misc: pass bytes to base64 when doing http basic authentication (#36515)

wcs/api_utils.py

@@ -24,7 +24,7 @@ import errno
 import calendar
 
 from django.utils import six
-from django.utils.encoding import force_bytes
+from django.utils.encoding import force_bytes, force_text
 from django.utils.six.moves.urllib import parse as urllib
 from django.utils.six.moves.urllib import parse as urlparse
 
@@ -109,7 +109,7 @@ def get_user_from_api_query_string(api_name=None):
             # we do not handle other authentication schemes
             raise AccessForbiddenError('unhandled authorization header')
         auth_header = auth_header.split(' ', 1)[1]
-        username, password = base64.decodestring(auth_header).split(':', 1)
+        username, password = force_text(base64.decodestring(force_bytes(auth_header))).split(':', 1)
         configured_password = get_publisher().get_site_option(
                 username, section='api-http-auth-%s' % api_name)
         if configured_password != password:

wcs/qommon/http_request.py

@@ -20,6 +20,7 @@ import re
 import time
 
 from django.utils import six
+from django.utils.encoding import force_bytes, force_text
 from quixote import get_session, get_publisher
 import quixote.http_request
 from quixote.errors import RequestError
@@ -51,7 +52,7 @@ class HTTPRequest(quixote.http_request.HTTPRequest):
         auth_header = self.get_header('Authorization', '')
         if auth_header.startswith('Basic '):
             auth_header = auth_header.split(' ', 1)[1]
-            username, password = base64.decodestring(auth_header).split(':', 1)
+            username, password = force_text(base64.decodestring(force_bytes(auth_header))).split(':', 1)
             from .ident.password_accounts import PasswordAccount
             try:
                 self._user = PasswordAccount.get_with_credentials(username, password)