0001-python3-define-a-base64-decoding-exception-31180.patch
| src/authentic2/compat.py | ||
|---|---|---|
| 6 | 6 |
from django.db import connection |
| 7 | 7 |
from django.db.utils import OperationalError |
| 8 | 8 |
from django.core.exceptions import ImproperlyConfigured |
| 9 |
from django.utils import six |
|
| 9 | 10 | |
| 10 | 11 |
from django.contrib.auth.tokens import PasswordResetTokenGenerator |
| 11 | 12 | |
| ... | ... | |
| 121 | 122 |
jsonfield.fields.configure_database_connection(connection, **kwargs) |
| 122 | 123 |
jsonfield.fields.connection_created.disconnect(jsonfield.fields.configure_database_connection) |
| 123 | 124 |
jsonfield.fields.connection_created.connect(configure_database_connection) |
| 125 | ||
| 126 | ||
| 127 |
if six.PY2: |
|
| 128 |
Base64Error = TypeError |
|
| 129 |
else: |
|
| 130 |
from binascii import Error as Base64Error |
|
| src/authentic2/crypto.py | ||
|---|---|---|
| 8 | 8 |
from Crypto.Hash import HMAC |
| 9 | 9 |
from Crypto import Random |
| 10 | 10 | |
| 11 |
from authentic2.compat import Base64Error |
|
| 12 | ||
| 11 | 13 | |
| 12 | 14 |
class DecryptionError(Exception): |
| 13 | 15 |
pass |
| ... | ... | |
| 52 | 54 |
try: |
| 53 | 55 |
iv = base64.b64decode(iv) |
| 54 | 56 |
crypted = base64.b64decode(crypted) |
| 55 |
except TypeError:
|
|
| 57 |
except Base64Error:
|
|
| 56 | 58 |
if raise_on_error: |
| 57 | 59 |
raise DecryptionError('incorrect base64 encoding')
|
| 58 | 60 |
return None |
| src/authentic2/profile_views.py | ||
|---|---|---|
| 7 | 7 |
from django.utils.translation import ugettext as _ |
| 8 | 8 |
from django.utils.http import urlsafe_base64_decode |
| 9 | 9 | |
| 10 |
from .compat import default_token_generator |
|
| 10 |
from .compat import default_token_generator, Base64Error
|
|
| 11 | 11 |
from .registration_backend.forms import SetPasswordForm |
| 12 | 12 |
from . import app_settings, cbv, profile_forms, utils, hooks |
| 13 | 13 | |
| ... | ... | |
| 73 | 73 |
uid = urlsafe_base64_decode(uidb64) |
| 74 | 74 |
# use authenticate to eventually get an LDAPUser |
| 75 | 75 |
self.user = authenticate(user=UserModel._default_manager.get(pk=uid)) |
| 76 |
except (TypeError, ValueError, OverflowError,
|
|
| 76 |
except (Base64Error, ValueError, OverflowError,
|
|
| 77 | 77 |
UserModel.DoesNotExist): |
| 78 | 78 |
validlink = False |
| 79 | 79 |
messages.warning(request, _('User not found'))
|
| src/authentic2_idp_oidc/views.py | ||
|---|---|---|
| 15 | 15 |
from django.conf import settings |
| 16 | 16 |
from django.utils.translation import ugettext as _ |
| 17 | 17 | |
| 18 |
from authentic2.compat import Base64Error |
|
| 18 | 19 |
from authentic2.decorators import setting_enabled |
| 19 | 20 |
from authentic2.utils import (login_require, redirect, timestamp_from_datetime, |
| 20 | 21 |
last_authentication_event, make_url) |
| ... | ... | |
| 328 | 329 |
return None |
| 329 | 330 |
try: |
| 330 | 331 |
decoded = base64.b64decode(authorization[1]) |
| 331 |
except TypeError:
|
|
| 332 |
except Base64Error:
|
|
| 332 | 333 |
return None |
| 333 | 334 |
parts = decoded.split(':')
|
| 334 | 335 |
if len(parts) != 2: |
| tests/test_auth_oidc.py | ||
|---|---|---|
| 25 | 25 |
from authentic2.utils import timestamp_from_datetime, last_authentication_event |
| 26 | 26 |
from authentic2.a2_rbac.utils import get_default_ou |
| 27 | 27 |
from authentic2.crypto import base64url_encode |
| 28 |
from authentic2.compat import Base64Error |
|
| 28 | 29 | |
| 29 | 30 |
import utils |
| 30 | 31 | |
| 31 | 32 | |
| 32 | 33 |
def test_base64url_decode(): |
| 33 |
with pytest.raises(TypeError):
|
|
| 34 |
with pytest.raises(Base64Error):
|
|
| 34 | 35 |
base64url_decode('x')
|
| 35 | 36 |
base64url_decode('aa')
|
| 36 | 37 | |
| tests/test_idp_saml2.py | ||
|---|---|---|
| 13 | 13 |
from django.utils.translation import gettext as _ |
| 14 | 14 |
from django.utils.six.moves.urllib import parse as urlparse |
| 15 | 15 | |
| 16 |
from authentic2.compat import Base64Error |
|
| 16 | 17 |
from authentic2.saml import models as saml_models |
| 17 | 18 |
from authentic2.a2_rbac.models import Role, OrganizationalUnit |
| 18 | 19 |
from authentic2.utils import make_url |
| ... | ... | |
| 292 | 293 |
saml_response = doc.forms[0].fields['SAMLResponse'] |
| 293 | 294 |
try: |
| 294 | 295 |
base64.b64decode(saml_response) |
| 295 |
except TypeError:
|
|
| 296 |
except Base64Error:
|
|
| 296 | 297 |
self.fail('SAMLResponse is not base64 encoded: %s'
|
| 297 | 298 |
% saml_response) |
| 298 | 299 |
with self.assertRaises(lasso.ProfileRequestDeniedError): |
| ... | ... | |
| 336 | 337 |
saml_response = doc.forms[0].fields['SAMLResponse'] |
| 337 | 338 |
try: |
| 338 | 339 |
base64.b64decode(saml_response) |
| 339 |
except TypeError:
|
|
| 340 |
except Base64Error:
|
|
| 340 | 341 |
self.fail('SAMLResponse is not base64 encoded: %s' % saml_response)
|
| 341 | 342 |
login = self.parse_authn_response(saml_response) |
| 342 | 343 |
assertion = login.assertion |
| 343 |
- |
|