From 99d986a0aa23b65c6743d54f412d43c0d403dffd Mon Sep 17 00:00:00 2001
From: Neal Gompa <ngompa13@gmail.com>
Date: May 20 2020 10:08:33 +0000
Subject: providers/openid: Ensure base64 encoded trust root is used as a string


The rest of the application expects the base64-encoded trust root to
be a string, and when it is bytes, it can fail with "incorrect padding" errors.

Signed-off-by: Neal Gompa <ngompa13@gmail.com>

---

diff --git a/ipsilon/providers/openid/auth.py b/ipsilon/providers/openid/auth.py
index cfe45be..1a1ef20 100644
--- a/ipsilon/providers/openid/auth.py
+++ b/ipsilon/providers/openid/auth.py
@@ -164,6 +164,8 @@ class AuthenticateRequest(ProviderPageBase):
         if isinstance(trust_root, str):
             trust_root = trust_root.encode('utf-8')
         trust_root_b64 = b64encode(trust_root)
+        if isinstance(trust_root_b64, bytes):
+            trust_root_b64 = trust_root_b64.decode('utf-8')
         consentdata = user.get_consent('openid', trust_root_b64)
         if consentdata is not None:
             # Consent has already been granted