py2/py3: the way to ensure ASCII is different.

99a2815b · Kazuhiko Shiozaki · Arnaud Fontaine · 463b374e · 99a2815b
Commit 99a2815b authored Oct 20, 2022 by Kazuhiko Shiozaki Committed by Arnaud Fontaine Mar 09, 2023
Showing with 14 additions and 6 deletions

bt5/erp5_oauth2_authorisation/DocumentTemplateItem/portal_components/document.erp5.OAuth2AuthorisationServerConnector.py ...nents/document.erp5.OAuth2AuthorisationServerConnector.py +14 -6

No files found.
--- a/bt5/erp5_oauth2_authorisation/DocumentTemplateItem/portal_components/document.erp5.OAuth2AuthorisationServerConnector.py
+++ b/bt5/erp5_oauth2_authorisation/DocumentTemplateItem/portal_components/document.erp5.OAuth2AuthorisationServerConnector.py
@@ -92,6 +92,14 @@ from Products.ERP5Security.ERP5OAuth2ResourceServerPlugin import (
 )
 from ZPublisher.HTTPResponse import HTTPResponse

+def ensure_ascii(s):
+  if six.PY2:
+    return s.encode('ascii')
+  else:
+    if isinstance(s, str):
+      s = bytes(s, 'ascii')
+    return s.decode('ascii')
+
 _DEFAULT_BACKEND = default_backend()
 _SIGNATURE_ALGORITHM_TO_KEY_BYTE_LENGTH_DICT = {
  'HS256': 32,
@@ -311,7 +319,7 @@ class _ERP5AuthorisationEndpoint(AuthorizationEndpoint):
        # Note: query string generation should not have produce any duplicate
        # entries, so convert into a dict for code simplicity.
        query_dict = {
-          x.encode('ascii'): y.encode('ascii')
+          ensure_ascii(x): ensure_ascii(y)
          for x, y in query_list
        }
        inner_response = HTTPResponse(stdout=None, stderr=None)
@@ -1277,7 +1285,7 @@ class OAuth2AuthorisationServerConnector(XMLObject):
      else:
        self._checkCustomTokenPolicy(token_dict, request)
        token_dict[JWT_PAYLOAD_KEY] = decodeAccessTokenPayload(
-          token_dict[JWT_PAYLOAD_KEY].encode('ascii'),
+          ensure_ascii(token_dict[JWT_PAYLOAD_KEY]),
        )
        return token_dict
    raise
@@ -1681,15 +1689,15 @@ class OAuth2AuthorisationServerConnector(XMLObject):
      (
        now,
        access_token_signature_algorithm,
-        private_key.private_bytes(
+        ensure_ascii(private_key.private_bytes(
          encoding=Encoding.PEM,
          format=PrivateFormat.PKCS8,
          encryption_algorithm=NoEncryption(),
-        ).encode('ascii'),
-        private_key.public_key().public_bytes(
+        )),
+        ensure_ascii(private_key.public_key().public_bytes(
          encoding=Encoding.PEM,
          format=PublicFormat.SubjectPublicKeyInfo,
-        ).encode('ascii'),
+        )),
      ),
    ) + tuple(
      x