def verify_assertion(assertion, audience):
if not assertion:
return (None, None)
verification_data = 'assertion=%s&audience=%s' % (assertion.strip(),
audience)
headers = {'Content-type': 'application/x-www-form-urlencoded'}
client = httplib2.Http(timeout=URL_TIMEOUT, ca_certs=CACERTS)
response = content = None
try:
response, content = client.request(VERIFIER_URL,
'POST',
body=verification_data,
headers=headers)
except httplib2.HttpLib2Error as e:
print 'BrowserID verification service failure: ' % e
if not response or response.status != 200 or not content:
return 1
try:
parsed_response = json.loads(content)
except ValueError:
parsed_response = None
if not parsed_response:
print 'BrowserID verifier returned non-JSON/empty output: %s' % content
return 1
print "\nRaw response:\n %s\n" % parsed_response
if 'status' not in parsed_response:
print 'BrowserID verification service did not return a status code'
return 1
if 'failure' == parsed_response['status']:
print 'Failure: %s' % parsed_response['reason']
return 1
if parsed_response['status'] != 'okay':
print 'BrowserID verifier returned unexpected "%s" status code' % parsed_response[
'status']
return 1
if not 'email' in parsed_response:
print 'Missing email address'
return 1
print "Email: %s" % parsed_response['email']
print "Audience: %s" % parsed_response['audience']
print "Expiration: %s" % stringify_time(parsed_response['expires'])
print "Issuer: %s" % parsed_response['issuer']
if 'idpClaims' in parsed_response:
print 'IdP claims:'
print ' FxA verified email: %s' % parsed_response['idpClaims'][
'fxa-verifiedEmail']
print ' FxA generation: %s' % stringify_time(
parsed_response['idpClaims']['fxa-generation'])
print ' FxA last authentication: %s' % stringify_time(
parsed_response['idpClaims']['fxa-lastAuthAt'])
return 0
def verify_assertion(assertion, audience):
if not assertion:
return (None, None)
verification_data = 'assertion=%s&audience=%s' % (assertion.strip(), audience)
headers = {'Content-type': 'application/x-www-form-urlencoded'}
client = httplib2.Http(timeout=URL_TIMEOUT, ca_certs=CACERTS)
response = content = None
try:
response, content = client.request(VERIFIER_URL, 'POST', body=verification_data,
headers=headers)
except httplib2.HttpLib2Error as e:
print 'BrowserID verification service failure: ' % e
if not response or response.status != 200 or not content:
return 1
try:
parsed_response = json.loads(content)
except ValueError:
parsed_response = None
if not parsed_response:
print 'BrowserID verifier returned non-JSON/empty output: %s' % content
return 1
print "\nRaw response:\n %s\n" % parsed_response
if 'status' not in parsed_response:
print 'BrowserID verification service did not return a status code'
return 1
if 'failure' == parsed_response['status']:
print 'Failure: %s' % parsed_response['reason']
return 1
if parsed_response['status'] != 'okay':
print 'BrowserID verifier returned unexpected "%s" status code' % parsed_response['status']
return 1
if not 'email' in parsed_response:
print 'Missing email address'
return 1
print "Email: %s" % parsed_response['email']
print "Audience: %s" % parsed_response['audience']
print "Expiration: %s" % stringify_time(parsed_response['expires'])
print "Issuer: %s" % parsed_response['issuer']
if 'idpClaims' in parsed_response:
print 'IdP claims:'
print ' FxA verified email: %s' % parsed_response['idpClaims']['fxa-verifiedEmail']
print ' FxA generation: %s' % stringify_time(parsed_response['idpClaims']['fxa-generation'])
print ' FxA last authentication: %s' % stringify_time(parsed_response['idpClaims']['fxa-lastAuthAt'])
return 0
def parse_response_headers(headers):
if 'cache-control' in headers:
cache_control = headers['cache-control'].split(', ')
for elem in cache_control:
if elem.lower().startswith('max-age='):
max_age = int(elem[8:])
expiry = (time.time() + max_age) * 1000
print ' Expiry: %s' % stringify_time(expiry)
return 0
elif 'expires' in headers:
# TODO: parse this format and then use stringify_time()
print ' Expiry: %s' % headers['expires']
return 0
print ' Expiry: unknown'
return 0
def parse_response_headers(headers):
if "cache-control" in headers:
cache_control = headers["cache-control"].split(", ")
for elem in cache_control:
if elem.lower().startswith("max-age="):
max_age = int(elem[8:])
expiry = (time.time() + max_age) * 1000
print " Expiry: %s" % stringify_time(expiry)
return 0
elif "expires" in headers:
# TODO: parse this format and then use stringify_time()
print " Expiry: %s" % headers["expires"]
return 0
print " Expiry: unknown"
return 0
def parse_response_headers(headers):
if 'cache-control' in headers:
cache_control = headers['cache-control'].split(', ')
for elem in cache_control:
if elem.lower().startswith('max-age='):
max_age = int(elem[8:])
expiry = (time.time() + max_age) * 1000
print ' Expiry: %s' % stringify_time(expiry)
return 0
elif 'expires' in headers:
# TODO: parse this format and then use stringify_time()
print ' Expiry: %s' % headers['expires']
return 0
print ' Expiry: unknown'
return 0
