Closed justinmayer closed 4 years ago
@natim: This one is quite a head-scratcher. Does anything jump out at you as a possible cause? Do you foresee any issues with explicitly converting the key to bytes?
Yes we should convert it/ encode it to bytes
Le jeu. 3 oct. 2019 à 20:52, Justin Mayer notifications@github.com a écrit :
@Natim https://github.com/Natim: This one is quite a head-scratcher. Does anything jump out at you as a possible cause? Do you foresee any issues with explicitly converting the key to bytes?
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/justinmayer/kagi/issues/38?email_source=notifications&email_token=AABYATMIOIGRMAHH2VZ3RK3QMY5PTA5CNFSM4I5G3UCKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEAJGTRA#issuecomment-538077636, or mute the thread https://github.com/notifications/unsubscribe-auth/AABYATNGYT7VYQEXYJFS7P3QMY5PTANCNFSM4I5G3UCA .
Perhaps only if needed? That is...
try:
hs = hmac.new(key, msg, hashlib.sha1).digest()
except TypeError:
hs = hmac.new(bytes(key), msg, hashlib.sha1).digest()
What do you think?
It should always be bytes. We should not guess.
Le jeu. 3 oct. 2019 à 21:11, Justin Mayer notifications@github.com a écrit :
Perhaps only if needed? That is...
try: hs = hmac.new(key, msg, hashlib.sha1).digest() except TypeError: hs = hmac.new(bytes(key), msg, hashlib.sha1).digest()
What do you think?
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/justinmayer/kagi/issues/38?email_source=notifications&email_token=AABYATJVISW4AWJDXBZMUX3QMY7XNA5CNFSM4I5G3UCKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEAJIJZY#issuecomment-538084583, or mute the thread https://github.com/notifications/unsubscribe-auth/AABYATPDOMCRX6TTN2TCHNTQMY7XNANCNFSM4I5G3UCA .
Many thanks for the feedback and quick response. I'll fix that now. 👍
Closed with #40
Steps to Reproduce
Expected Result
The login process would complete successfully, re-directing to post-login URL.
Observed Result
An a TypeError exception is returned:
[tap to see full traceback]
Potential Solution / Workaround
Explicitly converting the
key
argument to bytes in this hmac.new() invocation resolves the error and allows the multi-factor authentication process to complete successfully:I can’t reproduce this in the Kagi test project, but it’s nonetheless a reproducible error in a (non-public) repository that otherwise exhibits no problems. One difference between the two projects is that the error occurs in a project in which
KagiLoginView
is not used, since there is an existing login view with custom logic. This custom login view was instead modified to behave likeKagiLoginView
and re-direct to the stockVerifySecondFactorView
view when a key/TOTP device count above zero is detected. SinceVerifySecondFactorView
is not subclassed and is used in its original unmodified form, it’s not clear whether/how the aforementioned login view difference would result in this error.Environment
Related Links