Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

According to https://tools.ietf.org/html/rfc6749#section-2.3.1 client… #534

Merged
merged 9 commits into from
May 8, 2018
Merged

According to https://tools.ietf.org/html/rfc6749#section-2.3.1 client… #534

merged 9 commits into from
May 8, 2018

Conversation

rohe
Copy link
Contributor

@rohe rohe commented May 3, 2018
edited
Loading

… identifier and secret MUST be x-www-form-urlencoded when doing client_secret_basic client authentication.

  • Any changes relevant to users are recorded in the CHANGELOG.md.
  • The documentation has been updated, if necessary.

rohe added 3 commits May 3, 2018 11:32
@rohe
According to https://tools.ietf.org/html/rfc6749#section-2.3.1 client…
c8b60d6 
… identifier and secret MUST be x-www-form-urlencoded when doing client_secret_basic client authentication.
@rohe
Since non-ascii in file
66a2b72
@rohe
Make sure compare as unicode.
bf2c2f9
panva
panva reviewed May 3, 2018
View reviewed changes
src/oic/utils/authn/client.py Outdated
@@ -108,7 +109,7 @@ def construct(self, cis, request_args=None, http_args=None, **kwargs):
if "headers" not in http_args:
http_args["headers"] = {}

credentials = "{}:{}".format(user, passwd)
credentials = "{}:{}".format(quote_plus(user), quote_plus(passwd))
authz = base64.urlsafe_b64encode(credentials.encode("utf-8")).decode(
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To think of it, shouldn't content be just b64encoded instead of urlsafe_b64encoded?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm, you may well be right!

panva
panva reviewed May 3, 2018
View reviewed changes
tests/test_client.py Outdated
assert http_args == {"headers": {"Authorization": "Basic {}".format(
base64.urlsafe_b64encode("A:boarding pass".encode("utf-8")).decode(
"utf-8"))}}
base64.urlsafe_b64encode(cred.encode("utf-8")).decode("utf-8"))}}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same, shouldn't basic auth use just b64encode?

panva
panva reviewed May 3, 2018
View reviewed changes
tests/test_authn_user.py Outdated
credentials = "{}:{}".format(quote_plus(user),
quote_plus(passwd))

authz = base64.urlsafe_b64encode(credentials.encode("utf-8")).decode(
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same, shouldn't basic auth use just b64encode?

@codecov-io
Copy link

codecov-io commented May 3, 2018
edited
Loading

Codecov Report

Merging #534 into master will increase coverage by 0.07%.
The diff coverage is 70.58%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #534      +/-   ##
==========================================
+ Coverage   59.54%   59.61%   +0.07%     
==========================================
  Files          62       62              
  Lines       11237    11247      +10     
  Branches     1978     1981       +3     
==========================================
+ Hits         6691     6705      +14     
+ Misses       3992     3984       -8     
- Partials      554      558       +4
Impacted Files Coverage Δ
src/oic/utils/authn/client.py 69.76% <100%> (+0.09%) ⬆️
src/oic/utils/authn/user.py 63.74% <64.28%> (+3%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update a99b0d9...ed7885f. Read the comment docs.

@schlenk
Copy link
Collaborator

schlenk commented May 3, 2018

Changelog entry is still missing, looks good otherwise.

@rohe rohe requested review from schlenk and tpazderka May 8, 2018 08:29
schlenk
schlenk approved these changes May 8, 2018
View reviewed changes
Copy link
Collaborator

@schlenk schlenk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@schlenk schlenk merged commit af74d62 into CZ-NIC:master May 8, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@panva panva panva left review comments

@schlenk schlenk schlenk approved these changes

@tpazderka tpazderka Awaiting requested review from tpazderka

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@rohe @codecov-io @schlenk @panva