def crypt_verify(self, encrypted, raw):
'''Verify if the ``raw`` string match the ``encrypted`` string
'''
return self.crypt_module.verify(to_bytes(encrypted),
to_bytes(raw),
self.secret_key,
**self.ckwargs)
def test_to_bytes(self):
s = to_bytes("ciao")
self.assertTrue(isinstance(s, bytes))
s2 = to_bytes(s)
self.assertEqual(id(s), id(s2))
s3 = to_bytes(s, "latin-1")
self.assertEqual(s, s3)
self.assertNotEqual(id(s), id(s3))
def authenticate(self, request, user, password=None):
if password is not None:
password = to_bytes(password, self.encoding)
encrypted = to_bytes(user.password, self.encoding)
if self.crypt_module.verify(password, encrypted, self.secret_key):
return user
else:
raise AuthenticationError('Invalid password')
def authenticate(self, request, user, password=None):
if password is not None:
password = to_bytes(password, self.encoding)
encrypted = to_bytes(user.password, self.encoding)
if self.crypt_module.verify(password, encrypted, self.secret_key):
return user
else:
raise AuthenticationError('Invalid password')
def test_to_bytes(self):
s = to_bytes('ciao')
self.assertTrue(isinstance(s, bytes))
s2 = to_bytes(s)
self.assertEqual(id(s), id(s2))
s3 = to_bytes(s, 'latin-1')
self.assertEqual(s, s3)
self.assertNotEqual(id(s), id(s3))
def decript(self, password=None):
if password:
p = self.crypt_module.decrypt(to_bytes(password, self.encoding),
self.secret_key)
return to_string(p, self.encoding)
else:
return UNUSABLE_PASSWORD
def decript(self, password=None):
if password:
p = self.crypt_module.decrypt(to_bytes(password, self.encoding),
self.secret_key)
return to_string(p, self.encoding)
else:
return UNUSABLE_PASSWORD
def _encode_body(self, data, files, json):
body = None
if isinstance(data, (str, bytes)):
if files:
raise ValueError('data cannot be a string or bytes when '
'files are present')
body = to_bytes(data, self.charset)
elif data and is_streamed(data):
if files:
raise ValueError('data cannot be an iterator when '
'files are present')
if 'content-length' not in self.headers:
self.headers['transfer-encoding'] = 'chunked'
return data
elif data or files:
if files:
body, content_type = self._encode_files(data, files)
else:
body, content_type = self._encode_params(data)
self.headers['Content-Type'] = content_type
elif json:
body = _json.dumps(json).encode(self.charset)
self.headers['Content-Type'] = 'application/json'
if body:
self.headers['content-length'] = str(len(body))
return body
def _encode_body(self, data, files, json):
body = None
if isinstance(data, (str, bytes)):
if files:
raise ValueError('data cannot be a string or bytes when '
'files are present')
body = to_bytes(data, self.charset)
elif data and is_streamed(data):
if files:
raise ValueError('data cannot be an iterator when '
'files are present')
if 'content-length' not in self.headers:
self.headers['transfer-encoding'] = 'chunked'
return data
elif data or files:
if files:
body, content_type = self._encode_files(data, files)
else:
body, content_type = self._encode_params(data)
self.headers['Content-Type'] = content_type
elif json:
body = _json.dumps(json).encode(self.charset)
self.headers['Content-Type'] = 'application/json'
if body:
self.headers['content-length'] = str(len(body))
return body
def _encode_data(self, data):
body = None
if self.method in ENCODE_URL_METHODS:
self.files = None
self._encode_url(data)
elif isinstance(data, bytes):
assert self.files is None, ('data cannot be bytes when files are '
'present')
body = data
elif isinstance(data, str):
assert self.files is None, ('data cannot be string when files are '
'present')
body = to_bytes(data, self.charset)
elif data and is_streamed(data):
assert self.files is None, ('data cannot be an iterator when '
'files are present')
if 'content-type' not in self.headers:
self.headers['content-type'] = 'application/octet-stream'
if 'content-length' not in self.headers:
self.headers['transfer-encoding'] = 'chunked'
return data
elif data or self.files:
if self.files:
body, content_type = self._encode_files(data)
else:
body, content_type = self._encode_params(data)
