Python unprotect_data Beispiele

Beispiel #1

Datei: test_memcache_crypt.py Projekt: AsherBond/python-keystoneclient

 def test_protect_wrappers(self):
     data = b'My Pretty Little Data'
     for strategy in [b'MAC', b'ENCRYPT']:
         keys = self._setup_keys(strategy)
         protected = memcache_crypt.protect_data(keys, data)
         self.assertNotEqual(protected, data)
         if strategy == b'ENCRYPT':
             self.assertNotIn(data, protected)
         unprotected = memcache_crypt.unprotect_data(keys, protected)
         self.assertEqual(data, unprotected)
         self.assertRaises(memcache_crypt.InvalidMacError,
                           memcache_crypt.unprotect_data,
                           keys, protected[:-1])
         self.assertIsNone(memcache_crypt.unprotect_data(keys, None))

Beispiel #2

Datei: test_memcache_crypt.py Projekt: BlackSmith/python-keystoneclient

 def test_protect_wrappers(self):
     data = b'My Pretty Little Data'
     for strategy in [b'MAC', b'ENCRYPT']:
         keys = self._setup_keys(strategy)
         protected = memcache_crypt.protect_data(keys, data)
         self.assertNotEqual(protected, data)
         if strategy == b'ENCRYPT':
             self.assertNotIn(data, protected)
         unprotected = memcache_crypt.unprotect_data(keys, protected)
         self.assertEqual(data, unprotected)
         self.assertRaises(memcache_crypt.InvalidMacError,
                           memcache_crypt.unprotect_data,
                           keys, protected[:-1])
         self.assertIsNone(memcache_crypt.unprotect_data(keys, None))

Beispiel #3

Datei: authz.py Projekt: mfaraji/python-keystoneclient

    def _cache_get(self, policy, token):
        """Return policy information from cache.
        """

        if self._cache and policy:
            if self._memcache_security_strategy is None:
                key = CACHE_KEY_TEMPLATE
                timestamp, serialized = self._cache.get(key)
            else:
                keys = memcache_crypt.derive_keys(
                    token,
                    self._memcache_secret_key,
                    self._memcache_security_strategy)
                cache_key = CACHE_KEY_TEMPLATE % (
                    memcache_crypt.get_cache_key(keys))
                raw_cached = self._cache.get(cache_key)
                try:
                    serialized = memcache_crypt.unprotect_data(keys,
                                                               raw_cached)
                except Exception:
                    msg = 'Failed to decrypt/verify cache data'
                    self.LOG.exception(msg)
                    serialized = None

            if serialized is None:
                return None

            cached = json.loads(serialized)
            if timestamp == policy[0]['timestamp']:
                self.LOG.debug('Policy is synced')
                return cached
            else:
                self.LOG.debug('Cached Policy %s seems expired', policy)
                new_policy = self._fetch_policy(token, policy[0])
                self._cache_store(new_policy)

Beispiel #4

Datei: auth_token.py Projekt: CodeWire/Standup-a-3-node-OpenStack-HA-Controller-Cluster-with-Contrail-SDN

    def _cache_get(self, token_id, ignore_expires=False):
        """Return token information from cache.

        If token is invalid raise InvalidUserToken
        return token only if fresh (not expired).
        """

        if self._cache and token_id:
            if self._memcache_security_strategy is None:
                key = CACHE_KEY_TEMPLATE % token_id
                serialized = self._cache.get(key)
            else:
                keys = memcache_crypt.derive_keys(
                    token_id,
                    self._memcache_secret_key,
                    self._memcache_security_strategy)
                cache_key = CACHE_KEY_TEMPLATE % (
                    memcache_crypt.get_cache_key(keys))
                raw_cached = self._cache.get(cache_key)
                try:
                    # unprotect_data will return None if raw_cached is None
                    serialized = memcache_crypt.unprotect_data(keys,
                                                               raw_cached)
                except Exception:
                    msg = 'Failed to decrypt/verify cache data'
                    self.LOG.exception(msg)
                    # this should have the same effect as data not
                    # found in cache
                    serialized = None

            if serialized is None:
                return None

            # Note that 'invalid' and (data, expires) are the only
            # valid types of serialized cache entries, so there is not
            # a collision with jsonutils.loads(serialized) == None.
            cached = jsonutils.loads(serialized)
            if cached == 'invalid':
                self.LOG.debug('Cached Token %s is marked unauthorized',
                               token_id)
                raise InvalidUserToken('Token authorization failed')

            data, expires = cached

            try:
                expires = timeutils.parse_isotime(expires)
            except ValueError:
                # Gracefully handle upgrade of expiration times from *nix
                # timestamps to ISO 8601 formatted dates by ignoring old cached
                # values.
                return

            expires = timeutils.normalize_time(expires)
            utcnow = timeutils.utcnow()
            if ignore_expires or utcnow < expires:
                self.LOG.debug('Returning cached token %s', token_id)
                return data
            else:
                self.LOG.debug('Cached Token %s seems expired', token_id)

Beispiel #5

Datei: auth_token.py Projekt: fanxiaohui/python-keystoneclient

    def _cache_get(self, token_id, ignore_expires=False):
        """Return token information from cache.

