def test_cookie_str_changed_data(self):
c = self.jar.makeCookie(self.exp, self.data)
cout = c.output()
cout_str = cout[:36] + 'X' + cout[37:]
s = SimpleCookie()
s.load(cout_str)
self.assertFalse(self.jar.isGoodCookieString(s.output()))
def test_cookie_str_changed_mac(self):
c = self.jar.makeCookie(self.exp, self.data)
cout = c.output(header="")
cout_str = self._corrupt_part_str(cout, 64, 66)
s = SimpleCookie()
s.load(cout_str)
self.assertFalse(self.jar.isGoodCookieString(s.output(header="")))
def test_cookie_str_changed_mac(self):
c = self.jar.makeCookie(self.exp, self.data)
cout = c.output(header="")
cout_str = cout[:64] + 'X' + cout[65:]
s = SimpleCookie()
s.load(cout_str)
self.assertFalse(self.jar.isGoodCookieString(s.output(header="")))
def test_cookie_str_arbitrary_change(self):
c = self.jar.makeCookie(self.exp, self.data)
cout = c.output(header="")
cout_str = cout[:20] + 'this is bad' + cout[20:]
s = SimpleCookie()
s.load(cout_str)
self.assertFalse(self.jar.isGoodCookieString(s.output(header="")))
def test_cookie_str_arbitrary_change(self):
c = self.jar.makeCookie(self.exp, self.data)
cout = c.output(header="")
cout_str = cout[:20] + 'this is bad' + cout[20:]
s = SimpleCookie()
s.load(cout_str)
self.assertFalse(self.jar.isGoodCookieString(s.output(header="")))
def test_cookie_str_changed_mac(self):
c = self.jar.makeCookie(self.exp, self.data)
cout = c.output(header="")
cout_str = cout[:64] + 'X' + cout[65:]
s = SimpleCookie()
s.load(cout_str)
self.assertFalse(self.jar.isGoodCookieString(s.output(header="")))
def test_cookie_str_changed_mac(self):
c = self.jar.makeCookie(self.exp, self.data)
cout = c.output()
cout_str = cout[:76] + 'X' + cout[77:]
s = SimpleCookie()
s.load(cout_str)
observed = self.jar.isGoodCookieString(s.output(), _debug=True)
self.assertFalse(observed)
def __init__(self, expiry, data, dough, mac):
# type: (float, str, str, str) -> None
self._expiry = expiry
self._data = data
self._mac = mac
self._cookie = SimpleCookie()
self._cookie[_TOKEN] = '%s%s' % (dough, mac)
self._name = '%s%s' % (dough, mac) # XXX WebKit only.
def test_mix_unmix3(self):
c = self.jar.makeCookie(self.exp, self.data)
s = SimpleCookie()
s.load(c.output())
exp, data, digest = unmix3(s[self._token].value)
self.assertEqual(data, self.data)
self.assertEqual(float(exp), self.exp)
key = self.jar._key # Peeking...
mac = util.bin_to_hex(
EVP.hmac(key, util.py3bytes(mix(self.exp, self.data)), 'sha1'))
self.assertEqual(digest, mac)
def test_mix_unmix3(self):
c = self.jar.makeCookie(self.exp, self.data)
s = SimpleCookie()
s.load(c.output(header=""))
exp, data, digest = unmix3(s[self._token].value)
self.assertEqual(data, self.data)
# see comment in test_mix_unmix
self.assertAlmostEqual(exp, self.exp, places=4)
key = self.jar._key # pylint: disable=protected-access
mac = util.bin_to_hex(
EVP.hmac(key, six.ensure_binary(mix(self.exp, self.data)), 'sha1'))
self.assertEqual(digest, mac)
def isGoodCookieString(self, cookie_str):
# type: (Union[dict, bytes]) -> Union[bool, int]
c = SimpleCookie()
c.load(cookie_str)
if _TOKEN not in c:
return 0
undough = unmix3(c[_TOKEN].value)
if undough is None:
return 0
exp, data, mac = undough
c2 = self.makeCookie(exp, data)
return (not c2.isExpired()) and (c2._mac == mac)
def test_mix_unmix3(self):
c = self.jar.makeCookie(self.exp, self.data)
s = SimpleCookie()
s.load(c.output(header=""))
exp, data, digest = unmix3(s[self._token].value)
self.assertEqual(data, self.data)
# see comment in test_mix_unmix
self.assertAlmostEqual(exp, self.exp, places=4)
key = self.jar._key # pylint: disable=protected-access
mac = util.bin_to_hex(
EVP.hmac(key, util.py3bytes(mix(self.exp, self.data)), 'sha1'))
self.assertEqual(digest, mac)
def __init__(self, expiry, data, dough, mac):
# type: (float, str, str, str) -> None
"""
Create new authentication cookie
:param expiry: expiration time (in seconds)
:param data: cookie payload (as a string)
:param dough: expiry & data concatenated to URL compliant
string
:param mac: SHA1-based HMAC of dough and random key
"""
self._expiry = expiry
self._data = data
self._mac = mac
self._cookie = SimpleCookie()
self._cookie[_TOKEN] = '%s%s' % (dough, mac)
self._name = '%s%s' % (dough, mac) # WebKit only.
