From 00fc3deef0789ec58ee4b1bebb4b31598d329be4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20P=C3=A9ters?= <fpeters@entrouvert.com>
Date: Sat, 16 Nov 2019 12:36:21 +0100
Subject: [PATCH] idp: always write files as binaries (#36515)

---
 wcs/ctl/check_hobos.py  |  6 +++---
 wcs/qommon/ident/idp.py | 22 +++++++++++-----------
 2 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/wcs/ctl/check_hobos.py b/wcs/ctl/check_hobos.py
index 99fc5db4e..9bc20cb82 100644
--- a/wcs/ctl/check_hobos.py
+++ b/wcs/ctl/check_hobos.py
@@ -24,7 +24,7 @@ import tempfile
 import hashlib
 
 from django.utils import six
-from django.utils.encoding import force_text
+from django.utils.encoding import force_bytes, force_text
 from django.utils.six.moves import configparser as ConfigParser
 from django.utils.six.moves.urllib import parse as urlparse
 
@@ -149,7 +149,7 @@ class CmdCheckHobos(Command):
 
         self.update_profile(self.all_services.get('profile', {}), pub)
         # Store hobo.json
-        atomic_write(os.path.join(pub.app_dir, 'hobo.json'), json.dumps(self.all_services))
+        atomic_write(os.path.join(pub.app_dir, 'hobo.json'), force_bytes(json.dumps(self.all_services)))
 
     def update_configuration(self, service, pub):
         if not pub.cfg.get('misc'):
@@ -331,7 +331,7 @@ class CmdCheckHobos(Command):
 
             s = rfd.read()
             (bfd, metadata_pathname) = tempfile.mkstemp('.metadata')
-            atomic_write(metadata_pathname, s)
+            atomic_write(metadata_pathname, force_bytes(s))
 
             from ..qommon.ident.idp import AdminIDPDir
             admin_dir = AdminIDPDir()
diff --git a/wcs/qommon/ident/idp.py b/wcs/qommon/ident/idp.py
index 00147957a..b84f1e2c7 100644
--- a/wcs/qommon/ident/idp.py
+++ b/wcs/qommon/ident/idp.py
@@ -344,19 +344,19 @@ class AdminIDPDir(Directory):
             atomic_write(os.path.join(dir, metadata_fn), force_bytes(metadata))
         if publickey:
             publickey_fn = 'idp-%s-publickey.pem' % key_provider_id
-            atomic_write(os.path.join(dir, publickey_fn), publickey)
+            atomic_write(os.path.join(dir, publickey_fn), force_bytes(publickey))
         else:
             publickey_fn = None
 
         if cacertchain:
             cacertchain_fn = 'idp-%s-cacertchain.pem' % key_provider_id
-            atomic_write(os.path.join(dir, cacertchain_fn), cacertchain)
+            atomic_write(os.path.join(dir, cacertchain_fn), force_bytes(cacertchain))
         else:
             cacertchain_fn = None
 
         if clientcertificate:
             clientcertificate_fn = 'idp-%s-clientcertificate.pem' % key_provider_id
-            atomic_write(os.path.join(dir, clientcertificate_fn), clientcertificate)
+            atomic_write(os.path.join(dir, clientcertificate_fn), force_bytes(clientcertificate))
         else:
             clientcertificate_fn = None
 
@@ -414,7 +414,7 @@ class AdminIDPDir(Directory):
             else:
                 s = rfd.read()
                 (bfd, metadata_pathname) = tempfile.mkstemp(str('.metadata'))
-                atomic_write(metadata_pathname, s)
+                atomic_write(metadata_pathname, force_bytes(s))
                 try:
                     p = lasso.Provider(lasso.PROVIDER_ROLE_IDP, metadata_pathname, None, None)
                 except lasso.Error:
@@ -439,7 +439,7 @@ class AdminIDPDir(Directory):
                     else:
                         s = rfd.read()
                         (bfd, publickey_pathname) = tempfile.mkstemp(str('.publickey'))
-                        atomic_write(publickey_pathname, s)
+                        atomic_write(publickey_pathname, force_bytes(s))
 
                         try:
                             p = lasso.Provider(lasso.PROVIDER_ROLE_IDP, metadata_pathname,
@@ -539,9 +539,9 @@ class AdminIDPDir(Directory):
         cfg_idp[key_provider_id]['metadata_url'] = metadata_url
         cfg_idp[key_provider_id]['publickey_url'] = publickey_url
 
-        atomic_write(misc.get_abs_path(metadata_fn), metadata)
+        atomic_write(misc.get_abs_path(metadata_fn), force_bytes(metadata))
         if publickey:
-            atomic_write(misc.get_abs_path(publickey_fn), publickey)
+            atomic_write(misc.get_abs_path(publickey_fn), force_bytes(publickey))
 
         get_publisher().write_cfg()
 
@@ -704,12 +704,12 @@ class AdminIDPUI(Directory):
         cfg_idp[key_provider_id]['metadata'] = metadata_fn
 
         if metadata:
-            atomic_write(misc.get_abs_path(metadata_fn), metadata)
+            atomic_write(misc.get_abs_path(metadata_fn), force_bytes(metadata))
         if publickey:
-            atomic_write(misc.get_abs_path(publickey_fn), publickey)
+            atomic_write(misc.get_abs_path(publickey_fn), force_bytes(publickey))
             cfg_idp[key_provider_id]['publickey'] = publickey_fn
         if cacertchain:
-            atomic_write(misc.get_abs_path(cacertchain_fn), cacertchain)
+            atomic_write(misc.get_abs_path(cacertchain_fn), force_bytes(cacertchain))
             cfg_idp[key_provider_id]['cacertchain'] = cacertchain_fn
 
         lp = cfg_idp[key_provider_id]
@@ -966,7 +966,7 @@ class MethodAdminDirectory(Directory):
                 except OSError:
                     pass
                 fn = os.path.join(new_domain_dir, 'common_cookie')
-                atomic_write(fn, get_publisher().app_dir)
+                atomic_write(fn, force_bytes(get_publisher().app_dir))
         return self.configure_sp_metadatas(cfg_sp, signing_pem_key, private_signing_pem_key, encryption_pem_key, private_encryption_pem_key)
 
     def get_saml2_metadata(self, sp_config, signing_pem_key, encryption_pem_key):