Ensure that identity dict contains decoded values.

Tres Seaver

2012-03-18 330d9573ecb2430127fa67d0f5f8602b6f30869f

Ensure that identity dict contains decoded values.

 repoze/who/plugins/basicauth.py

@@ -7,6 +7,7 @@
from repoze.who.interfaces import IChallenger
from repoze.who._compat import AUTHORIZATION
from repoze.who._compat import decodebytes
from repoze.who._compat import must_decode

@implementer(IIdentifier, IChallenger)
class BasicAuthPlugin(object):
@@ -24,7 +25,7 @@
            authmeth, auth = authorization.split(b' ', 1)
        except ValueError: # not enough values to unpack
            return None
        if authmeth.lower() == 'basic':
        if authmeth.lower() == b'basic':
            try:
                auth = auth.strip()
                auth = decodebytes(auth)
@@ -34,7 +35,8 @@
                login, password = auth.split(b':', 1)
            except ValueError: # not enough values to unpack
                return None
            auth = {'login': login, 'password': password}
            auth = {'login': must_decode(login),
                    'password': must_decode(password)}
            return auth

        return None

 repoze/who/plugins/tests/test_basicauth.py

@@ -72,6 +72,28 @@
        creds = plugin.identify(environ)
        self.assertEqual(creds, {'login':'foo', 'password':'bar'})

    def test_identify_basic_ok_utf8_values(self):
        from repoze.who._compat import encodebytes
        LOGIN = b'b\xc3\xa2tard'
        PASSWD = b'l\xc3\xa0 demain'
        plugin = self._makeOne('realm')
        value = encodebytes(b':'.join((LOGIN, PASSWD))).decode('ascii')
        environ = self._makeEnviron({'HTTP_AUTHORIZATION':'Basic %s' % value})
        creds = plugin.identify(environ)
        self.assertEqual(creds, {'login': LOGIN.decode('utf-8'),
                                 'password': PASSWD.decode('utf-8')})

    def test_identify_basic_ok_latin1_values(self):
        from repoze.who._compat import encodebytes
        LOGIN = b'b\xe2tard'
        PASSWD = b'l\xe0 demain'
        plugin = self._makeOne('realm')
        value = encodebytes(b':'.join((LOGIN, PASSWD))).decode('ascii')
        environ = self._makeEnviron({'HTTP_AUTHORIZATION':'Basic %s' % value})
        creds = plugin.identify(environ)
        self.assertEqual(creds, {'login': LOGIN.decode('latin1'),
                                 'password': PASSWD.decode('latin1')})

    def test_remember(self):
        plugin = self._makeOne('realm')
        creds = {}