def isGoodCookieString(self, cookie_str, _debug=False):
# type: (Union[dict, bytes], bool) -> Union[bool, int]
c = SimpleCookie()
c.load(cookie_str)
if _TOKEN not in c:
log.debug('_TOKEN not in c (keys = %s)', dir(c))
return 0
undough = unmix3(c[_TOKEN].value)
if undough is None:
log.debug('undough is None')
return 0
exp, data, mac = undough
c2 = self.makeCookie(exp, data)
if _debug and (c2._mac == mac):
log.error('cookie_str = %s', cookie_str)
log.error('c2.isExpired = %s', c2.isExpired())
log.error('mac = %s', mac)
log.error('c2._mac = %s', c2._mac)
log.error('c2._mac == mac: %s', str(c2._mac == mac))
return (not c2.isExpired()) and (c2._mac == mac)
def isGoodCookieString(self, cookie_str, _debug=False):
# type: (Union[dict, bytes], bool) -> Union[bool, int]
c = SimpleCookie()
c.load(cookie_str)
if _TOKEN not in c:
log.debug('_TOKEN not in c (keys = %s)', dir(c))
return 0
undough = unmix3(c[_TOKEN].value)
if undough is None:
log.debug('undough is None')
return 0
exp, data, mac = undough
c2 = self.makeCookie(exp, data)
if _debug and (c2._mac == mac):
log.error('cookie_str = %s', cookie_str)
log.error('c2.isExpired = %s', c2.isExpired())
log.error('mac = %s', mac)
log.error('c2._mac = %s', c2._mac)
log.error('c2._mac == mac: %s', str(c2._mac == mac))
return (not c2.isExpired()) and (c2._mac == mac)
class AuthCookie:
def __init__(self, expiry, data, dough, mac):
# type: (float, str, str, str) -> None
self._expiry = expiry
self._data = data
self._mac = mac
self._cookie = SimpleCookie()
self._cookie[_TOKEN] = '%s%s' % (dough, mac)
self._name = '%s%s' % (dough, mac) # XXX WebKit only.
def expiry(self):
# type: () -> float
"""Return the cookie's expiry time."""
return self._expiry
def data(self):
# type: () -> str
"""Return the data portion of the cookie."""
return self._data
def mac(self):
# type: () -> str
"""Return the cookie's MAC."""
return self._mac
def output(self):
# type: () -> str
"""Return the cookie's output in "Set-Cookie" format."""
return self._cookie.output()
def value(self):
# type: () -> str
"""Return the cookie's output minus the "Set-Cookie: " portion.
"""
return self._cookie[_TOKEN].value
def isExpired(self):
# type: () -> bool
"""Return 1 if the cookie has expired, 0 otherwise."""
return isinstance(self._expiry, (float, int)) and \
(time.time() > self._expiry)
# XXX Following methods are for WebKit only. These should be pushed
# to WKAuthCookie.
def name(self):
# type: () -> str
return self._name
def headerValue(self):
# type: () -> str
return self.value()
def __init__(self, expiry, data, dough, mac):
# type: (float, str, str, str) -> None
"""
Create new authentication cookie
:param expiry: expiration time (in seconds)
:param data: cookie payload (as a string)
:param dough: expiry & data concatenated to URL compliant
string
:param mac: SHA1-based HMAC of dough and random key
"""
self._expiry = expiry
self._data = data
self._mac = mac
self._cookie = SimpleCookie()
self._cookie[_TOKEN] = '%s%s' % (dough, mac)
self._name = '%s%s' % (dough, mac) # WebKit only.
