Ejemplo n.º 1
0
 def testValidateAuthTokenLengthDifferent(self, _):
     token_created_timestamp = time_util.ConvertToTimestamp(
         datetime(2017, 06, 13, 0, 0, 0))
     tested_token = base64.urlsafe_b64encode('token:' +
                                             str(token_created_timestamp))
     valid, expired = token.ValidateAuthToken('key', tested_token, 'email')
     self.assertFalse(valid)
     self.assertFalse(expired)
Ejemplo n.º 2
0
 def testValidateAuthTokenExpired(self, _):
     tested_token = token.GenerateAuthToken('key',
                                            'email',
                                            when=datetime(
                                                2017, 06, 13, 0, 0, 0))
     valid, expired = token.ValidateAuthToken('key', tested_token, 'email')
     self.assertTrue(valid)
     self.assertTrue(expired)
Ejemplo n.º 3
0
 def testGeneratedXSRFTokenIsValidForSameUserAndSameAction(self, mock_now):
     mock_now.side_effect = [
         datetime(2017, 6, 13, 0, 0, 0),
         datetime(2017, 6, 13, 0, 1, 0)
     ]
     xsrf_token = token.GenerateAuthToken('key', 'email', 'action')
     valid, expired = token.ValidateAuthToken('key', xsrf_token, 'email',
                                              'action')
     self.assertTrue(valid)
     self.assertFalse(expired)
Ejemplo n.º 4
0
    def HandlePost(self):
        assert self.auth_scope, 'Auth scope must be provided.'
        assert self.user_id, 'User id must be provided.'

        logging.debug('Post body: %s', self.request.body)

        try:
            envelope = json.loads(self.request.body)
            auth_token = envelope['message']['attributes']['auth_token']
            message_data = json.loads(
                base64.b64decode(envelope['message']['data']))
            user_data = json.loads(
                message_data.get('user_data') or message_data.get('userdata'))
            pipeline_id = user_data['runner_id']

            valid, expired = token.ValidateAuthToken(
                self.auth_scope,
                auth_token,
                self.user_id,
                action_id=pipeline_id,
                valid_hours=self.GetValidHoursOfAuthToken())
            if not valid or expired:
                # Ignore requests with invalid or expired auth token.
                logging.warning('Auth token: valid=%s, expired=%s', valid,
                                expired)
                return

            pipeline = AsynchronousPipeline.from_id(pipeline_id)
            if not pipeline or not isinstance(pipeline, AsynchronousPipeline):
                # Ignore requests targeted at invalid pipelines.
                logging.warning('Pipeline not found or not async: %s',
                                pipeline_id)
                return

            message_id = envelope['message']['message_id']
            parameters = self.GetAdditionalParameters(envelope['message'],
                                                      message_data)
            # The pipeline will schedule the callback task to be run in the same
            # target version and task queue as itself.
            # Use the message id from PubSub as task name to avoid duplicate callback
            # tasks because PubSub could push the same message multiple times.
            pipeline.ScheduleCallbackTask(name=message_id,
                                          parameters=parameters)
        except (ValueError, KeyError) as e:
            # Ignore requests with invalid message.
            logging.warning('Unexpected PubSub message format: %s', e.message)
Ejemplo n.º 5
0
 def testGeneratedXSRFTokenIsInvalidForDifferentUserAndAction(self):
     xsrf_token = token.GenerateAuthToken('key', 'email1', 'action1')
     valid, expired = token.ValidateAuthToken('key', xsrf_token, 'email2',
                                              'action2')
     self.assertFalse(valid)
     self.assertFalse(expired)
Ejemplo n.º 6
0
 def testValidateAuthTokenDateInvalid(self):
     tested_token = base64.urlsafe_b64encode('token')
     valid, expired = token.ValidateAuthToken('key', tested_token, 'email')
     self.assertFalse(valid)
     self.assertFalse(expired)
Ejemplo n.º 7
0
 def testValidateAuthTokenNoToken(self):
     valid, expired = token.ValidateAuthToken('key', None, 'email')
     self.assertFalse(valid)
     self.assertFalse(expired)
Ejemplo n.º 8
0
 def testValidateAuthTokenSucceed(self, _):
     tested_token = token.GenerateAuthToken('key', 'email')
     valid, expired = token.ValidateAuthToken('key', tested_token, 'email')
     self.assertTrue(valid)
     self.assertFalse(expired)