Skip to content

Commit 7f4e595

Browse files
author
Roland Hedberg
committed
Handle b64decode exception. Proposed by Seth Arnold.
1 parent dd6d224 commit 7f4e595

File tree

3 files changed

+39
-27
lines changed

3 files changed

+39
-27
lines changed

example/idp2/idp.py

Lines changed: 14 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -449,18 +449,22 @@ def ecp(self):
449449
try:
450450
authz_info = self.environ["HTTP_AUTHORIZATION"]
451451
if authz_info.startswith("Basic "):
452-
_info = base64.b64decode(authz_info[6:])
453-
logger.debug("Authz_info: %s" % _info)
454452
try:
455-
(user, passwd) = _info.split(":")
456-
if PASSWD[user] != passwd:
457-
resp = Unauthorized()
458-
self.user = user
459-
self.environ[
460-
"idp.authn"] = AUTHN_BROKER.get_authn_by_accr(
461-
PASSWORD)
462-
except ValueError:
453+
_info = base64.b64decode(authz_info[6:])
454+
except TypeError:
463455
resp = Unauthorized()
456+
else:
457+
logger.debug("Authz_info: %s" % _info)
458+
try:
459+
(user, passwd) = _info.split(":")
460+
if PASSWD[user] != passwd:
461+
resp = Unauthorized()
462+
self.user = user
463+
self.environ[
464+
"idp.authn"] = AUTHN_BROKER.get_authn_by_accr(
465+
PASSWORD)
466+
except ValueError:
467+
resp = Unauthorized()
464468
else:
465469
resp = Unauthorized()
466470
except KeyError:

example/idp2/idp_uwsgi.py

Lines changed: 14 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -419,18 +419,22 @@ def ecp(self):
419419
try:
420420
authz_info = self.environ["HTTP_AUTHORIZATION"]
421421
if authz_info.startswith("Basic "):
422-
_info = base64.b64decode(authz_info[6:])
423-
logger.debug("Authz_info: %s" % _info)
424422
try:
425-
(user, passwd) = _info.split(":")
426-
if PASSWD[user] != passwd:
427-
resp = Unauthorized()
428-
self.user = user
429-
self.environ[
430-
"idp.authn"] = AUTHN_BROKER.get_authn_by_accr(
431-
PASSWORD)
432-
except ValueError:
423+
_info = base64.b64decode(authz_info[6:])
424+
except TypeError:
433425
resp = Unauthorized()
426+
else:
427+
logger.debug("Authz_info: %s" % _info)
428+
try:
429+
(user, passwd) = _info.split(":")
430+
if PASSWD[user] != passwd:
431+
resp = Unauthorized()
432+
self.user = user
433+
self.environ[
434+
"idp.authn"] = AUTHN_BROKER.get_authn_by_accr(
435+
PASSWORD)
436+
except ValueError:
437+
resp = Unauthorized()
434438
else:
435439
resp = Unauthorized()
436440
except KeyError:

example/idp2_repoze/idp.py

Lines changed: 11 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -406,15 +406,19 @@ def ecp(self):
406406
try:
407407
authz_info = self.environ["HTTP_AUTHORIZATION"]
408408
if authz_info.startswith("Basic "):
409-
_info = base64.b64decode(authz_info[6:])
410-
logger.debug("Authz_info: %s" % _info)
411409
try:
412-
(user, passwd) = _info.split(":")
413-
if PASSWD[user] != passwd:
414-
resp = Unauthorized()
415-
self.user = user
416-
except ValueError:
410+
_info = base64.b64decode(authz_info[6:])
411+
except TypeError:
417412
resp = Unauthorized()
413+
else:
414+
logger.debug("Authz_info: %s" % _info)
415+
try:
416+
(user, passwd) = _info.split(":")
417+
if PASSWD[user] != passwd:
418+
resp = Unauthorized()
419+
self.user = user
420+
except (ValueError, TypeError):
421+
resp = Unauthorized()
418422
else:
419423
resp = Unauthorized()
420424
except KeyError:

0 commit comments

Comments
 (0)