Merge "Fix string conversion in s3 handler for python 2"

2015-11-24 11:34:37 +00:00 · 2015-11-24 11:34:37 +00:00 · 2feb7be843
parent 666a46ea19 bce8575c20
commit 2feb7be843
2 changed files with 8 additions and 10 deletions
--- a/keystone/contrib/s3/core.py
+++ b/keystone/contrib/s3/core.py
@ -108,17 +108,15 @@ class S3Controller(controllers.Ec2Controller):
        """
        parts = string_to_sign.split(b'\n')
        if len(parts) != 4 or parts[0] != b'AWS4-HMAC-SHA256':
-            raise exception.Unauthorized(
-                message=_('Invalid EC2 signature.'))
+            raise exception.Unauthorized(message=_('Invalid EC2 signature.'))
        scope = parts[2].split(b'/')
        if len(scope) != 4 or scope[2] != b's3' or scope[3] != b'aws4_request':
-            raise exception.Unauthorized(
-                message=_('Invalid EC2 signature.'))
+            raise exception.Unauthorized(message=_('Invalid EC2 signature.'))

        def _sign(key, msg):
            return hmac.new(key, msg, hashlib.sha256).digest()

-        signed = _sign(six.b('AWS4' + secret_key), scope[0])
+        signed = _sign(('AWS4' + secret_key).encode('utf-8'), scope[0])
        signed = _sign(signed, scope[1])
        signed = _sign(signed, scope[2])
        signed = _sign(signed, b'aws4_request')
--- a/keystone/tests/unit/test_contrib_s3_core.py
+++ b/keystone/tests/unit/test_contrib_s3_core.py
@ -29,7 +29,7 @@ class S3ContribCore(unit.TestCase):

    def test_good_signature_v1(self):
        creds_ref = {'secret':
-                     'b121dd41cdcc42fe9f70e572e84295aa'}
+                     u'b121dd41cdcc42fe9f70e572e84295aa'}
        credentials = {'token':
                       'UFVUCjFCMk0yWThBc2dUcGdBbVk3UGhDZmc9PQphcHB'
                       'saWNhdGlvbi9vY3RldC1zdHJlYW0KVHVlLCAxMSBEZWMgMjAxM'
@ -42,7 +42,7 @@ class S3ContribCore(unit.TestCase):

    def test_bad_signature_v1(self):
        creds_ref = {'secret':
-                     'b121dd41cdcc42fe9f70e572e84295aa'}
+                     u'b121dd41cdcc42fe9f70e572e84295aa'}
        credentials = {'token':
                       'UFVUCjFCMk0yWThBc2dUcGdBbVk3UGhDZmc9PQphcHB'
                       'saWNhdGlvbi9vY3RldC1zdHJlYW0KVHVlLCAxMSBEZWMgMjAxM'
@ -56,7 +56,7 @@ class S3ContribCore(unit.TestCase):

    def test_good_signature_v4(self):
        creds_ref = {'secret':
-                     'e7a7a2240136494986991a6598d9fb9f'}
+                     u'e7a7a2240136494986991a6598d9fb9f'}
        credentials = {'token':
                       'QVdTNC1ITUFDLVNIQTI1NgoyMDE1MDgyNFQxMTIwNDFaCjIw'
                       'MTUwODI0L1JlZ2lvbk9uZS9zMy9hd3M0X3JlcXVlc3QKZjIy'
@ -71,7 +71,7 @@ class S3ContribCore(unit.TestCase):

    def test_bad_signature_v4(self):
        creds_ref = {'secret':
-                     'e7a7a2240136494986991a6598d9fb9f'}
+                     u'e7a7a2240136494986991a6598d9fb9f'}
        credentials = {'token':
                       'QVdTNC1ITUFDLVNIQTI1NgoyMDE1MDgyNFQxMTIwNDFaCjIw'
                       'MTUwODI0L1JlZ2lvbk9uZS9zMy9hd3M0X3JlcXVlc3QKZjIy'
@ -85,7 +85,7 @@ class S3ContribCore(unit.TestCase):

    def test_bad_token_v4(self):
        creds_ref = {'secret':
-                     'e7a7a2240136494986991a6598d9fb9f'}
+                     u'e7a7a2240136494986991a6598d9fb9f'}
        # token has invalid format of first part
        credentials = {'token':
                       'QVdTNC1BQUEKWApYClg=',