本文整理汇总了Python中itsdangerous.BadData方法的典型用法代码示例。如果您正苦于以下问题:Python itsdangerous.BadData方法的具体用法?Python itsdangerous.BadData怎么用?Python itsdangerous.BadData使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类itsdangerous
的用法示例。
在下文中一共展示了itsdangerous.BadData方法的7个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: str_to_claims
# 需要导入模块: import itsdangerous [as 别名]
# 或者: from itsdangerous import BadData [as 别名]
def str_to_claims(token_str):
try:
claims = current_app.tokenauth_serializer.loads(token_str)
except BadData:
logger.warning("Got invalid signature in token %r", token_str)
return None
except Exception:
logger.exception("Error processing signature in token %r", token_str)
return None
# convert v1 to ra2
if claims.get('v') == 1:
return {'iss': 'ra2', 'typ': 'prm', 'jti': 't%d' % claims['id']}
if claims.get('iss') != TOKENAUTH_ISSUER:
return None
return claims
示例2: validate_invitation_token
# 需要导入模块: import itsdangerous [as 别名]
# 或者: from itsdangerous import BadData [as 别名]
def validate_invitation_token(invitation_type, token):
max_age_seconds = 60 * 60 * 24 * current_app.config['INVITATION_EXPIRATION_DAYS']
try:
invited_user_id = check_token(token,
current_app.config['SECRET_KEY'],
current_app.config['DANGEROUS_SALT'],
max_age_seconds)
except SignatureExpired:
errors = {'invitation':
['Your invitation to GOV.UK Notify has expired. '
'Please ask the person that invited you to send you another one']}
raise InvalidRequest(errors, status_code=400)
except BadData:
errors = {'invitation': 'Something’s wrong with this link. Make sure you’ve copied the whole thing.'}
raise InvalidRequest(errors, status_code=400)
if invitation_type == 'service':
invited_user = get_invited_user_by_id(invited_user_id)
return jsonify(data=invited_user_schema.dump(invited_user).data), 200
elif invitation_type == 'organisation':
invited_user = dao_get_invited_organisation_user(invited_user_id)
return jsonify(data=invited_user.serialize()), 200
else:
raise InvalidRequest("Unrecognised invitation type: {}".format(invitation_type))
示例3: verify_weixin_state
# 需要导入模块: import itsdangerous [as 别名]
# 或者: from itsdangerous import BadData [as 别名]
def verify_weixin_state(self):
state = self.get_weixin_state()
try:
serializer = URLSafeTimedSerializer(settings.SECRET_KEY)
return serializer.loads(state) == self.get_local_netloc()
except BadData:
return False
示例4: session
# 需要导入模块: import itsdangerous [as 别名]
# 或者: from itsdangerous import BadData [as 别名]
def session(callback):
cookie_name = 'session'
serializer = URLSafeSerializer(conf['SECRET'])
def inner(*args, **kwargs):
data_raw = data = request.get_cookie(cookie_name)
if data_raw:
try:
data = serializer.loads(data_raw)
except (BadSignature, BadData):
data = None
if data:
conf['USER'] = data['username']
request.session = data or {}
try:
return callback(*args, **kwargs)
finally:
if request.session:
save(request.session)
elif not data_raw:
pass
else:
response.delete_cookie(cookie_name)
def save(session):
cookie_opts = {
# keep session for 3 days
'max_age': 3600 * 24 * 3,
# for security
'httponly': True,
'secure': request.headers.get('X-Forwarded-Proto') == 'https',
}
data = serializer.dumps(session)
response.set_cookie(cookie_name, data, **cookie_opts)
return inner
示例5: check_signature
# 需要导入模块: import itsdangerous [as 别名]
# 或者: from itsdangerous import BadData [as 别名]
def check_signature():
g.signer = TimedSerializer(current_app.config['rpc_signature'])
try:
g.signed = g.signer.loads(request.data)
except BadData:
abort(403)
示例6: loads
# 需要导入模块: import itsdangerous [as 别名]
# 或者: from itsdangerous import BadData [as 别名]
def loads(data):
if data[:3] != 'FK:':
raise BadData('Not a fake token')
else:
return json.loads(data[3:])
# sample tokens, both a function to insert, and a JSON representation of the
# corresponding result.
示例7: validate_csrf
# 需要导入模块: import itsdangerous [as 别名]
# 或者: from itsdangerous import BadData [as 别名]
def validate_csrf(data, secret_key=None, time_limit=None, token_key=None):
"""Check if the given data is a valid CSRF token. This compares the given
signed token to the one stored in the session.
:param data: The signed CSRF token to be checked.
:param secret_key: Used to securely sign the token. Default is
``WTF_CSRF_SECRET_KEY`` or ``SECRET_KEY``.
:param time_limit: Number of seconds that the token is valid. Default is
``WTF_CSRF_TIME_LIMIT`` or 3600 seconds (60 minutes).
:param token_key: Key where token is stored in session for comparision.
Default is ``WTF_CSRF_FIELD_NAME`` or ``'csrf_token'``.
:raises ValidationError: Contains the reason that validation failed.
.. versionchanged:: 0.14
Raises ``ValidationError`` with a specific error message rather than
returning ``True`` or ``False``.
"""
secret_key = _get_config(
secret_key, 'WTF_CSRF_SECRET_KEY', current_app.secret_key,
message='A secret key is required to use CSRF.'
)
field_name = _get_config(
token_key, 'WTF_CSRF_FIELD_NAME', 'csrf_token',
message='A field name is required to use CSRF.'
)
time_limit = _get_config(
time_limit, 'WTF_CSRF_TIME_LIMIT', 3600, required=False
)
if not data:
raise ValidationError('The CSRF token is missing.')
if field_name not in session:
raise ValidationError('The CSRF session token is missing.')
s = URLSafeTimedSerializer(secret_key, salt='wtf-csrf-token')
try:
token = s.loads(data, max_age=time_limit)
except SignatureExpired:
raise ValidationError('The CSRF token has expired.')
except BadData:
raise ValidationError('The CSRF token is invalid.')
if not safe_str_cmp(session[field_name], token):
raise ValidationError('The CSRF tokens do not match.')