don't call secrets.compare_digest with a None value

The __call__ method may return None to indicate failure. Using compare_digest with a None value results in a TypeError. Fixes: ab06a888e216 ("use secrets.compare_digest when available")
author: Helmut Grohne <helmut@subdivi.de> 2020-04-01 21:00:48 +0200
committer: Helmut Grohne <helmut@subdivi.de> 2020-04-01 21:00:48 +0200
commit: 370715e647f2f3a96343cf71e60dc27424f9c775 (patch)
tree: 6ed7dd66eed801c11f54e2f231f4d9b61c08f2b9
parent: 446a82789233b772a5d9d86efd49362fb061298e (diff)
download: wsgitools-370715e647f2f3a96343cf71e60dc27424f9c775.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/wsgitools/digest.py b/wsgitools/digest.py
index 846257a..ffdf063 100644
--- a/wsgitools/digest.py
+++ b/wsgitools/digest.py
@@ -187,7 +187,10 @@ class AbstractTokenGenerator(object):
         assert isinstance(username, str)
         assert isinstance(password, str)
         token = "%s:%s:%s" % (username, self.realm, password)
-        return compare_digest(md5hex(token), self(username))
+        expected = self(username)
+        if expected is None:
+            return False
+        return compare_digest(md5hex(token), expected)
 
 __all__.append("AuthTokenGenerator")
 class AuthTokenGenerator(AbstractTokenGenerator):
author	Helmut Grohne <helmut@subdivi.de>	2020-04-01 21:00:48 +0200
committer	Helmut Grohne <helmut@subdivi.de>	2020-04-01 21:00:48 +0200
commit	370715e647f2f3a96343cf71e60dc27424f9c775 (patch)
tree	6ed7dd66eed801c11f54e2f231f4d9b61c08f2b9
parent	446a82789233b772a5d9d86efd49362fb061298e (diff)
download	wsgitools-370715e647f2f3a96343cf71e60dc27424f9c775.tar.gz