def get(self,
crypto,
image,
security_key=None,
**kw):
cr = Crypto(security_key or conf.SECURITY_KEY)
try:
opt = cr.decrypt(crypto)
except ValueError:
opt = None
if not opt and not security_key and conf.STORES_CRYPTO_KEY_FOR_EACH_IMAGE:
security_key = self.storage.get_crypto(image)
cr = Crypto(security_key or conf.SECURITY_KEY)
opt = cr.decrypt(crypto)
image_hash = opt and opt.get('image_hash')
image_hash = image_hash[1:] if image_hash and image_hash.startswith('/') else image_hash
path_hash = hashlib.md5(image).hexdigest()
if not image_hash or image_hash != path_hash:
self._error(404, 'Request denied because the specified image hash is not valid.')
return
return self.execute_image_operations(opt, image)
def get(self,
crypto,
image,
security_key=None,
**kw):
cr = Crypto(security_key or self.context.config.SECURITY_KEY)
try:
opt = cr.decrypt(crypto)
except ValueError:
opt = None
if not opt and not security_key and self.context.config.STORES_CRYPTO_KEY_FOR_EACH_IMAGE:
security_key = self.storage.get_crypto(image)
cr = Crypto(security_key or self.context.config.SECURITY_KEY)
opt = cr.decrypt(crypto)
image_hash = opt and opt.get('image_hash')
image_hash = image_hash[1:] if image_hash and image_hash.startswith('/') else image_hash
path_hash = hashlib.md5(image).hexdigest()
if not image_hash or image_hash != path_hash:
self._error(404, 'Request denied because the specified image hash is not valid.')
return
opt['image'] = image
self.context.request = RequestParameters(**opt)
return self.execute_image_operations()
def get(self,
crypto,
image,
security_key=None,
**kw):
cr = Crypto(security_key or self.context.server.security_key)
try:
opt = cr.decrypt(crypto)
except ValueError:
opt = None
if not opt and not security_key and self.context.config.STORES_CRYPTO_KEY_FOR_EACH_IMAGE:
security_key = self.storage.get_crypto(image)
cr = Crypto(security_key or self.context.server.security_key)
opt = cr.decrypt(crypto)
image_hash = opt and opt.get('image_hash')
image_hash = image_hash[1:] if image_hash and image_hash.startswith('/') else image_hash
path_hash = hashlib.md5(image.encode('utf-8')).hexdigest()
if not image_hash or image_hash != path_hash:
self._error(404, 'Request denied because the specified image hash is not valid.')
return
opt['image'] = image
self.context.request = RequestParameters(**opt)
return self.execute_image_operations()
def get(self,
crypto,
image,
security_key=None,
**kw):
if not security_key and options.STORES_CRYPTO_KEY_FOR_EACH_IMAGE:
security_key = self.storage.get_crypto(image)
try:
cr = Crypto(security_key or options.SECURITY_KEY)
opt = cr.decrypt(crypto)
except TypeError:
self._error(404, 'Request denied because the specified encrypted url "%s" could not be decripted' % crypto)
return
image_hash = opt and opt.get('image_hash')
image_hash = image_hash[1:] if image_hash and image_hash.startswith('/') else image_hash
path_hash = hashlib.md5(image).hexdigest()
if not image_hash or image_hash != path_hash:
self._error(404, 'Request denied because the specified image hash "%s" does not match the given image path hash "%s"' %(
unicode(image_hash, errors='replace'),
path_hash
))
return
if not self.validate(image):
self._error(404)
return
return self.execute_image_operations(opt, image)
def test_encdec_with_extra_args():
crypto = Crypto(salt="something")
encrypted = crypto.encrypt(width=300,
height=200,
smart=False,
flip_horizontal=True,
flip_vertical=True,
halign="center",
valign="middle",
crop_left=10,
crop_top=11,
crop_right=12,
crop_bottom=13,
image="/some/image")
decrypted = crypto.decrypt(encrypted)
assert decrypted['width'] == 300
assert decrypted['height'] == 200
assert not decrypted['smart']
assert decrypted['horizontal_flip']
assert decrypted['vertical_flip']
assert decrypted['halign'] == "center"
assert decrypted['valign'] == "middle"
assert decrypted['crop']
assert decrypted['crop']['left'] == 10
assert decrypted['crop']['top'] == 11
assert decrypted['crop']['right'] == 12
assert decrypted['crop']['bottom'] == 13
def test_encdec_with_extra_args():
crypto = Crypto(salt="something")
encrypted = crypto.encrypt(width=300,
height=200,
smart=False,
fit_in=True,
flip_horizontal=True,
flip_vertical=True,
halign="center",
valign="middle",
crop_left=10,
crop_top=11,
crop_right=12,
crop_bottom=13,
image="/some/image")
decrypted = crypto.decrypt(encrypted)
assert decrypted['width'] == 300
assert decrypted['height'] == 200
assert not decrypted['smart']
assert decrypted['fit_in']
assert decrypted['horizontal_flip']
assert decrypted['vertical_flip']
assert decrypted['halign'] == "center"
assert decrypted['valign'] == "middle"
assert decrypted['crop']
assert decrypted['crop']['left'] == 10
assert decrypted['crop']['top'] == 11