# set files to None, Important!
self.files = None
self.headers['Content-Type'] = content_type
if body:
self.headers['content-length'] = str(len(body))
elif 'expect' not in self.headers:
self.headers.pop('content-length', None)
self.headers.pop('content-type', None)
return body
def _encode_data(self, data):
body = None
if self.method in ENCODE_URL_METHODS:
self.files = None
self._encode_url(data)
elif isinstance(data, bytes):
assert self.files is None, ('data cannot be bytes when files are '
'present')
body = data
elif isinstance(data, str):
assert self.files is None, ('data cannot be string when files are '
'present')
body = to_bytes(data, self.charset)
elif data and is_streamed(data):
assert self.files is None, ('data cannot be an iterator when '
'files are present')
# if 'content-type' not in self.headers:
# self.headers['content-type'] = 'application/octet-stream'
if 'content-length' not in self.headers:
self.headers['transfer-encoding'] = 'chunked'
return data
elif data or self.files:
if self.files:
body, content_type = self._encode_files(data)
else:
body, content_type = self._encode_params(data)
# set files to None, Important!
self.files = None
self.headers['Content-Type'] = content_type
if body:
self.headers['content-length'] = str(len(body))
# elif 'expect' not in self.headers:
# self.headers.pop('content-length', None)
# self.headers.pop('content-type', None)
return body
def _encode_data(self, data):
body = None
if self.method in ENCODE_URL_METHODS:
self.files = None
self._encode_url(data)
elif isinstance(data, bytes):
assert self.files is None, ('data cannot be bytes when files are '
'present')
body = data
elif isinstance(data, str):
assert self.files is None, ('data cannot be string when files are '
'present')
body = to_bytes(data, self.charset)
elif data or self.files:
if self.files:
body, content_type = self._encode_files(data)
else:
body, content_type = self._encode_params(data)
# set files to None, Important!
self.files = None
self.headers['Content-Type'] = content_type
if body:
self.headers['content-length'] = str(len(body))
elif 'expect' not in self.headers:
self.headers.pop('content-length', None)
self.headers.pop('content-type', None)
return body
def _encode_data(self, data):
body = None
if self.method in ENCODE_URL_METHODS:
self.files = None
self._encode_url(data)
elif isinstance(data, bytes):
assert self.files is None, ('data cannot be bytes when files are '
'present')
body = data
elif isinstance(data, str):
assert self.files is None, ('data cannot be string when files are '
'present')
body = to_bytes(data, self.charset)
elif data or self.files:
if self.files:
body, content_type = self._encode_files(data)
else:
body, content_type = self._encode_params(data)
# set files to None, Important!
self.files = None
self.headers['Content-Type'] = content_type
if body:
self.headers['content-length'] = str(len(body))
elif 'expect' not in self.headers:
self.headers.pop('content-length', None)
self.headers.pop('content-type', None)
return body
def digest_auth_header(self,
realm=None,
nonce=None,
qop=None,
opaque=None,
algorithm=None,
stale=None):
options = {}
if nonce is None:
nonce = hexmd5(to_bytes('%d' % time.time()) + os.urandom(10))
if opaque is None:
opaque = hexmd5(os.urandom(10))
if stale:
options['stale'] = 'TRUE'
if opaque is not None:
options['opaque'] = opaque
if algorithm is not None:
options['algorithm'] = algorithm
if qop is None:
qop = ('auth', )
return self._auth_header('digest',
realm=realm,
nonce=nonce,
qop=', '.join(qop),
**options)
def encrypt(self, string_or_bytes):
'''Encrypt ``string_or_bytes`` using the algorithm specified
in the :setting:`CRYPT_ALGORITHM` setting.
