@@ -136,21 +136,20 @@ def _retry_using_http_Negotiate_auth(self, response, scheme, args):
136136
137137 # Should get another 401 if we are doing challenge-response (NTLM)
138138 if response2 .status_code != 401 :
139- if response2 .status_code == 200 :
140- # Kerberos may have succeeded; if so, finalize our auth context
141- final = response2 .headers .get ('WWW-Authenticate' )
142- if final is not None :
143- try :
144- # Sometimes Windows seems to forget to prepend 'Negotiate' to the success response,
145- # and we get just a bare chunk of base64 token. Not sure why.
146- final = final .replace (scheme , '' , 1 ).lstrip ()
147- tokenbuf = win32security .PySecBufferType (pkg_info ['MaxToken' ], sspicon .SECBUFFER_TOKEN )
148- tokenbuf .Buffer = base64 .b64decode (final )
149- sec_buffer .append (tokenbuf )
150- error , auth = clientauth .authorize (sec_buffer )
151- _logger .debug ('Kerberos Authentication succeeded - error={} authenticated={}' .format (error , clientauth .authenticated ))
152- except TypeError :
153- pass
139+ # Kerberos may have succeeded; if so, finalize our auth context
140+ final = response2 .headers .get ('WWW-Authenticate' )
141+ if final is not None :
142+ try :
143+ # Sometimes Windows seems to forget to prepend 'Negotiate' to the success response,
144+ # and we get just a bare chunk of base64 token. Not sure why.
145+ final = final .replace (scheme , '' , 1 ).lstrip ()
146+ tokenbuf = win32security .PySecBufferType (pkg_info ['MaxToken' ], sspicon .SECBUFFER_TOKEN )
147+ tokenbuf .Buffer = base64 .b64decode (final .encode ('ASCII' ))
148+ sec_buffer .append (tokenbuf )
149+ error , auth = clientauth .authorize (sec_buffer )
150+ _logger .debug ('Kerberos Authentication succeeded - error={} authenticated={}' .format (error , clientauth .authenticated ))
151+ except TypeError :
152+ pass
154153
155154 # Regardless of whether or not we finalized our auth context,
156155 # without a 401 we've got nothing to do. Update the history and return.
0 commit comments