fix: correctly encode bytes for V2 signature #382
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
V2 signature was passing a string to the sign_bytes function instead of bytes. This works fine for most credentials (since their sign_bytes implementations accept strings) but not for impersonated credentials. V4 signature encodes the string before calling sign_bytes, so I do the same here. We should also look into clarifying the contract for the sign_bytes interface in the auth library. Fixes googleapis#373
product-auto-label
bot
added
the
api: storage
google-cla
bot
added
the
cla: yes
tritone
commented
Feb 17, 2021
| @@ -77,7 +77,7 @@ def get_signed_query_params_v2(credentials, expiration, string_to_sign): | |||
| signed payload. | |||
| """ | |||
| ensure_signed_credentials(credentials) | |||
| signature_bytes = credentials.sign_bytes(string_to_sign) | |||
| signature_bytes = credentials.sign_bytes(string_to_sign.encode("ascii")) | |||
There was a problem hiding this comment.
See https://github.com/googleapis/python-storage/blob/master/google/cloud/storage/_signing.py#L628 for what we do in V4
frankyn
approved these changes
Feb 17, 2021
This was referenced Mar 11, 2021
Merged
Merged
cojenco
pushed a commit
to cojenco/python-storage
that referenced
this pull request
Oct 13, 2021
* fix: correctly encode bytes for V2 signature V2 signature was passing a string to the sign_bytes function instead of bytes. This works fine for most credentials (since their sign_bytes implementations accept strings) but not for impersonated credentials. V4 signature encodes the string before calling sign_bytes, so I do the same here. We should also look into clarifying the contract for the sign_bytes interface in the auth library. Fixes googleapis#373 * fix py2 failure
cojenco
pushed a commit
to cojenco/python-storage
that referenced
this pull request
Oct 13, 2021
* fix: correctly encode bytes for V2 signature V2 signature was passing a string to the sign_bytes function instead of bytes. This works fine for most credentials (since their sign_bytes implementations accept strings) but not for impersonated credentials. V4 signature encodes the string before calling sign_bytes, so I do the same here. We should also look into clarifying the contract for the sign_bytes interface in the auth library. Fixes googleapis#373 * fix py2 failure
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
V2 signature was passing a string to the sign_bytes function
instead of bytes. This works fine for most credentials (since
their sign_bytes implementations accept strings) but not for
impersonated credentials. V4 signature encodes the string before
calling sign_bytes, so I do the same here.
We should also look into clarifying the contract for the
sign_bytes interface in the auth library.
Fixes #373