Return an encrypted string
'''
b = to_bytes(string_or_bytes, self.encoding)
p = self.crypt_module.encrypt(b, self.secret_key, **self.ckwargs)
return p.decode(self.encoding)
def encrypt(self, string_or_bytes):
'''Encrypt ``string_or_bytes`` using the algorithm specified
in the :setting:`CRYPT_ALGORITHM` setting.
Return an encrypted string
'''
b = to_bytes(string_or_bytes, self.encoding)
p = self.crypt_module.encrypt(b, self.secret_key, **self.ckwargs)
return p.decode(self.encoding)
def digest_auth_header(self, realm=None, nonce=None, qop=None, opaque=None,
algorithm=None, stale=None):
options = {}
if nonce is None:
nonce = hexmd5(to_bytes('%d' % time.time()) + os.urandom(10))
if opaque is None:
opaque = hexmd5(os.urandom(10))
if stale:
options['stale'] = 'TRUE'
if opaque is not None:
options['opaque'] = opaque
if algorithm is not None:
options['algorithm'] = algorithm
if qop is None:
qop = ('auth',)
return self._auth_header('digest', realm=realm, nonce=nonce,
qop=', '.join(qop), **options)
def _create_session(self, request, user=None):
#Create new session and added it to the environment.
old = request.cache.session
if isinstance(old, Session):
old.expiry = datetime.now()
yield old.save()
if not user:
user = yield self._anonymous_user(request)
expiry = datetime.now() + timedelta(seconds=self.session_expiry)
pid = os.getpid()
sa = os.urandom(self.salt_size)
val = to_bytes("%s%s" % (pid, time.time())) + sa + self.secret_key
id = sha1(val).hexdigest()
#session is a reserved attribute in router, use dict access
session = yield request.models[Session].new(id=id, expiry=expiry,
user=user)
request.cache.user = session.user
coroutine_return(session)
def _encode_params(self, params):
content_type = self.headers.get('content-type')
# No content type given, chose one
if not content_type:
content_type = FORM_URL_ENCODED
if hasattr(params, 'read'):
params = params.read()
if content_type in JSON_CONTENT_TYPES:
body = _json.dumps(params)
elif content_type == FORM_URL_ENCODED:
body = urlencode(tuple(split_url_params(params)))
elif content_type == MULTIPART_FORM_DATA:
body, content_type = encode_multipart_formdata(
params, charset=self.charset)
else:
body = params
return to_bytes(body, self.charset), content_type
def _create_session(self, request, user=None):
#Create new session and added it to the environment.
old = request.cache.session
if isinstance(old, Session):
old.expiry = datetime.now()
yield old.save()
if not user:
user = yield self._anonymous_user(request)
expiry = datetime.now() + timedelta(seconds=self.session_expiry)
pid = os.getpid()
sa = os.urandom(self.salt_size)
val = to_bytes("%s%s" % (pid, time.time())) + sa + self.secret_key
id = sha1(val).hexdigest()
#session is a reserved attribute in router, use dict access
session = yield request.models[Session].new(id=id,
expiry=expiry,
user=user)
request.cache.user = session.user
coroutine_return(session)
def _encode_params(self, params):
content_type = self.headers.get('content-type')
# No content type given, chose one
if not content_type:
content_type = FORM_URL_ENCODED
if hasattr(params, 'read'):
params = params.read()
if content_type in JSON_CONTENT_TYPES:
body = _json.dumps(params)
elif content_type == FORM_URL_ENCODED:
body = urlencode(tuple(split_url_params(params)))
elif content_type == MULTIPART_FORM_DATA:
body, content_type = encode_multipart_formdata(
params, charset=self.charset)
else:
body = params
return to_bytes(body, self.charset), content_type
def encode_body(self):
'''Encode body or url if the :attr:`method` does not have body.
Called by the :meth:`encode` method.
