-from django.utils.encoding import smart_bytes, smart_text
+from django.utils.encoding import force_bytes, smart_text, smart_bytes
 from django.contrib.auth import get_user_model
 from django.contrib.auth.backends import ModelBackend
 from django.core.exceptions import SuspiciousOperation, ImproperlyConfigured
@@ -32,7 +32,7 @@ def default_username_algo(email):
     # this protects against data leakage because usernames are often
     # treated as public identifiers (so we can't use the email address).
     username = base64.urlsafe_b64encode(
-        hashlib.sha1(smart_bytes(email)).digest()
+        hashlib.sha1(force_bytes(email)).digest()
     ).rstrip(b'=')
 
     return smart_text(username)
@@ -110,8 +110,9 @@ def verify_token(self, token, **kwargs):
 
         # Verify the token
         verified_token = self._verify_jws(
-            token,
-            key,
+            force_bytes(token),
+            # Use smart_bytes here since the key string comes from settings.
+            smart_bytes(key),
         )
         # The 'verified_token' will always be a byte string since it's
         # the result of base64.urlsafe_b64decode().

diff --git a/tests/test_auth.py b/tests/test_auth.py
@@ -6,6 +6,7 @@
 from django.core.exceptions import SuspiciousOperation
 from django.test import RequestFactory, TestCase, override_settings
 from django.utils import six
+from django.utils.encoding import force_bytes
 
 from mozilla_django_oidc.auth import (
     default_username_algo,
@@ -255,7 +256,7 @@ def test_jwt_decode_params(self, request_mock, jws_mock):
         request_mock.post.return_value = post_json_mock
         self.backend.authenticate(request=auth_request)
         calls = [
-            call('token', 'client_secret')
+            call(force_bytes('token'), force_bytes('client_secret'))
         ]
         jws_mock.assert_has_calls(calls)
 
@@ -285,9 +286,8 @@ def test_jwt_decode_params_verify_false(self, request_mock, jws_mock):
         }
         request_mock.post.return_value = post_json_mock
         calls = [
-            call('token', 'client_secret')
+            call(force_bytes('token'), force_bytes('client_secret'))
         ]
-
         self.backend.authenticate(request=auth_request)
         jws_mock.assert_has_calls(calls)