Made sure hmac creation works on bytes

MarkusH · MarkusH · commit d7c66bb601a4 · 2016-11-19T13:02:20.000+01:00
diff --git a/laterpay/compat.py b/laterpay/compat.py
@@ -38,3 +38,12 @@ def stringify(value):
     elif six.PY2 and isinstance(value, six.text_type):
         value = value.encode('utf-8')
     return value
+
+
+def byteify(value):
+    """
+    Convert ``value`` into a byte-string.
+    """
+    if isinstance(value, six.text_type):
+        return value.encode('utf-8')
+    return value
diff --git a/laterpay/signing.py b/laterpay/signing.py
@@ -40,10 +40,10 @@ def create_HMAC(HMAC_secret, *parts):
     This function should probably not be part of the public API, and thus will
     be deprecated in a future release to be replaced with a internal function.
     """
-    authcode = hmac.new(six.b(HMAC_secret), digestmod=hashlib.sha224)
+    authcode = hmac.new(compat.byteify(HMAC_secret), digestmod=hashlib.sha224)
     for part in parts:
-        authcode.update(six.b(part))
-    return authcode.hexdigest()
+        authcode.update(compat.byteify(part))
+    return compat.stringify(authcode.hexdigest())
 
 
 def sort_params(param_dict):
diff --git a/tests/test_signing.py b/tests/test_signing.py
@@ -106,6 +106,25 @@ def test_sign(self):
             '346f3d53ad762f3ed3fb7f2427dec2bbfaf0338bb7f91f0460aff15c',
         )
 
+    def test_sign_unicode_secret(self):
+        params = {
+            u'parĄm1': u'valuĘ',
+            'param2': ['value2', 'value3'],
+            'hmac': 'will-be-removed',
+            'gettoken': 'will-be-removed-too',
+        }
+        url = u'https://endpoint.com/api'
+
+        secret = u'☃🐍'  # unicode is what we usually get from api/db..
+
+        mac = signing.sign(secret, params, url)
+
+        # sha224 hmac
+        self.assertEqual(
+            mac,
+            '635cef6498fc5f1a829275cc1b24a191d5267d6023034e3e0953e4c6',
+        )
+
     def test_verify_str_signature(self):
         params = {
             u'parĄm1': u'valuĘ',