'''
body = None
if self.method in ENCODE_URL_METHODS:
self.files = None
self._encode_url(self.data)
elif isinstance(self.data, bytes):
assert self.files is None, ('data cannot be bytes when files are '
'present')
body = self.data
elif is_string(self.data):
assert self.files is None, ('data cannot be string when files are '
'present')
body = to_bytes(self.data, self.charset)
elif self.data or self.files:
if self.files:
body, content_type = self._encode_files()
else:
body, content_type = self._encode_params()
self.headers['Content-Type'] = content_type
return body
def encode_body(self):
'''Encode body or url if the :attr:`method` does not have body.
Called by the :meth:`encode` method.
'''
body = None
if self.method in ENCODE_URL_METHODS:
self.files = None
self._encode_url(self.data)
elif isinstance(self.data, bytes):
assert self.files is None, ('data cannot be bytes when files are '
'present')
body = self.data
elif is_string(self.data):
assert self.files is None, ('data cannot be string when files are '
'present')
body = to_bytes(self.data, self.charset)
elif self.data or self.files:
if self.files:
body, content_type = self._encode_files()
else:
body, content_type = self._encode_params()
self.headers['Content-Type'] = content_type
return body
def decrypt(self, string_or_bytes):
b = to_bytes(string_or_bytes, self.encoding)
p = self.crypt_module.decrypt(b, self.secret_key)
return p.decode(self.encoding)
def __call__(self, msg):
id = to_bytes(gen_unique_id()[:8])
self.requests[id] = d = Deferred()
self.transport.write(id + to_bytes(msg) + self.separator)
return d
def crypt_verify(self, encrypted, raw):
'''Verify if the ``raw`` string match the ``encrypted`` string
'''
return self.crypt_module.verify(to_bytes(encrypted), to_bytes(raw),
self.secret_key, **self.ckwargs)
def send_message(self, msg):
id = to_bytes(gen_unique_id()[:8])
self.requests[id] = Deferred()
self.transport.write(id + to_bytes(msg) + self.separator)
return self.requests[id]
def error_reply(self, error_string, prefix=None):
prefix = (prefix or 'err').lower()
return {prefix: to_bytes(error_string)}
def encript(self, password):
p = self.crypt_module.encrypt(to_bytes(password, self.encoding),
self.secret_key, self.salt_size)
return to_string(p, self.encoding)
def _encript(self, password):
p = self.crypt_module.encrypt(to_bytes(password, self.encoding),
self.secret_key, self.salt_size)
return to_string(p, self.encoding)
def send(self, message):
assert self._waiting is None
self._waiting = d = Future(loop=self._loop)
self._transport.sendto(to_bytes(message) + self.separator)
return d
def send(self, message):
assert self._waiting is None
self._waiting = d = Future(loop=self._loop)
self._transport.sendto(to_bytes(message)+self.separator)
return d
def status_reply(self, status_string):
return {'ok': to_bytes(status_string)}
def send_message(self, msg):
id = to_bytes(gen_unique_id()[:8])
self.requests[id] = Deferred()
self.transport.write(id + to_bytes(msg) + self.separator)
return self.requests[id]
def challenge_response(self, key):
sha1 = hashlib.sha1(to_bytes(key + WEBSOCKET_GUID))
return native_str(base64.b64encode(sha1.digest()))
def status_reply(self, status_string):
return {'ok': to_bytes(status_string)}
def decrypt(self, string_or_bytes):
b = to_bytes(string_or_bytes, self.encoding)
p = self.crypt_module.decrypt(b, self.secret_key)
return p.decode(self.encoding)
def error_reply(self, error_string, prefix=None):
prefix = (prefix or 'err').lower()
return {prefix: to_bytes(error_string)}
def challenge_response(self, key):
sha1 = hashlib.sha1(to_bytes(key+WEBSOCKET_GUID))
return native_str(base64.b64encode(sha1.digest()))