Kallithea no longer authorizes with Atlassian Crowd properly using python3

Issue #370 resolved
Chris Rule created an issue

I was using the latest stable version 0.6.0 updated to using python3.

When attempting to connect to Atlassian Crowd version 4.0 an error would appear in the syslog: “getting bytes expecting str” and the user would never be authenticated using Crowd.

Finally traced this down to an issue where urllib.readlines() is returning bytes, but the auth_crowd.py module was expecting a string.

Enclosed is a patch file for one way to fix this. It should work for python2 but I have not tried fix this under python2. I also suspect this has nothing to do with the version of Crowd.

Comments (5)

  1. Mads Kiilerich

    Thank you.

    I don’t know Crowd (and do not have a setup for testing). Do you know some documentation that specify that the result always is utf8?

    Also, I guess the chunk a few lines later needs same treatment?

            else:
                rval = "".join(rdoc.readlines())
    

    – but reading rdoc twice seems odd, so it should probably just use rval = msg ? But noformat never is never set, so it doesn’t seem to be reachable anyway. I don’t know if dead code is worth fixing or just should be removed …

  2. Mads Kiilerich

    Ok, took a closer closer look. One of the significant causes for this problem seems to be how the response is read by lines.

    Can you confirm this works too?

    --- kallithea/lib/auth_modules/auth_crowd.py
    +++ kallithea/lib/auth_modules/auth_crowd.py
    @@ -97,7 +97,7 @@ class CrowdServer(object):
             msg = ""
             try:
                 rdoc = self.opener.open(req)
    -            msg = "".join(rdoc.readlines())
    +            msg = rdoc.read()
                 if not msg and empty_response_ok:
                     rval = {}
                     rval["status"] = True
    

  3. Chris Rule reporter

    Thanks for looking at this.

    Your change looks like it would work much better than my fix. At the time I was just trying to figure out what was wrong and get it going again. This problem looks like one of those python2 vs python3 issues.

    I didn’t notice the second readlines() call before. I agree it probably makes sense to just remove the code. Not sure what functionality the second readlines() was trying to accomplish here.

    It will be a few days before I can try the change, but will sometime this week. On the surface it looks like it will work.

  4. Chris Rule reporter

    Looks like your suggestion works fine.

    Here’s the patch for what I implemented:

    diff -r eed428104177 kallithea/lib/auth_modules/auth_crowd.py
    --- a/kallithea/lib/auth_modules/auth_crowd.py  Wed May 06 20:29:53 2020 +0200
    +++ b/kallithea/lib/auth_modules/auth_crowd.py  Wed May 13 10:51:36 2020 -0500
    @@ -97,7 +97,7 @@
             msg = ""
             try:
                 rdoc = self.opener.open(req)
    -            msg = "".join(rdoc.readlines())
    +            msg = rdoc.read()
                 if not msg and empty_response_ok:
                     rval = {}
                     rval["status"] = True
    @@ -106,7 +106,7 @@
                     rval = ext_json.loads(msg)
                     rval["status"] = True
                 else:
    -                rval = "".join(rdoc.readlines())
    +                rval = msg
             except Exception as e:
                 if not noformat:
                     rval = {"status": False,
    

  5. Log in to comment