Commit add91892 authored by Jérome Perrin's avatar Jérome Perrin

fixup! fixup! oauth2_authorisation: py3

parent 71104054
......@@ -554,7 +554,7 @@ class _ERP5RequestValidator(RequestValidator):
return token_callable(**kw)
except jwt.InvalidTokenError:
pass
raise
raise # pylint:disable=misplaced-bare-raise
def client_authentication_required(self, request, *args, **kwargs):
# Use this method, which is called early on most endpoints, to setup request.client .
......@@ -1288,7 +1288,7 @@ class OAuth2AuthorisationServerConnector(XMLObject):
ensure_ascii(token_dict[JWT_PAYLOAD_KEY]),
)
return token_dict
raise
raise # pylint:disable=misplaced-bare-raise
def _getRefreshTokenDict(self, value, request):
for _, algorithm, symetric_key in self.__getRefreshTokenKeyList():
......@@ -1310,7 +1310,7 @@ class OAuth2AuthorisationServerConnector(XMLObject):
continue
else:
return token_dict
raise
raise # pylint:disable=misplaced-bare-raise
def _checkCustomTokenPolicy(self, token, request):
"""
......@@ -1370,7 +1370,7 @@ class OAuth2AuthorisationServerConnector(XMLObject):
continue
else:
return token_dict['iss']
raise
raise # pylint:disable=misplaced-bare-raise
security.declarePrivate('getRefreshTokenClientId')
def getRefreshTokenClientId(self, value, request):
......@@ -1396,7 +1396,7 @@ class OAuth2AuthorisationServerConnector(XMLObject):
continue
else:
return token_dict['iss']
raise
raise # pylint:disable=misplaced-bare-raise
def _getSessionValueFromTokenDict(self, token_dict):
session_value = self._getSessionValue(
......
......@@ -43,6 +43,7 @@ import random
import pprint
from time import time
import unittest
import six.moves.urllib as urllib
from six.moves.urllib.parse import parse_qsl, quote, urlencode, urlsplit, urlunsplit
from AccessControl.SecurityManagement import getSecurityManager, setSecurityManager
from DateTime import DateTime
......@@ -69,12 +70,13 @@ _HTML_FIELD_TAG_SET = {
# Very incomplete, but enough for this tests' purpose: ignores "select"s...
}
class FormExtractor(HTMLParser):
# pylint:disable=abstract-method
def reset(self):
self.__in_form = False
self.form_list = []
HTMLParser.reset(self)
def handle_starttag(self, tag, attribute_item_list):
def handle_starttag(self, tag, attribute_item_list): # pylint:disable=arguments-renamed
attr_dict = dict(attribute_item_list)
if tag == 'form':
assert not self.__in_form
......@@ -91,6 +93,7 @@ class FormExtractor(HTMLParser):
self.__in_form = False
class TestOAuth2(ERP5TypeTestCase):
# pylint:disable=unused-private-member
__cleanup_list = None
__port = None
__query_trace = None
......@@ -428,7 +431,7 @@ class TestOAuth2(ERP5TypeTestCase):
cookie_value, cookie_attributes = cookie_body.split(';', 1)
cookie_value = cookie_value.strip('"')
cookie_value_dict = {
'value': six.moves.urllib.parse.unquote(cookie_value),
'value': urllib.parse.unquote(cookie_value),
}
for cookie_attribute in cookie_attributes.split(';'):
cookie_attribute = cookie_attribute.lstrip()
......@@ -497,7 +500,7 @@ class TestOAuth2(ERP5TypeTestCase):
b'',
# XXX: Tolerate the redirect URL being returned in the body.
# This is a bug, body should really be empty.
header_dict.get('location', b''),
str2bytes(header_dict.get('location', '')),
),
)
parsed_location = urlsplit(header_dict.get('location', ''))
......
......@@ -227,13 +227,16 @@ class _OAuth2AuthorisationServerProxy(object):
)
else:
Connection = HTTPConnection
if six.PY2:
# Changed in version 3.4: The strict parameter was removed.
# HTTP 0.9-style “Simple Responses” are no longer supported.
Connection = functools.partial(Connection, strict=True)
timeout = getTimeLeft()
if timeout is None or timeout > self._timeout:
timeout = self._timeout
http_connection = Connection(
host=parsed_url.hostname,
port=parsed_url.port,
strict=True,
timeout=timeout,
source_address=self._bind_address,
)
......@@ -274,7 +277,7 @@ class _OAuth2AuthorisationServerProxy(object):
def _queryOAuth2(self, method, REQUEST, RESPONSE):
header_dict, body, status = self._query(
method,
body=urlencode(REQUEST.form.items()),
body=urlencode(REQUEST.form),
header_dict={
'CONTENT_TYPE': REQUEST.environ['CONTENT_TYPE'],
},
......@@ -864,7 +867,7 @@ class OAuth2AuthorisationClientConnector(
try:
state_dict = json.loads(
self.__getMultiFernet().decrypt(
state,
str2bytes(state),
ttl=self._SESSION_STATE_VALIDITY,
),
)
......
......@@ -46,6 +46,7 @@ from Products.ERP5Type.TransactionalVariable import \
getTransactionalVariable, TransactionalResource
from Products.ERP5Type.dynamic.portal_type_class import synchronizeDynamicModules
from Products.ERP5Type.mixin.response_header_generator import ResponseHeaderGenerator
from Products.ERP5Type.Utils import str2bytes, bytes2str
from zLOG import LOG, INFO, WARNING, ERROR
from zExceptions import BadRequest
......@@ -248,10 +249,10 @@ class AutorisationExtractorBeforeTraverseHook(object):
ERP5_AUTHORISATION_EXTRACTOR_PASSWORD_NAME in form_dict
):
username = form_dict[ERP5_AUTHORISATION_EXTRACTOR_USERNAME_NAME]
request._auth = 'Basic ' + base64.b64encode('%s:%s' % (
request._auth = 'Basic ' + bytes2str(base64.b64encode(str2bytes('%s:%s' % (
username,
form_dict[ERP5_AUTHORISATION_EXTRACTOR_PASSWORD_NAME],
))
))))
request.response._auth = 1
_setUserNameForAccessLog(username, request)
......
......@@ -48,7 +48,7 @@ from Products.PluggableAuthService.interfaces.plugins import (
)
from Products.ERP5Security import _setUserNameForAccessLog
from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type.Utils import bytes2str, str2bytes, unicode2str
from Products.ERP5Type.Utils import bytes2str, str2bytes, str2unicode, unicode2str
# Public constants. Must not change once deployed.
......@@ -426,7 +426,7 @@ class ERP5OAuth2ResourceServerPlugin(BasePlugin):
The schema of this dictionary is purely an internal implementation detail
of this plugin.
"""
client_address = request.getClientAddr().decode('utf-8')
client_address = str2unicode(request.getClientAddr())
token = self.__checkTokenSignature(access_token)
if token is None and can_update_key:
self.__updateAccessTokenSignatureKeyList(request=request)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment