python3: encoding variations in auth_fc.models
This commit is contained in:
parent
8d8e5d0984
commit
13e18e5370
|
@ -20,6 +20,8 @@ import hmac
|
|||
import hashlib
|
||||
|
||||
from django.db import models
|
||||
from django.utils.encoding import force_bytes
|
||||
from django.utils.encoding import force_text
|
||||
from django.utils.six.moves.urllib import parse as urlparse
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
from django.utils.timezone import now
|
||||
|
@ -33,7 +35,7 @@ from . import app_settings
|
|||
def base64url_decode(encoded):
|
||||
rem = len(encoded) % 4
|
||||
if rem > 0:
|
||||
encoded += b'=' * (4 - rem)
|
||||
encoded += '=' * (4 - rem)
|
||||
return base64.urlsafe_b64decode(encoded)
|
||||
|
||||
|
||||
|
@ -51,12 +53,14 @@ def parse_id_token(id_token, client_id=None, client_secret=None):
|
|||
return None, 'invalid signature'
|
||||
signed = '%s.%s' % (header, payload)
|
||||
if client_secret is not None:
|
||||
h = hmac.HMAC(key=client_secret, msg=signed, digestmod=hashlib.sha256)
|
||||
h = hmac.HMAC(
|
||||
key=client_secret, msg=force_bytes(signed),
|
||||
digestmod=hashlib.sha256)
|
||||
if h.digest() != signature:
|
||||
return None, 'hmac signature does not match'
|
||||
payload = base64url_decode(str(payload))
|
||||
try:
|
||||
payload = json.loads(payload)
|
||||
payload = json.loads(force_text(payload))
|
||||
except ValueError:
|
||||
return None, 'invalid payload'
|
||||
if client_id and ('aud' not in payload or payload['aud'] != client_id):
|
||||
|
|
Loading…
Reference in New Issue