def test_cookie_str2(self):
c = self.jar.makeCookie(self.exp, self.data)
s = SimpleCookie()
s.load(c.output(header=""))
self.assertTrue(self.jar.isGoodCookieString(s.output(header="")))
class AuthCookie(object):
def __init__(self, expiry, data, dough, mac):
# type: (float, str, str, str) -> None
"""
Create new authentication cookie
:param expiry: expiration time (in seconds)
:param data: cookie payload (as a string)
:param dough: expiry & data concatenated to URL compliant
string
:param mac: SHA1-based HMAC of dough and random key
"""
self._expiry = expiry
self._data = data
self._mac = mac
self._cookie = SimpleCookie()
self._cookie[_TOKEN] = '%s%s' % (dough, mac)
self._name = '%s%s' % (dough, mac) # WebKit only.
def expiry(self):
# type: () -> float
"""Return the cookie's expiry time."""
return self._expiry
def data(self):
# type: () -> str
"""Return the data portion of the cookie."""
return self._data
def mac(self):
# type: () -> str
"""Return the cookie's MAC."""
return self._mac
def output(self, header="Set-Cookie:"):
# type: (Optional[str]) -> str
"""Return the cookie's output in "Set-Cookie" format."""
return self._cookie.output(header=header)
def value(self):
# type: () -> str
"""Return the cookie's output minus the "Set-Cookie: " portion.
"""
return self._cookie[_TOKEN].value
def isExpired(self):
# type: () -> bool
"""Return 1 if the cookie has expired, 0 otherwise."""
return isinstance(self._expiry, (float, six.integer_types)) and \
(time.time() > self._expiry)
# Following two methods are for WebKit only.
# I may wish to push them to WKAuthCookie, but they are part
# of the API now. Oh well.
def name(self):
# type: () -> str
return self._name
def headerValue(self):
# type: () -> str
return self.value()
class AuthCookie(object):
def __init__(self, expiry, data, dough, mac):
# type: (float, str, str, str) -> None
"""
Create new authentication cookie
:param expiry: expiration time (in seconds)
:param data: cookie payload (as a string)
:param dough: expiry & data concatenated to URL compliant
string
:param mac: SHA1-based HMAC of dough and random key
"""
self._expiry = expiry
self._data = data
self._mac = mac
self._cookie = SimpleCookie()
self._cookie[_TOKEN] = '%s%s' % (dough, mac)
self._name = '%s%s' % (dough, mac) # WebKit only.
def expiry(self):
# type: () -> float
"""Return the cookie's expiry time."""
return self._expiry
def data(self):
# type: () -> str
"""Return the data portion of the cookie."""
return self._data
def mac(self):
# type: () -> str
"""Return the cookie's MAC."""
return self._mac
def output(self, header="Set-Cookie:"):
# type: (Optional[str]) -> str
"""Return the cookie's output in "Set-Cookie" format."""
return self._cookie.output(header=header)
def value(self):
# type: () -> str
"""Return the cookie's output minus the "Set-Cookie: " portion.
"""
return self._cookie[_TOKEN].value
def isExpired(self):
# type: () -> bool
"""Return 1 if the cookie has expired, 0 otherwise."""
return isinstance(self._expiry, (float, six.integer_types)) and \
(time.time() > self._expiry)
# Following two methods are for WebKit only.
# I may wish to push them to WKAuthCookie, but they are part
# of the API now. Oh well.
def name(self):
# type: () -> str
return self._name
def headerValue(self):
# type: () -> str
return self.value()
def test_cookie_str_expired(self):
t = self.exp - 7200
c = self.jar.makeCookie(t, self.data)
s = SimpleCookie()
s.load(c.output(header=""))
self.assertFalse(self.jar.isGoodCookieString(s.output(header="")))
def test_cookie_str2(self):
c = self.jar.makeCookie(self.exp, self.data)
s = SimpleCookie()
s.load(c.output(header=""))
self.assertTrue(self.jar.isGoodCookieString(s.output(header="")))
def test_cookie_str_expired(self):
t = self.exp - 7200
c = self.jar.makeCookie(t, self.data)
s = SimpleCookie()
s.load(c.output(header=""))
self.assertFalse(self.jar.isGoodCookieString(s.output(header="")))
