def wrapped(*args, **kwargs):
if request.method in ('GET', 'DELETE'):
data = request.args
else:
data = request.get_json()
try:
sig = data['signature']
payload = signing.unserialize_payload(data['payload'])
exp_time = payload['time']
except (KeyError, ValueError):
raise HTTPError(httplib.BAD_REQUEST, data={
'message_short': 'Invalid payload',
'message_long': 'The request payload could not be deserialized.'
})
if not signing.default_signer.verify_payload(sig, payload):
raise HTTPError(httplib.UNAUTHORIZED)
if time.time() > exp_time:
raise HTTPError(httplib.BAD_REQUEST, data={
'message_short': 'Expired',
'message_long': 'Signature has expired.'
})
kwargs['payload'] = payload
return func(*args, **kwargs)
def wrapped(*args, **kwargs):
if request.method in ("GET", "DELETE"):
data = request.args
else:
data = request.get_json()
try:
sig = data["signature"]
payload = signing.unserialize_payload(data["payload"])
exp_time = payload["time"]
except (KeyError, ValueError):
raise HTTPError(
httplib.BAD_REQUEST,
data={
"message_short": "Invalid payload",
"message_long": "The request payload could not be deserialized.",
},
)
if not signing.default_signer.verify_payload(sig, payload):
raise HTTPError(httplib.UNAUTHORIZED)
if time.time() > exp_time:
raise HTTPError(
httplib.BAD_REQUEST, data={"message_short": "Expired", "message_long": "Signature has expired."}
)
kwargs["payload"] = payload
return func(*args, **kwargs)
def wrapped(*args, **kwargs):
if request.method in ('GET', 'DELETE'):
data = request.args
else:
data = request.get_json()
try:
sig = data['signature']
payload = signing.unserialize_payload(data['payload'])
exp_time = payload['time']
except (KeyError, ValueError):
raise HTTPError(httplib.BAD_REQUEST, data={
'message_short': 'Invalid payload',
'message_long': 'The request payload could not be deserialized.'
})
if not signing.default_signer.verify_payload(sig, payload):
raise HTTPError(httplib.UNAUTHORIZED)
if time.time() > exp_time:
raise HTTPError(httplib.BAD_REQUEST, data={
'message_short': 'Expired',
'message_long': 'Signature has expired.'
})
kwargs['payload'] = payload
return func(*args, **kwargs)
def parse(self, stream, media_type=None, parser_context=None):
"""
Parses the incoming bytestream as JSON. Validates the 'signature' in the payload then returns the resulting data.
"""
data = super(HMACSignedParser, self).parse(stream, media_type=media_type, parser_context=parser_context)
try:
sig = data['signature']
payload = signing.unserialize_payload(data['payload'])
exp_time = payload['time']
except (KeyError, ValueError):
raise JSONAPIException(detail='Invalid Payload')
if not signing.default_signer.verify_payload(sig, payload):
raise NotAuthenticated
if time.time() > exp_time:
raise JSONAPIException(detail='Signature has expired')
return payload
def parse(self, stream, media_type=None, parser_context=None):
"""
Parses the incoming bytestream as JSON. Validates the 'signature' in the payload then returns the resulting data.
"""
data = super(HMACSignedParser, self).parse(stream, media_type=media_type, parser_context=parser_context)
try:
sig = data['signature']
payload = signing.unserialize_payload(data['payload'])
exp_time = payload['time']
except (KeyError, ValueError):
raise JSONAPIException(detail='Invalid Payload')
if not signing.default_signer.verify_payload(sig, payload):
raise NotAuthenticated
if time.time() > exp_time:
raise JSONAPIException(detail='Signature has expired')
return payload
def wrapped(*args, **kwargs):
if request.method in ('GET', 'DELETE'):
data = request.args
else:
data = request.get_json()
try:
sig = data['signature']
payload = signing.unserialize_payload(data['payload'])
exp_time = payload['time']
except (KeyError, ValueError):
raise HTTPError(httplib.BAD_REQUEST)
if not signing.default_signer.verify_payload(sig, payload):
raise HTTPError(httplib.UNAUTHORIZED)
if time.time() > exp_time:
raise HTTPError(httplib.BAD_REQUEST)
kwargs['payload'] = payload
return func(*args, **kwargs)
def wrapped(*args, **kwargs):
if request.method in ('GET', 'DELETE'):
data = request.args
else:
data = request.get_json()
try:
sig = data['signature']
payload = signing.unserialize_payload(data['payload'])
exp_time = payload['time']
except (KeyError, ValueError):
raise HTTPError(httplib.BAD_REQUEST)
if not signing.default_signer.verify_payload(sig, payload):
raise HTTPError(httplib.UNAUTHORIZED)
if time.time() > exp_time:
raise HTTPError(httplib.BAD_REQUEST)
kwargs['payload'] = payload
return func(*args, **kwargs)