        If token is invalid raise InvalidUserToken
        return token only if fresh (not expired).
        """

        if self._cache and token_id:
            if self._memcache_security_strategy is None:
                key = CACHE_KEY_TEMPLATE % token_id
                serialized = self._cache.get(key)
            else:
                keys = memcache_crypt.derive_keys(
                    token_id, self._memcache_secret_key,
                    self._memcache_security_strategy)
                cache_key = CACHE_KEY_TEMPLATE % (
                    memcache_crypt.get_cache_key(keys))
                raw_cached = self._cache.get(cache_key)
                try:
                    # unprotect_data will return None if raw_cached is None
                    serialized = memcache_crypt.unprotect_data(
                        keys, raw_cached)
                except Exception:
                    msg = 'Failed to decrypt/verify cache data'
                    self.LOG.exception(msg)
                    # this should have the same effect as data not
                    # found in cache
                    serialized = None

            if serialized is None:
                return None

            # Note that 'invalid' and (data, expires) are the only
            # valid types of serialized cache entries, so there is not
            # a collision with jsonutils.loads(serialized) == None.
            cached = jsonutils.loads(serialized)
            if cached == 'invalid':
                self.LOG.debug('Cached Token %s is marked unauthorized',
                               token_id)
                raise InvalidUserToken('Token authorization failed')

            data, expires = cached

            try:
                expires = timeutils.parse_isotime(expires)
            except ValueError:
                # Gracefully handle upgrade of expiration times from *nix
                # timestamps to ISO 8601 formatted dates by ignoring old cached
                # values.
                return

            expires = timeutils.normalize_time(expires)
            utcnow = timeutils.utcnow()
            if ignore_expires or utcnow < expires:
                self.LOG.debug('Returning cached token %s', token_id)
                return data
            else:
                self.LOG.debug('Cached Token %s seems expired', token_id)

Beispiel #6

Datei: auth_token.py Projekt: citrix-openstack-build/python-keystoneclient

    def _cache_get(self, token_id, ignore_expires=False):
        """Return token information from cache.

        If token is invalid raise InvalidUserToken
        return token only if fresh (not expired).
        """

        if self._cache and token_id:
            if self._memcache_security_strategy is None:
                key = CACHE_KEY_TEMPLATE % token_id
                serialized = self._cache.get(key)
            else:
                keys = memcache_crypt.derive_keys(
                    token_id,
                    self._memcache_secret_key,
                    self._memcache_security_strategy)
                cache_key = CACHE_KEY_TEMPLATE % (
                    memcache_crypt.get_cache_key(keys))
                raw_cached = self._cache.get(cache_key)
                try:
                    # unprotect_data will return None if raw_cached is None
                    serialized = memcache_crypt.unprotect_data(keys,
                                                               raw_cached)
                except Exception:
                    msg = 'Failed to decrypt/verify cache data'
                    self.LOG.exception(msg)
                    # this should have the same effect as data not
                    # found in cache
                    serialized = None

            if serialized is None:
                return None

            # Note that 'invalid' and (data, expires) are the only
            # valid types of serialized cache entries, so there is not
            # a collision with jsonutils.loads(serialized) == None.
            cached = jsonutils.loads(serialized)
            if cached == 'invalid':
                self.LOG.debug('Cached Token %s is marked unauthorized',
                               token_id)
                raise InvalidUserToken('Token authorization failed')

            data, expires = cached
            if ignore_expires or time.time() < float(expires):
                self.LOG.debug('Returning cached token %s', token_id)
                return data
            else:
                self.LOG.debug('Cached Token %s seems expired', token_id)

Beispiel #7

Datei: auth_token.py Projekt: bopopescu/Openstack-11

    def _cache_get(self, token_id, ignore_expires=False):
        """Return token information from cache.

        If token is invalid raise InvalidUserToken
        return token only if fresh (not expired).
        """

        if self._cache and token_id:
            if self._memcache_security_strategy is None:
                key = CACHE_KEY_TEMPLATE % token_id
                serialized = self._cache.get(key)
            else:
                keys = memcache_crypt.derive_keys(
                    token_id,
                    self._memcache_secret_key,
                    self._memcache_security_strategy)
                cache_key = CACHE_KEY_TEMPLATE % (
                    memcache_crypt.get_cache_key(keys))
                raw_cached = self._cache.get(cache_key)
                try:
                    # unprotect_data will return None if raw_cached is None
                    serialized = memcache_crypt.unprotect_data(keys,
                                                               raw_cached)
                except Exception:
                    msg = 'Failed to decrypt/verify cache data'
                    self.LOG.exception(msg)
                    # this should have the same effect as data not
                    # found in cache
                    serialized = None

            if serialized is None:
                return None

            # Note that 'invalid' and (data, expires) are the only
            # valid types of serialized cache entries, so there is not
            # a collision with json.loads(serialized) == None.
            cached = json.loads(serialized)
            if cached == 'invalid':
                self.LOG.debug('Cached Token %s is marked unauthorized',
                               token_id)
                raise InvalidUserToken('Token authorization failed')

            data, expires = cached
            if ignore_expires or time.time() < float(expires):
                self.LOG.debug('Returning cached token %s', token_id)
                return data
            else:
                self.LOG.debug('Cached Token %s seems expired', token_id)