assert decrypted['crop']['right'] == 12
assert decrypted['crop']['bottom'] == 13
def get(self, crypto, image, security_key=None, **kw):
if not security_key and options.STORES_CRYPTO_KEY_FOR_EACH_IMAGE:
security_key = self.storage.get_crypto(image)
try:
cr = Crypto(security_key or options.SECURITY_KEY)
opt = cr.decrypt(crypto)
except TypeError:
self._error(
404,
'Request denied because the specified encrypted url "%s" could not be decripted'
% crypto)
return
image_hash = opt and opt.get('image_hash')
image_hash = image_hash[1:] if image_hash and image_hash.startswith(
'/') else image_hash
path_hash = hashlib.md5(image).hexdigest()
if not image_hash or image_hash != path_hash:
self._error(
404,
'Request denied because the specified image hash "%s" does not match the given image path hash "%s"'
% (unicode(image_hash, errors='replace'), path_hash))
return
if not self.validate(image):
self._error(404)
return
return self.execute_image_operations(opt, image)
def test_decrypt():
crypto = Crypto(salt="something")
encrypted = crypto.encrypt(width=300,
height=200,
smart=True,
flip_horizontal=True,
flip_vertical=True,
halign="center",
valign="middle",
crop_left=10,
crop_top=11,
crop_right=12,
crop_bottom=13,
image="/some/image.jpg")
decrypted = crypto.decrypt(encrypted)
assert decrypted['width'] == 300
assert decrypted['height'] == 200
assert decrypted['smart'] == True
def test_decrypt():
crypto = Crypto(salt="something")
encrypted = crypto.encrypt(width=300,
height=200,
smart=True,
fit_in=False,
flip_horizontal=True,
flip_vertical=True,
halign="center",
valign="middle",
crop_left=10,
crop_top=11,
crop_right=12,
crop_bottom=13,
image="/some/image.jpg")
decrypted = crypto.decrypt(encrypted)
assert decrypted['width'] == 300
assert decrypted['height'] == 200
assert decrypted['smart'] == True
def test_decrypting_with_wrong_key_fails():
crypto = Crypto(salt="something")
encrypted = crypto.encrypt(width=300,
height=200,
smart=True,
flip_horizontal=True,
flip_vertical=True,
halign="center",
valign="middle",
crop_left=10,
crop_top=11,
crop_right=12,
crop_bottom=13,
image="/some/image/")
crypto = Crypto(salt="simething")
decrypted = crypto.decrypt(encrypted)
assert decrypted
def test_decrypting_with_wrong_key_fails():
crypto = Crypto(salt="something")
encrypted = crypto.encrypt(width=300,
height=200,
smart=True,
fit_in=False,
flip_horizontal=True,
flip_vertical=True,
halign="center",
valign="middle",
crop_left=10,
crop_top=11,
crop_right=12,
crop_bottom=13,
image="/some/image/")
crypto = Crypto(salt="simething")
decrypted = crypto.decrypt(encrypted)
assert decrypted
def test_thumbor_can_decrypt_lib_thumbor_generated_url():
key = "my-security-key"
image = "s.glbimg.com/et/bb/f/original/2011/03/24/VN0JiwzmOw0b0lg.jpg"
thumbor_crypto = Crypto(salt=key)
crypto = CryptoURL(key=key)
url = crypto.generate(
width=300,
height=200,
smart=True,
image_url=image
)
reg = "/([^/]+)/(.+)"
options = re.match(reg, url).groups()[0]
decrypted_url = thumbor_crypto.decrypt(options)
assert decrypted_url
assert decrypted_url['height'] == 200
assert decrypted_url['width'] == 300
assert decrypted_url['smart']
assert decrypted_url['image_hash'] == hashlib.md5(image).hexdigest()
def test_thumbor_can_decrypt_lib_thumbor_generated_url():
key = "my-security-key"
image = "s.glbimg.com/et/bb/f/original/2011/03/24/VN0JiwzmOw0b0lg.jpg"
thumbor_crypto = Crypto(salt=key)
crypto = CryptoURL(key=key)
url = crypto.generate(
width=300,
height=200,
smart=True,
image_url=image
)
reg = "/([^/]+)/(.+)"
options = re.match(reg, url).groups()[0]
decrypted_url = thumbor_crypto.decrypt(options)
assert decrypted_url
assert decrypted_url['height'] == 200
assert decrypted_url['width'] == 300
assert decrypted_url['smart']
assert decrypted_url['image_hash'] == hashlib.md5(image).hexdigest()
def topic(self, encrypted, crypto):
crypto2 = Crypto(salt="simething")
return (crypto2.decrypt(encrypted), crypto.decrypt(encrypted))
def decrypt_in_thumbor(url):
'''Uses thumbor to decrypt libthumbor's encrypted URL'''
encrypted = url.split('/')[1]
crypto = Crypto(KEY)
return crypto.decrypt(encrypted)
def decrypt_in_thumbor(key, encrypted):
'''Uses thumbor to decrypt libthumbor's encrypted URL'''
crypto = Crypto(key)
return crypto.decrypt(encrypted)
def decrypt_in_thumbor(key, encrypted):
'''Uses thumbor to decrypt libthumbor's encrypted URL'''
crypto = Crypto(key)
return crypto.decrypt(encrypted)
def topic(self, encrypted, crypto):
crypto2 = Crypto(salt="simething")
return (crypto2.decrypt(encrypted), crypto.decrypt(encrypted))
def decrypt_in_thumbor(url):
'''Uses thumbor to decrypt libthumbor's encrypted URL'''
encrypted = url.split('/')[1]
crypto = Crypto(KEY)
return crypto.decrypt(encrypted)
