Remove legacy code related to base64 encoded secret.

mozilla · Jun 6, 2017 · e0e5ae3 · e0e5ae3
1 parent fcd9f53
commit e0e5ae3
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 11 deletions.
diff --git a/docs/settings.rst b/docs/settings.rst
@@ -48,12 +48,6 @@ of ``mozilla-django-oidc``.
 
    OpenID Connect client secret provided by your OP
 
-.. py:attribute:: OIDC_RP_CLIENT_SECRET_ENCODED
-
-   :default: ``False``
-
-   Controls whether your client secret requires base64 decoding for verification
-
 .. py:attribute:: OIDC_VERIFY_JWT
 
    :default: ``True``

diff --git a/mozilla_django_oidc/auth.py b/mozilla_django_oidc/auth.py
@@ -80,11 +80,12 @@ def verify_token(self, token, **kwargs):
         """Validate the token signature."""
         nonce = kwargs.get('nonce')
 
-        secret = self.OIDC_RP_CLIENT_SECRET
-        if import_from_settings('OIDC_RP_CLIENT_SECRET_ENCODED', False):
-            secret = base64.urlsafe_b64decode(self.OIDC_RP_CLIENT_SECRET)
         # Verify the token
-        verified_token = jws.verify(token, secret, algorithms=['HS256'])
+        verified_token = jws.verify(
+            token,
+            self.OIDC_RP_CLIENT_SECRET,
+            algorithms=['HS256']
+        )
         # The 'verified_token' will always be a byte string since it's
         # the result of base64.urlsafe_b64decode().
         # The payload is always the result of base64.urlsafe_b64decode().

diff --git a/tests/test_auth.py b/tests/test_auth.py
@@ -288,7 +288,6 @@ def test_jwt_decode_params_verify_false(self, request_mock, jws_mock):
         jws_mock.assert_has_calls(calls)
 
     @override_settings(OIDC_USE_NONCE=True)
-    @override_settings(OIDC_RP_CLIENT_SECRET_ENCODED=False)
     @patch('mozilla_django_oidc.auth.jws')
     def test_jwt_failed_nonce(self, jwt_mock):
         """Test Nonce verification."""