# HG changeset patch
# User paulb
# Date 1202068681 0
# Node ID 139b1412b9c3d71049e89a32bf349c12b58306fd
# Parent  73e60be1e6305a50f5e69453264758563ecd56a3
[project @ 2008-02-03 19:58:01 by paulb]
Added measures to permit the usage of non-ASCII characters in plaintexts.

diff -r 73e60be1e630 -r 139b1412b9c3 WebStack/Helpers/Auth.py
--- a/WebStack/Helpers/Auth.py	Sun Feb 03 19:57:25 2008 +0000
+++ b/WebStack/Helpers/Auth.py	Sun Feb 03 19:58:01 2008 +0000
@@ -3,7 +3,7 @@
 """
 Authentication/authorisation helper classes and functions.
 
-Copyright (C) 2004, 2005 Paul Boddie <paul@boddie.org.uk>
+Copyright (C) 2004, 2005, 2007, 2008 Paul Boddie <paul@boddie.org.uk>
 
 This library is free software; you can redistribute it and/or
 modify it under the terms of the GNU Lesser General Public
@@ -196,7 +196,9 @@
     'plaintext' and 'secret_key'.
     """
 
-    return plaintext + ":" + md5.md5(plaintext + secret_key).hexdigest()
+    # NOTE: Using "safe" encoding to deal with Unicode plaintext.
+
+    return plaintext + ":" + md5.md5(plaintext.encode("iso-8859-1") + secret_key).hexdigest()
 
 # OpenID token verification.
 # NOTE: Add SHA256 usage for associations.
@@ -211,7 +213,10 @@
         """
 
         plaintext = "\n".join([(key + ":" + value) for (key, value) in items]) + "\n"
-        hash = hmac.new(secret_key, plaintext, sha1)
+
+        # NOTE: Using "safe" encoding to deal with Unicode plaintext.
+
+        hash = hmac.new(secret_key, plaintext.encode("iso-8859-1"), sha1)
         return base64.standard_b64encode(hash.digest())
 
     def check_openid_signature(fields, secret_key):