def parse_signed_request(self, signed_request):
""" 用于站内应用
signed_request: 应用框架在加载时会通过向Canvas URL post的参数signed_request
Returns: Token, is_valid (令牌, 是否有效)
"""
def base64decode(s):
appendix = '=' * (4 - len(s) % 4)
return base64.b64decode(s.replace('-', '+').replace('_', '/') + appendix)
encoded_sign, encoded_data = signed_request.split('.', 1)
sign = base64decode(encoded_sign)
data = loads(base64decode(encoded_data))
token = Token(data.oauth_token, data.expires, uid=data.user_id, created_at=data.issued_at)
is_valid = data.algorithm == u'HMAC-SHA256' and hmac.new(self.app.key, encoded_data,
hashlib.sha256).digest() == sign
return token, is_valid
def parse_signed_request(self, signed_request):
""" 用于站内应用
signed_request: 应用框架在加载时会通过向Canvas URL post的参数signed_request
Returns: Token, is_valid (令牌, 是否有效)
"""
def base64decode(s):
appendix = '=' * (4 - len(s) % 4)
return base64.b64decode(s.replace('-', '+').replace('_', '/') + appendix)
encoded_sign, encoded_data = signed_request.split('.', 1)
sign = base64decode(encoded_sign)
data = loads(base64decode(encoded_data))
token = Token(data.oauth_token, data.expires, uid=data.user_id, created_at=data.issued_at, **data)
is_valid = data.algorithm == u'HMAC-SHA256' and hmac.new(self.app.key, encoded_data,
hashlib.sha256).digest() == sign
return token, is_valid
def test_loads(self):
json = loads(r'{"name":"foo","age":100}')
self.assertEqual('foo', json.name)
self.assertEqual(100, json.age)
