From c0341da115286b313ce4fd81b878ea1d305cdd70 Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
Date: Fri, 10 May 2019 09:53:41 +0200
Subject: [PATCH] backends: force decoding of principal (#31750)

---
 src/authentic2_auth_kerberos/backends.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/authentic2_auth_kerberos/backends.py b/src/authentic2_auth_kerberos/backends.py
index 2519199..9f94725 100644
--- a/src/authentic2_auth_kerberos/backends.py
+++ b/src/authentic2_auth_kerberos/backends.py
@@ -6,7 +6,7 @@ except ImportError:
     ldap = None
 
 from django.core.exceptions import ImproperlyConfigured
-from django.utils import six
+from django.utils import encoding
 
 from django_kerberos.backends import KerberosBackend
 
@@ -51,8 +51,9 @@ LDAPBackend._VALID_CONFIG_KEYS.append('principal_filter')
 
 class A2LdapKerberosBackend(LDAPBackend):
     def authenticate(self, principal=None, request=None):
-        logger = logging.getLogger(__name__)
+        principal = encoding.force_text(principal)
 
+        logger = logging.getLogger(__name__)
         if not app_settings.ENABLE:
             return
         if not app_settings.LDAP_BACKEND:
@@ -75,7 +76,6 @@ class A2LdapKerberosBackend(LDAPBackend):
                 return user
 
     def authenticate_block(self, block, username, realm, logger):
-        username = six.text_type(username)
         if not block['principal_filter']:
             return
         if block['limit_to_realm'] and realm != block['realm']: