From f584b9bc114c2420daa1f11235c98f3707c486af Mon Sep 17 00:00:00 2001
From: Jarrod Johnson <jjohnson2@lenovo.com>
Date: Fri, 23 Apr 2021 14:17:54 -0400
Subject: [PATCH] Protect against binary sealed data

It was detected that binary sealed data
could happen. Ensure that it is str
before passing to configuration.
---
 confluent_server/confluent/selfservice.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/confluent_server/confluent/selfservice.py b/confluent_server/confluent/selfservice.py
index 619c383f..e99826a4 100644
--- a/confluent_server/confluent/selfservice.py
+++ b/confluent_server/confluent/selfservice.py
@@ -259,6 +259,8 @@ def handle_request(env, start_response):
             start_response('500 Error', (('Content-Type', 'text/plain'),))
             yield 'No pending profile detected, unable to accept status update'
     elif env['PATH_INFO'] == '/self/saveapikey' and reqbody:
+        if not isinstance(reqbody, str):
+            reqbody = reqbody.decode('utf8')
         cfg.set_node_attributes({
             nodename: {'deployment.sealedapikey': {'value': reqbody}}})
         start_response('200 OK', ())