Example #1
0
def google_oauth2_csrf(request, value):
    # type: (HttpRequest, str) -> str
    # In Django 1.10, get_token returns a salted token which changes
    # everytime get_token is called.
    from django.middleware.csrf import _unsalt_cipher_token
    token = _unsalt_cipher_token(get_token(request))
    return hmac.new(token.encode('utf-8'), value.encode("utf-8"), hashlib.sha256).hexdigest()
Example #2
0
def renew_csrf(window_info):
    if not window_info.csrf_cookie:
        csrf_secret = _get_new_csrf_string()
        window_info.csrf_cookie = _salt_cipher_secret(csrf_secret)
    else:
        csrf_secret = _unsalt_cipher_token(window_info.csrf_cookie)
    value = _salt_cipher_secret(csrf_secret)
    scall(window_info, "df.validate.update_csrf", to=[WINDOW], value=value)
Example #3
0
 def unsalt_token(token):
     return _unsalt_cipher_token(token)