Forward-port fix for unicode 'max_age' from 1.0 branch.

Tres Seaver

2010-11-12 15e3652ed04ec206d12c093db83919bc560ef474

Forward-port fix for unicode 'max_age' from 1.0 branch.

 CHANGES.txt

@@ -4,6 +4,9 @@
After 2.0a3 (unreleased)
------------------------

- Avoid propagating unicode 'max_age' value into cookie headers.  See
  https://bugs.launchpad.net/bugs/674123 .

- Added a single-file example BFG application demonstrating the use of
  the new 'login' and 'logout' methods of the API object.


 repoze/who/plugins/auth_tkt.py

@@ -163,7 +163,8 @@

    def _get_cookies(self, environ, value, max_age=None):
        if max_age is not None:
            later = _now() + datetime.timedelta(seconds=int(max_age))
            max_age = int(max_age)
            later = _now() + datetime.timedelta(seconds=max_age)
            # Wdy, DD-Mon-YY HH:MM:SS GMT
            expires = later.strftime('%a, %d %b %Y %H:%M:%S')
            # the Expires header is *required* at least for IE7 (IE7 does

 repoze/who/plugins/tests/test_authtkt.py

@@ -447,6 +447,38 @@
            userid_checker='repoze.who.plugins.auth_tkt:make_plugin')
        self.assertEqual(plugin.userid_checker, make_plugin)

    def test_remember_max_age_unicode(self):
        plugin = self._makeOne('secret')
        environ = {'HTTP_HOST':'example.com'}
        
        tkt = self._makeTicket(userid='chris', userdata='')
        result = plugin.remember(environ, {'repoze.who.userid': 'chris',
                                           'max_age': u'500'})
        
        name,value = result.pop(0)
        self.assertEqual('Set-Cookie', name)
        self.failUnless(isinstance(value, str))
        self.failUnless(
            value.startswith('auth_tkt="%s"; Path=/; Max-Age=500' % tkt),
            (value, tkt))
        self.failUnless('; Expires=' in value)
        
        name,value = result.pop(0)
        self.assertEqual('Set-Cookie', name)
        self.failUnless(
            value.startswith(
            'auth_tkt="%s"; Path=/; Domain=example.com; Max-Age=500'
            % tkt), value)
        self.failUnless('; Expires=' in value)

        name,value = result.pop(0)
        self.assertEqual('Set-Cookie', name)
        self.failUnless(
            value.startswith(
            'auth_tkt="%s"; Path=/; Domain=.example.com; Max-Age=500' % tkt),
            value)
        self.failUnless('; Expires=' in value)


def dummy_userid_checker(userid):
    return userid == 'existing'