def test_cookie_str_changed_mac(self): c = self.jar.makeCookie(self.exp, self.data) cout = c.output(header="") cout_str = self._corrupt_part_str(cout, 64, 66) s = SimpleCookie() s.load(cout_str) self.assertFalse(self.jar.isGoodCookieString(s.output(header="")))
def test_cookie_str_changed_mac(self): c = self.jar.makeCookie(self.exp, self.data) cout = c.output(header="") cout_str = cout[:64] + 'X' + cout[65:] s = SimpleCookie() s.load(cout_str) self.assertFalse(self.jar.isGoodCookieString(s.output(header="")))
def test_cookie_str_arbitrary_change(self): c = self.jar.makeCookie(self.exp, self.data) cout = c.output(header="") cout_str = cout[:20] + 'this is bad' + cout[20:] s = SimpleCookie() s.load(cout_str) self.assertFalse(self.jar.isGoodCookieString(s.output(header="")))
def test_cookie_str_changed_data(self): c = self.jar.makeCookie(self.exp, self.data) cout = c.output() cout_str = cout[:36] + 'X' + cout[37:] s = SimpleCookie() s.load(cout_str) self.assertFalse(self.jar.isGoodCookieString(s.output()))
def test_cookie_str_changed_mac(self): c = self.jar.makeCookie(self.exp, self.data) cout = c.output() cout_str = cout[:76] + 'X' + cout[77:] s = SimpleCookie() s.load(cout_str) observed = self.jar.isGoodCookieString(s.output(), _debug=True) self.assertFalse(observed)
class AuthCookie: def __init__(self, expiry, data, dough, mac): # type: (float, str, str, str) -> None self._expiry = expiry self._data = data self._mac = mac self._cookie = SimpleCookie() self._cookie[_TOKEN] = '%s%s' % (dough, mac) self._name = '%s%s' % (dough, mac) # XXX WebKit only. def expiry(self): # type: () -> float """Return the cookie's expiry time.""" return self._expiry def data(self): # type: () -> str """Return the data portion of the cookie.""" return self._data def mac(self): # type: () -> str """Return the cookie's MAC.""" return self._mac def output(self): # type: () -> str """Return the cookie's output in "Set-Cookie" format.""" return self._cookie.output() def value(self): # type: () -> str """Return the cookie's output minus the "Set-Cookie: " portion. """ return self._cookie[_TOKEN].value def isExpired(self): # type: () -> bool """Return 1 if the cookie has expired, 0 otherwise.""" return isinstance(self._expiry, (float, int)) and \ (time.time() > self._expiry) # XXX Following methods are for WebKit only. These should be pushed # to WKAuthCookie. def name(self): # type: () -> str return self._name def headerValue(self): # type: () -> str return self.value()
class AuthCookie(object): def __init__(self, expiry, data, dough, mac): # type: (float, str, str, str) -> None """ Create new authentication cookie :param expiry: expiration time (in seconds) :param data: cookie payload (as a string) :param dough: expiry & data concatenated to URL compliant string :param mac: SHA1-based HMAC of dough and random key """ self._expiry = expiry self._data = data self._mac = mac self._cookie = SimpleCookie() self._cookie[_TOKEN] = '%s%s' % (dough, mac) self._name = '%s%s' % (dough, mac) # WebKit only. def expiry(self): # type: () -> float """Return the cookie's expiry time.""" return self._expiry def data(self): # type: () -> str """Return the data portion of the cookie.""" return self._data def mac(self): # type: () -> str """Return the cookie's MAC.""" return self._mac def output(self, header="Set-Cookie:"): # type: (Optional[str]) -> str """Return the cookie's output in "Set-Cookie" format.""" return self._cookie.output(header=header) def value(self): # type: () -> str """Return the cookie's output minus the "Set-Cookie: " portion. """ return self._cookie[_TOKEN].value def isExpired(self): # type: () -> bool """Return 1 if the cookie has expired, 0 otherwise.""" return isinstance(self._expiry, (float, six.integer_types)) and \ (time.time() > self._expiry) # Following two methods are for WebKit only. # I may wish to push them to WKAuthCookie, but they are part # of the API now. Oh well. def name(self): # type: () -> str return self._name def headerValue(self): # type: () -> str return self.value()
def test_cookie_str_expired(self): t = self.exp - 7200 c = self.jar.makeCookie(t, self.data) s = SimpleCookie() s.load(c.output(header="")) self.assertFalse(self.jar.isGoodCookieString(s.output(header="")))
def test_cookie_str2(self): c = self.jar.makeCookie(self.exp, self.data) s = SimpleCookie() s.load(c.output(header="")) self.assertTrue(self.jar.isGoodCookieString(s.output(header="")))