Merge pull request #225 from p1c2u/fix/security-http-provider-fix

Security HTTP provider fix

openapi_core/security/providers.py

@@ -1,8 +1,6 @@
-import binascii
 import warnings
 
 from openapi_core.security.exceptions import SecurityError
-from openapi_core.security.util import b64decode
 
 
 class BaseProvider(object):
@@ -40,7 +38,5 @@ class HttpProvider(BaseProvider):
         if auth_type.lower() != self.scheme.scheme.value:
             raise SecurityError(
                 'Unknown authorization method %s' % auth_type)
-        try:
+
-            return b64decode(encoded_credentials).decode('latin1')
+        return encoded_credentials
-        except binascii.Error:
-            raise SecurityError('Invalid base64 encoding.')

openapi_core/security/util.py

@@ -1,9 +0,0 @@
-from base64 import urlsafe_b64decode
-
-
-def b64decode(s):
-    # Code from
-    # https://github.com/GehirnInc/python-jwt/blob/master/jwt/utils.py#L29
-    s_bin = s.encode('ascii')
-    s_bin += b'=' * (4 - len(s_bin) % 4)
-    return urlsafe_b64decode(s_bin)

tests/integration/validation/test_validators.py

@@ -283,7 +283,7 @@ class TestRequestValidator(object):
             },
         )
         assert result.security == {
-            'petstore_auth': self.api_key,
+            'petstore_auth': self.api_key_encoded,
         }
 
 

tests/unit/security/test_providers.py

@@ -34,4 +34,4 @@ class TestHttpProvider(object):
 
         result = provider(request)
 
-        assert result == '1'
+        assert result == jwt