icemac
commented
5 years ago @litsol Thank you for reporting this issue. Could you please create a pull request from your changes as it is easier to think about code changes when seeing the actual code.
Closed litsol closed 5 years ago
icemac
commented
5 years ago @litsol Thank you for reporting this issue. Could you please create a pull request from your changes as it is easier to think about code changes when seeing the actual code.
litsol
commented
5 years ago Dear Michael,
Since I posted my UnicodeDecode Error issue a Python 3 port of pas.plugins.authomatic has appeared that works perfectly with your PluggableAuthService. So my fix is not necessary.
With kind regards,
Michael Guravage
On Thu, Aug 8, 2019 at 8:11 AM Michael Howitz notifications@github.com wrote:
@litsol https://github.com/litsol Thank you for reporting this issue. Could you please create a pull request from your changes as it is easier to think about code changes when seeing the actual code.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/zopefoundation/Products.PluggableAuthService/issues/45?email_source=notifications&email_token=AACPUSK7TZZXJYSVKMFFJTDQDO2JBA5CNFSM4IJ63AB2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD32R2XY#issuecomment-519380319, or mute the thread https://github.com/notifications/unsubscribe-auth/AACPUSKLH4TOZ3ISK7BTHJ3QDO2JBANCNFSM4IJ63ABQ .
icemac
commented
5 years ago @litsol Thank you for your reply, I am closing this issue now.
The file Products/PluggableAuthService/plugins/CookieAuthHelper.py defines a function named decode_cookie(). This function is called, in the same file, by the CookieAuthHelper class member function named extractCredentials(); which attempts to extract login and password credentials from a cookie extracted from a request. The extractCredentials() function has three try-except blocks, the first of which calls decode_cookie() and traps a binascii.Error.
We are using pas.plugin.authomatic. Somehow, a cookie is being passed to decode_cookie() via extractCredentials() that cannot be decoded into a Unicode string. This raises a UnicodeDecodeError, which is not caught by the try-except block in extractCredentials(), and Plone fails. To avoid this, at least for the moment, I have added UnicodeDecodeError to the exceptions trapped by the first try-except block.
I will try to resolve this problem in the pas.plugin.authomatic code itself, but, perhaps, uncovering this UnicodeDecodeError issue in CookieAuthHelper.py is helpful on its own.
I forked the Products.PluggableAuthService.git repository at revision 21121d2. We are developing on Python 5.2.0 and Python 3.6.8. If you think it worth making a pull-request, please let me know.