Issue running confidant in development mode (encryption disabled)
jrosco opened this issue · comments
Joel commented
Building Confidant from the master branch (tag/5.0.1) I'm getting the following error
Environment:
- Running build from Docker container
- Running version 5.0.1
- I have
USE_ENCRYPTION=false
in my env file.
The error seems to be caused by confidant/ciphermanager.py
line 28
return 'DANGER_NOT_ENCRYPTED_{0}'.format(base64.b64encode(raw))
Error Logs:
confidant_1 | WARNING:root:Creating a mock datakey in keymanager.create_datakey. If you are not running in a development or test environment, this should not be happening!
confidant_1 | WARNING:root:Not using encryption in CipherManager.encrypt If you are not running in a development or test environment, this should not be happening!
confidant_1 | [2019-09-23 10:53:40 +0000] [10] [ERROR] Error handling request /v1/credentials
confidant_1 | Traceback (most recent call last):
confidant_1 | File "/venv/lib/python3.6/site-packages/gunicorn/workers/base_async.py", line 56, in handle
confidant_1 | self.handle_request(listener_name, req, client, addr)
confidant_1 | File "/venv/lib/python3.6/site-packages/gunicorn/workers/ggevent.py", line 160, in handle_request
confidant_1 | addr)
confidant_1 | File "/venv/lib/python3.6/site-packages/gunicorn/workers/base_async.py", line 107, in handle_request
confidant_1 | respiter = self.wsgi(environ, resp.start_response)
confidant_1 | File "/venv/lib/python3.6/site-packages/flask/app.py", line 2463, in __call__
confidant_1 | return self.wsgi_app(environ, start_response)
confidant_1 | File "/venv/lib/python3.6/site-packages/guard.py", line 62, in __call__
confidant_1 | return self.application(environ, _start_response)
confidant_1 | File "/venv/lib/python3.6/site-packages/flask/app.py", line 2449, in wsgi_app
confidant_1 | response = self.handle_exception(e)
confidant_1 | File "/venv/lib/python3.6/site-packages/flask/app.py", line 1866, in handle_exception
confidant_1 | reraise(exc_type, exc_value, tb)
confidant_1 | File "/venv/lib/python3.6/site-packages/flask/_compat.py", line 39, in reraise
confidant_1 | raise value
confidant_1 | File "/venv/lib/python3.6/site-packages/flask/app.py", line 2446, in wsgi_app
confidant_1 | response = self.full_dispatch_request()
confidant_1 | File "/venv/lib/python3.6/site-packages/flask/app.py", line 1951, in full_dispatch_request
confidant_1 | rv = self.handle_user_exception(e)
confidant_1 | File "/venv/lib/python3.6/site-packages/flask/app.py", line 1820, in handle_user_exception
confidant_1 | reraise(exc_type, exc_value, tb)
confidant_1 | File "/venv/lib/python3.6/site-packages/flask/_compat.py", line 39, in reraise
confidant_1 | raise value
confidant_1 | File "/venv/lib/python3.6/site-packages/flask/app.py", line 1949, in full_dispatch_request
confidant_1 | rv = self.dispatch_request()
confidant_1 | File "/venv/lib/python3.6/site-packages/flask/app.py", line 1935, in dispatch_request
confidant_1 | return self.view_functions[rule.endpoint](**req.view_args)
confidant_1 | File "/srv/confidant/confidant/authnz/__init__.py", line 237, in decorated
confidant_1 | resp = make_response(f(*args, **kwargs))
confidant_1 | File "/srv/confidant/confidant/authnz/__init__.py", line 114, in decorated
confidant_1 | return f(*args, **kwargs)
confidant_1 | File "/srv/confidant/confidant/utils/maintenance.py", line 35, in decorated
confidant_1 | return f(*args, **kwargs)
confidant_1 | File "/srv/confidant/confidant/routes/v1.py", line 672, in create_credential
confidant_1 | credential_pairs = cipher.encrypt(credential_pairs)
confidant_1 | File "/srv/confidant/confidant/ciphermanager.py", line 28, in encrypt
confidant_1 | return base64.b64encode(raw)
confidant_1 | File "/venv/lib/python3.6/base64.py", line 58, in b64encode
confidant_1 | encoded = binascii.b2a_base64(s, newline=False)
confidant_1 | TypeError: a bytes-like object is required, not 'str'
confidant_1 | 172.17.0.1 - - [23/Sep/2019:10:53:40 +0000] "POST /v1/credentials HTTP/1.1" 500 0 "-" "-"
Ryan Lane commented
Ah. This is almost certainly something we missed with the py3 support. Let me get a PR in.
Anthony Sottile commented
should be fixed by #201 -- sorry for the inconvenience!
Ryan Lane commented
Pushed tag 5.1.0 with fix.