franceconnect: pass bytes to hashlib (#36515)

wcs/qommon/ident/franceconnect.py

@@ -19,6 +19,7 @@ import hashlib
 import sys
 import uuid
 
+from django.utils.encoding import force_bytes
 from django.utils.six.moves.urllib import parse as urllib
 
 from quixote import redirect, get_session, get_publisher, get_request, get_session_manager
@@ -283,7 +284,7 @@ class FCAuthMethod(AuthMethod):
         # generate a session id if none exists, ugly but necessary
         get_session_manager().maintain_session(session)
 
-        nonce = hashlib.sha256(str(session.id)).hexdigest()
+        nonce = hashlib.sha256(force_bytes(session.id)).hexdigest()
         fc_callback = pub.get_frontoffice_url() + '/ident/fc/callback'
         qs = urllib.urlencode({
             'response_type': 'code',
@@ -331,7 +332,7 @@ class FCAuthMethod(AuthMethod):
         access_token = result['access_token']
         header, payload, signature = id_token.split('.')
         payload = json_loads(base64url_decode(payload))
-        nonce = hashlib.sha256(str(session.id)).hexdigest()
+        nonce = hashlib.sha256(force_bytes(session.id)).hexdigest()
         if payload['nonce'] != nonce:
             logger.error('FranceConnect returned nonce did not match')
             return None