From 47f8935bb5423718ec293bba4709307be7d2f51c Mon Sep 17 00:00:00 2001
From: Theron Luhn <theron@luhn.com>
Date: Mon, 15 Apr 2019 19:04:35 -0700
Subject: Stringify identity in legacy authenticated_userid.

---
 src/pyramid/security.py | 2 +-
 tests/test_security.py  | 5 +++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/pyramid/security.py b/src/pyramid/security.py
index e28ce0f1c..a55320ce6 100644
--- a/src/pyramid/security.py
+++ b/src/pyramid/security.py
@@ -355,7 +355,7 @@ class AuthenticationAPIMixin(object):
         if authn is not None:
             return authn.authenticated_userid(self)
         elif security is not None:
-            return security.identify(self)
+            return str(security.identify(self))
         else:
             return None
 
diff --git a/tests/test_security.py b/tests/test_security.py
index b66632baa..97aec42c6 100644
--- a/tests/test_security.py
+++ b/tests/test_security.py
@@ -357,8 +357,9 @@ class TestAuthenticatedUserId(unittest.TestCase):
 
     def test_with_security_policy(self):
         request = _makeRequest()
-        _registerSecurityPolicy(request.registry, 'yo')
-        self.assertEqual(request.authenticated_userid, 'yo')
+        # Ensure the identity is stringified.
+        _registerSecurityPolicy(request.registry, 123)
+        self.assertEqual(request.authenticated_userid, '123')
 
     def test_with_authentication_policy_no_reg_on_request(self):
         from pyramid.threadlocal import get_current_registry
-- 
cgit v1.2.3