From e769c5027456e3abff8cc25b626413530133a850 Mon Sep 17 00:00:00 2001
From: Sravanthi Konduru
 <sravanthi.konduru@sravant-ltmeanu.internal.salesforce.com>
Date: Tue, 21 Dec 2021 00:02:54 +0530
Subject: [PATCH 1/5] Handle bytes input in the payload

---
 st2common/st2common/router.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/st2common/st2common/router.py b/st2common/st2common/router.py
index 36a9476ed6..acbb6cc5f0 100644
--- a/st2common/st2common/router.py
+++ b/st2common/st2common/router.py
@@ -494,7 +494,7 @@ def __call__(self, req):
                         "application/x-www-form-urlencoded",
                         "multipart/form-data",
                     ]:
-                        data = urlparse.parse_qs(req.body)
+                        data = urlparse.parse_qs(six.ensure_str(req.body))
                     else:
                         raise ValueError(
                             'Unsupported Content-Type: "%s"' % (content_type)

From 64f90f59dba095d9cd67de46d285d63d490d3a1c Mon Sep 17 00:00:00 2001
From: Sravanthi Konduru
 <sravanthi.konduru@sravant-ltmeanu.internal.salesforce.com>
Date: Tue, 28 Dec 2021 15:19:14 +0530
Subject: [PATCH 2/5] update unit test to run for url encoded payload

---
 st2api/tests/unit/controllers/v1/test_webhooks.py | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/st2api/tests/unit/controllers/v1/test_webhooks.py b/st2api/tests/unit/controllers/v1/test_webhooks.py
index 2742b2d09e..dc152c14dd 100644
--- a/st2api/tests/unit/controllers/v1/test_webhooks.py
+++ b/st2api/tests/unit/controllers/v1/test_webhooks.py
@@ -262,11 +262,6 @@ def test_json_request_body(self, dispatch_mock):
     )
     @mock.patch("st2common.transport.reactor.TriggerDispatcher.dispatch")
     def test_form_encoded_request_body(self, dispatch_mock):
-        return
-        # TODO: Fix on deserialization on API side, body dict values being decoded as bytes
-        # instead of unicode which breakgs things. Likely issue / bug with form urlencoding
-        # parsing or perhaps in the test client when sending data
-        # Send request body as form urlencoded data
         data = {"form": ["test"]}
 
         headers = {

From 36ee9cdc4940375241ed954c01c9fa30ac2d6d99 Mon Sep 17 00:00:00 2001
From: Sravanthi Konduru
 <sravanthi.konduru@sravant-ltmeanu.internal.salesforce.com>
Date: Tue, 28 Dec 2021 17:26:22 +0530
Subject: [PATCH 3/5] update webhook test case and add new test for sso call
 back

---
 st2api/tests/unit/controllers/v1/test_webhooks.py |  5 +++--
 st2auth/tests/unit/controllers/v1/test_sso.py     | 15 +++++++++++++++
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/st2api/tests/unit/controllers/v1/test_webhooks.py b/st2api/tests/unit/controllers/v1/test_webhooks.py
index dc152c14dd..c0a15c9295 100644
--- a/st2api/tests/unit/controllers/v1/test_webhooks.py
+++ b/st2api/tests/unit/controllers/v1/test_webhooks.py
@@ -269,10 +269,11 @@ def test_form_encoded_request_body(self, dispatch_mock):
             "St2-Trace-Tag": "tag1",
         }
 
