def validate_hmac(message, signature, timestamp, secret_key): try: timestamp_float = float(timestamp) except ValueError: raise APIError('Invalid timestamp') if timestamp_float < time.time() - 3600: # 1 hour raise APITimestampExpired('Message has expired') sig_hmac = get_signature(message, timestamp, secret_key) if sig_hmac != signature: raise APIForbidden('Invalid signature')
def test_valid_unicode(self): self.assertEquals(get_signature(u'x', u'y', u'z'), '77e1f5656ddc2e93f64469cc18f9f195fe665428')
def test_valid_string(self): self.assertEquals(get_signature('x', 'y', 'z'), '77e1f5656ddc2e93f64469cc18f9f195fe665428')
def _makeMessage(self, data, key=None): ts = time.time() message = base64.b64encode(json.dumps(data)) sig = get_signature(message, ts, key) return ts, message, sig
def test_get_signature(self): self.assertEquals(get_signature('x', 'y', 'z'), '77e1f5656ddc2e93f64469cc18f9f195fe665428') self.assertEquals(get_signature(u'x', u'y', u'z'), '77e1f5656ddc2e93f64469cc18f9f195fe665428')