Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issues signing string on Python 3 #89

Closed
ColdHeat opened this issue Aug 7, 2017 · 6 comments
Closed

Issues signing string on Python 3 #89

ColdHeat opened this issue Aug 7, 2017 · 6 comments

Comments

@ColdHeat
Copy link

ColdHeat commented Aug 7, 2017

This code works in Python 2 but doesn't seem to work properly in Python 3. Not a particularly complex example.

Python 3.6.1 (default, Apr  4 2017, 09:40:21)
[GCC 4.2.1 Compatible Apple LLVM 8.1.0 (clang-802.0.38)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> from itsdangerous import Signer
>>> s = Signer('AAAAAAAAAAAAAAAAAAAA')
>>> s.sign('user@user.com')
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/Users/kchung/.virtualenvs/ctfd3/lib/python3.6/site-packages/itsdangerous.py", line 353, in sign
    return value + want_bytes(self.sep) + self.get_signature(value)
TypeError: must be str, not bytes
>>>
@ColdHeat ColdHeat mentioned this issue Aug 7, 2017
Closed
@ColdHeat
Copy link
Author

ColdHeat commented Sep 3, 2017

Seems like this is fixed in the repo but not on the itsdangerous version in PyPI. Any way we can get a new version or is there a workaround?

@ColdHeat
Copy link
Author

ColdHeat commented Sep 3, 2017

Seems like the TimedSerializer does not suffer from this issue so I suppose that is the workaround.

@ThiefMaster ThiefMaster mentioned this issue Nov 16, 2017
Closed
@FaiChou
Copy link

FaiChou commented Dec 6, 2017 

➜  ~ pip3 list | grep danger -i
itsdangerous (0.24)
➜  ~ pip3 install -U itsdangerous
Requirement already up-to-date: itsdangerous in /usr/local/lib/python3.6/site-packages
➜  ~

I found the log return value + want_bytes(self.sep) + self.get_signature(value) is not the current version code. My version is 0.24.
So I upgraded, pip3 install -U itsdangerous, but failed with ** already up-to-date**.

Pretty bad. Go to sleep.

@BlackVoid
Copy link

You need to make sure the string you send to the sign method is a bytes array and you get a byte-array back.

Try this:

from itsdangerous import Signer
s = Signer('AAAAAAAAAAAAAAAAAAAA')
s.sign('user@user.com'.encode()).decode()
$ python
Python 3.6.3 (default, Oct  9 2017, 12:11:29) 
[GCC 7.2.1 20170915 (Red Hat 7.2.1-2)] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from itsdangerous import Signer
>>> s = Signer('AAAAAAAAAAAAAAAAAAAA')
>>> s.sign('user@user.com'.encode()).decode()
'user@user.com.kprkCNw6tRBeyRfyikodq0JCXoA'

@RyanSquared
Copy link

@BlackVoid interestingly though, it says "must be str" rather than "must be bytes" ?

@davidism
Copy link
Member

This will be fixed in the next release.

@pallets pallets locked as resolved and limited conversation to collaborators Feb 22, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@ColdHeat @BlackVoid @davidism @RyanSquared @FaiChou