decode base64 credentials as utf8; adjust tests

This commit is contained in:
kennell 2020-02-16 18:55:54 +01:00
parent f81ca78642
commit 25819600c9
2 changed files with 4 additions and 4 deletions

View File

@ -74,7 +74,7 @@ class BasicAuthentication(BaseAuthentication):
raise exceptions.AuthenticationFailed(msg) raise exceptions.AuthenticationFailed(msg)
try: try:
auth_parts = base64.b64decode(auth[1]).decode(HTTP_HEADER_ENCODING).partition(':') auth_parts = base64.b64decode(auth[1]).decode('utf-8').partition(':')
except (TypeError, UnicodeDecodeError, binascii.Error): except (TypeError, UnicodeDecodeError, binascii.Error):
msg = _('Invalid basic header. Credentials not correctly base64 encoded.') msg = _('Invalid basic header. Credentials not correctly base64 encoded.')
raise exceptions.AuthenticationFailed(msg) raise exceptions.AuthenticationFailed(msg)

View File

@ -85,7 +85,7 @@ class BasicAuthTests(TestCase):
self.csrf_client = APIClient(enforce_csrf_checks=True) self.csrf_client = APIClient(enforce_csrf_checks=True)
self.username = 'john' self.username = 'john'
self.email = 'lennon@thebeatles.com' self.email = 'lennon@thebeatles.com'
self.password = 'password' self.password = 'pässwörd'
self.user = User.objects.create_user( self.user = User.objects.create_user(
self.username, self.email, self.password self.username, self.email, self.password
) )
@ -94,7 +94,7 @@ class BasicAuthTests(TestCase):
"""Ensure POSTing json over basic auth with correct credentials passes and does not require CSRF""" """Ensure POSTing json over basic auth with correct credentials passes and does not require CSRF"""
credentials = ('%s:%s' % (self.username, self.password)) credentials = ('%s:%s' % (self.username, self.password))
base64_credentials = base64.b64encode( base64_credentials = base64.b64encode(
credentials.encode(HTTP_HEADER_ENCODING) credentials.encode('utf-8')
).decode(HTTP_HEADER_ENCODING) ).decode(HTTP_HEADER_ENCODING)
auth = 'Basic %s' % base64_credentials auth = 'Basic %s' % base64_credentials
response = self.csrf_client.post( response = self.csrf_client.post(
@ -108,7 +108,7 @@ class BasicAuthTests(TestCase):
"""Ensure POSTing form over basic auth with correct credentials passes and does not require CSRF""" """Ensure POSTing form over basic auth with correct credentials passes and does not require CSRF"""
credentials = ('%s:%s' % (self.username, self.password)) credentials = ('%s:%s' % (self.username, self.password))
base64_credentials = base64.b64encode( base64_credentials = base64.b64encode(
credentials.encode(HTTP_HEADER_ENCODING) credentials.encode('utf-8')
).decode(HTTP_HEADER_ENCODING) ).decode(HTTP_HEADER_ENCODING)
auth = 'Basic %s' % base64_credentials auth = 'Basic %s' % base64_credentials
response = self.csrf_client.post( response = self.csrf_client.post(