httpauth.py: Don't crash if Base-64 decoding of the CSRF token fails.

[chopwood] / httpauth.py

diff --git a/httpauth.py b/httpauth.py
index 31e4ca1daf4a602d3cdcf938c560c6d15ca0e96c..739d1dfa65f24fb003aa6e40a2f13093fd416e59 100644 (file)
--- a/httpauth.py
+++ b/httpauth.py
@@ -158,7 +158,10 @@ def hack_octets(s):
 def unhack_octets(s):
   """Reverse the operation done by `hack_octets'."""
   pad = (len(s) + 3)&3 - len(s)
-  return BN.b64decode(s + '='*pad, '+$')
+  try:
+    return BN.b64decode(s + '='*pad, '+$')
+  except TypeError:
+    raise AuthenticationFailed, 'BADNONCE'
 
 def auth_tag(sec, stamp, user):
   """Compute a tag using secret SEC on `STAMP.USER'."""