-        self.app.post("/v1/webhooks/git", data, headers=headers)
+        post_resp = self.app.post("/v1/webhooks/git", data, headers=headers)
+        self.assertEqual(post_resp.status_int, http_client.ACCEPTED)
         self.assertEqual(
             dispatch_mock.call_args[1]["payload"]["headers"]["Content-Type"],
-            "application/x-www-form-urlencoded",
+            "application/x-www-form-urlencoded; charset=UTF-8",
         )
         self.assertEqual(dispatch_mock.call_args[1]["payload"]["body"], data)
         self.assertEqual(dispatch_mock.call_args[1]["trace_context"].trace_tag, "tag1")
diff --git a/st2auth/tests/unit/controllers/v1/test_sso.py b/st2auth/tests/unit/controllers/v1/test_sso.py
index 2b6edb1f83..5a930ed2c1 100644
--- a/st2auth/tests/unit/controllers/v1/test_sso.py
+++ b/st2auth/tests/unit/controllers/v1/test_sso.py
@@ -137,6 +137,19 @@ def test_idp_callback(self):
         self.assertIn("token", st2_auth_token)
         self.assertEqual(st2_auth_token["user"], MOCK_USER)
 
+    @mock.patch.object(
+        sso_api_controller.SSO_BACKEND,
+        "verify_response",
+        mock.MagicMock(return_value={"referer": MOCK_REFERER, "username": MOCK_USER}),
+    )
+    def test_callback_url_encoded_payload(self):
+        data = {"foo": ["bar"]}
+        headers = {
+            "Content-Type": "application/x-www-form-urlencoded",
+        }
+        response = self.app.post(SSO_CALLBACK_V1_PATH, data, headers=headers)
+        self.assertTrue(response.status_code, http_client.OK)
+
     @mock.patch.object(
         sso_api_controller.SSO_BACKEND,
         "verify_response",
@@ -151,3 +164,5 @@ def test_idp_callback_verification_failed(self):
         )
         self.assertTrue(response.status_code, http_client.UNAUTHORIZED)
         self.assertDictEqual(response.json, expected_error)
+
+

From 42217ca23154e0c830e5972aa28f55dbd01287f9 Mon Sep 17 00:00:00 2001
From: Sravanthi Konduru
 <sravanthi.konduru@sravant-ltmeanu.internal.salesforce.com>
Date: Tue, 11 Jan 2022 11:15:05 +0530
Subject: [PATCH 4/5] fix lint failure

---
 st2auth/tests/unit/controllers/v1/test_sso.py | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/st2auth/tests/unit/controllers/v1/test_sso.py b/st2auth/tests/unit/controllers/v1/test_sso.py
index 5a930ed2c1..5596b0fb01 100644
--- a/st2auth/tests/unit/controllers/v1/test_sso.py
+++ b/st2auth/tests/unit/controllers/v1/test_sso.py
@@ -144,9 +144,7 @@ def test_idp_callback(self):
     )
     def test_callback_url_encoded_payload(self):
         data = {"foo": ["bar"]}
-        headers = {
-            "Content-Type": "application/x-www-form-urlencoded",
-        }
+        headers = {"Content-Type": "application/x-www-form-urlencoded"}
         response = self.app.post(SSO_CALLBACK_V1_PATH, data, headers=headers)
         self.assertTrue(response.status_code, http_client.OK)
 
@@ -164,5 +162,3 @@ def test_idp_callback_verification_failed(self):
         )
         self.assertTrue(response.status_code, http_client.UNAUTHORIZED)
         self.assertDictEqual(response.json, expected_error)
-
-

From 0f174e3d7e28a211ded78133ad3de4123266ba45 Mon Sep 17 00:00:00 2001
From: Sravanthi Konduru
 <sravanthi.konduru@sravant-ltmeanu.internal.salesforce.com>
Date: Tue, 11 Jan 2022 17:31:00 +0530
Subject: [PATCH 5/5] update changelog

---
 CHANGELOG.rst | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 8f73f5aae9..6182a20e95 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -7,6 +7,10 @@ in development
 Fixed
 ~~~~~
 
+* Fix deserialization bug for url encoded payloads. #5513
+
+  Contributed by @sravs-dev
+
 * Fix Type error for ``time_diff`` critera comparison. convert the timediff value as float to match
   ``timedelta.total_seconds()`` return. #5462