Merge pull request #210 from p1c2u/fix/b64decode-issue29427-fix

b64decode issue29427 fix

openapi_core/security/providers.py

@@ -1,8 +1,8 @@
-import base64
 import binascii
 import warnings
 
 from openapi_core.security.exceptions import SecurityError
+from openapi_core.security.util import b64decode
 
 
 class BaseProvider(object):
@@ -41,7 +41,6 @@ class HttpProvider(BaseProvider):
             raise SecurityError(
                 'Unknown authorization method %s' % auth_type)
         try:
-            return base64.b64decode(
+            return b64decode(encoded_credentials).decode('latin1')
-                encoded_credentials.encode('ascii')).decode('latin1')
         except binascii.Error:
             raise SecurityError('Invalid base64 encoding.')

openapi_core/security/util.py

@@ -0,0 +1,9 @@
+from base64 import urlsafe_b64decode
+
+
+def b64decode(s):
+    # Code from
+    # https://github.com/GehirnInc/python-jwt/blob/master/jwt/utils.py#L29
+    s_bin = s.encode('ascii')
+    s_bin += b'=' * (4 - len(s_bin) % 4)
+    return urlsafe_b64decode(s_bin)

tests/unit/security/test_providers.py

@@ -0,0 +1,33 @@
+import pytest
+
+from openapi_core.schema.security_schemes.models import SecurityScheme
+from openapi_core.security.providers import HttpProvider
+from openapi_core.testing import MockRequest
+
+
+class TestHttpProvider(object):
+
+    @pytest.fixture
+    def scheme(self):
+        return SecurityScheme('http', scheme='bearer')
+
+    @pytest.fixture
+    def provider(self, scheme):
+        return HttpProvider(scheme)
+
+    def test_issue29427(self, provider):
+        """Tests HttpProvider against Issue29427
+        https://bugs.python.org/issue29427
+        """
+        jwt = 'MQ'
+        headers = {
+            'Authorization': 'Bearer {0}'.format(jwt),
+        }
+        request = MockRequest(
+            'http://localhost', 'GET', '/pets',
+            headers=headers,
+        )
+
+        result = provider(request)
+
+        assert result == '1'