Force basic auth strings to native string type

requests/auth.py

@@ -16,7 +16,7 @@ from base64 import b64encode
 
 from .compat import urlparse, str
 from .cookies import extract_cookies_to_jar
-from .utils import parse_dict_header
+from .utils import parse_dict_header, to_native_string
 
 CONTENT_TYPE_FORM_URLENCODED = 'application/x-www-form-urlencoded'
 CONTENT_TYPE_MULTI_PART = 'multipart/form-data'
@@ -25,7 +25,11 @@ CONTENT_TYPE_MULTI_PART = 'multipart/form-data'
 def _basic_auth_str(username, password):
     """Returns a Basic Auth string."""
 
-    return 'Basic ' + b64encode(('%s:%s' % (username, password)).encode('latin1')).strip().decode('latin1')
+    authstr = 'Basic ' + b64encode(
+        ('%s:%s' % (username, password)).encode('latin1')
+    ).strip()
+
+    return to_native_string(authstr, encoding='latin1')
 
 
 class AuthBase(object):

test_requests.py

@@ -14,9 +14,9 @@ import io
 import requests
 import pytest
 from requests.adapters import HTTPAdapter
-from requests.auth import HTTPDigestAuth
+from requests.auth import HTTPDigestAuth, _basic_auth_str
 from requests.compat import (
-    Morsel, cookielib, getproxies, str, urljoin, urlparse, is_py3)
+    Morsel, cookielib, getproxies, str, urljoin, urlparse, is_py3, builtin_str)
 from requests.cookies import cookiejar_from_dict, morsel_to_cookie
 from requests.exceptions import InvalidURL, MissingSchema
 from requests.models import PreparedRequest, Response
@@ -964,6 +964,11 @@ class RequestsTestCase(unittest.TestCase):
         self._patch_adapter_gzipped_redirect(s, url)
         s.get(url)
 
+    def test_basic_auth_str_is_always_native(self):
+        s = _basic_auth_str("test", "test")
+        assert isinstance(s, builtin_str)
+        assert s == "Basic dGVzdDp0ZXN0"
+
 
 class TestContentEncodingDetection(unittest.TestCase):