encode/django-rest-framework
1
1
Fork 0
mirror of https://github.com/encode/django-rest-framework.git synced 2025-07-28 00:49:49 +03:00
Code Issues Packages Projects Releases Wiki Activity

decode base64 credentials as utf8; adjust tests

Browse Source
This commit is contained in:
kennell 2020-02-16 18:55:54 +01:00
parent f81ca78642
commit 25819600c9
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
rest_framework/authentication.py
View File

@ -74,7 +74,7 @@ class BasicAuthentication(BaseAuthentication):
raise exceptions.AuthenticationFailed(msg) raise exceptions.AuthenticationFailed(msg)
try: try:
auth_parts = base64.b64decode(auth[1]).decode(HTTP_HEADER_ENCODING).partition(':') auth_parts = base64.b64decode(auth[1]).decode('utf-8').partition(':')
except (TypeError, UnicodeDecodeError, binascii.Error): except (TypeError, UnicodeDecodeError, binascii.Error):
msg = _('Invalid basic header. Credentials not correctly base64 encoded.') msg = _('Invalid basic header. Credentials not correctly base64 encoded.')
raise exceptions.AuthenticationFailed(msg) raise exceptions.AuthenticationFailed(msg)

6
tests/authentication/test_authentication.py
View File

@ -85,7 +85,7 @@ class BasicAuthTests(TestCase):
self.csrf_client = APIClient(enforce_csrf_checks=True) self.csrf_client = APIClient(enforce_csrf_checks=True)
self.username = 'john' self.username = 'john'
self.email = 'lennon@thebeatles.com' self.email = 'lennon@thebeatles.com'
self.password = 'password' self.password = 'pässwörd'
self.user = User.objects.create_user( self.user = User.objects.create_user(
self.username, self.email, self.password self.username, self.email, self.password
) )
@ -94,7 +94,7 @@ class BasicAuthTests(TestCase):
"""Ensure POSTing json over basic auth with correct credentials passes and does not require CSRF""" """Ensure POSTing json over basic auth with correct credentials passes and does not require CSRF"""
credentials = ('%s:%s' % (self.username, self.password)) credentials = ('%s:%s' % (self.username, self.password))
base64_credentials = base64.b64encode( base64_credentials = base64.b64encode(
credentials.encode(HTTP_HEADER_ENCODING) credentials.encode('utf-8')
).decode(HTTP_HEADER_ENCODING) ).decode(HTTP_HEADER_ENCODING)
auth = 'Basic %s' % base64_credentials auth = 'Basic %s' % base64_credentials
response = self.csrf_client.post( response = self.csrf_client.post(
@ -108,7 +108,7 @@ class BasicAuthTests(TestCase):
"""Ensure POSTing form over basic auth with correct credentials passes and does not require CSRF""" """Ensure POSTing form over basic auth with correct credentials passes and does not require CSRF"""
credentials = ('%s:%s' % (self.username, self.password)) credentials = ('%s:%s' % (self.username, self.password))
base64_credentials = base64.b64encode( base64_credentials = base64.b64encode(
credentials.encode(HTTP_HEADER_ENCODING) credentials.encode('utf-8')
).decode(HTTP_HEADER_ENCODING) ).decode(HTTP_HEADER_ENCODING)
auth = 'Basic %s' % base64_credentials auth = 'Basic %s' % base64_credentials
response = self.csrf_client.post( response = self.csrf_client.post(