def deserialize_verbose(token=submitted_token):
    # START 1 OMIT
    import macaroons

    # token = "MDAyNmxvY2F0aW9uIGh0dHA6Ly93d3cucHl0aG9uLm9yLmlkLwowMDIzaWRlbnRpZmllciBrb3BkYXJfbWVtYmVyc19vbmx5CjAwMmZzaWduYXR1cmUgPTBa1YP4kNcWeZ9bEeBLautN8R9XueRXQ5uHZ4eQFxAK"

    # first, we attempt to rehydrate a valid macaroon instance from the string # // HL
    try:
        print('Token to be deserialized: %s' % token)
        submitted_macaroon = macaroons.deserialize(token)  # // HL
        # we can check its details
        print('submitted_macaroon.inspect():')
        print(submitted_macaroon.inspect())

    except macaroons.MacaroonError:
        print('The token provided is not a valid macaroon: %s' % token)
    except:
        print 'An unknown error occurred while deserializing the token'
#!/usr/bin/env python
import macaroons
from datetime import datetime, timedelta
client_token = 'MDAyNmxvY2F0aW9uIGh0dHA6Ly93d3cucHl0aG9uLm9yLmlkLwowMDIzaWRlbnRpZmllciBrb3BkYXJfbWVtYmVyc19vbmx5CjAwMTdjaWQgdXNlcmlkPXNoaXJrZXkKMDAyZnNpZ25hdHVyZSA9JIzWgSX2dH5F1eGGsPnNPg0axz7mkh6AnRByzR5/uAo='
# START 1 OMIT
# user can take the original token provided by the web service,
# and apply additional constraints to it
client_macaroon = macaroons.deserialize(client_token) # // HL
timeout = datetime.now().date() # // HL

new_macaroon = client_macaroon.add_first_party_caveat('date=%s' % timeout) # // HL
print 'newly constrained macaroon:\n', new_macaroon.inspect()
# this new token can now be delegated to another user for limited against the service
delegation_token = new_macaroon.serialize()
# END 1 OMIT
def deserialize(token=submitted_token):
    import macaroons
    return macaroons.deserialize(token)
예제 #4
0
파일: auth.py 프로젝트: yaolizheng/twitter
def verify_token(token, secret=test_secret):
    m = macaroons.deserialize(token)
    v = macaroons.Verifier()
    v.satisfy_general(check_time)
    return v.verify(m, secret)
#!/usr/bin/env python
import macaroons
from create_the_token import get_secret
from datetime import datetime, timedelta
client_token = 'MDAyNmxvY2F0aW9uIGh0dHA6Ly93d3cucHl0aG9uLm9yLmlkLwowMDIzaWRlbnRpZmllciBrb3BkYXJfbWVtYmVyc19vbmx5CjAwMTdjaWQgdXNlcmlkPXNoaXJrZXkKMDAyZnNpZ25hdHVyZSA9JIzWgSX2dH5F1eGGsPnNPg0axz7mkh6AnRByzR5/uAo='
# user can take the original token provided by the web service,
# and apply additional constraints to it
client_macaroon = macaroons.deserialize(client_token) # // HL
timeout = datetime.now().date() # // HL

new_macaroon = client_macaroon.add_first_party_caveat('date=%s' % timeout) # // HL
print 'newly constrained macaroon:\n', new_macaroon.inspect()
# this new token can now be delegated to another user for limited against the service
delegation_token = new_macaroon.serialize()
path='shirkey'
# START 1 OMIT

# servis_kopdar obtains token from third party (not original client)
print delegation_token
asserting_macaroon = macaroons.deserialize(delegation_token)
print 'Asserting macaroon: \n', asserting_macaroon.inspect()

# the web service must support constraint checking for the specified caveat
# so let's add a check for this constraint
def get_access_to_user_resource_path(user_macaroon, resource_path):
    # first, we establish our Verifier as before
    v = macaroons.Verifier()
    v.satisfy_exact('userid=%s' % resource_path)
    v.satisfy_exact('date=%s' % datetime.now().date())  # // HL
    return v.verify(user_macaroon, get_secret())