class CryptoHelperTestCase(TestCase):
def setUp(self):
self.crypto_helper = CryptoHelper('---dummy--key---')
def test_encrypt_and_decrypt(self):
plain_text = 'Hello, World'
encrypted_text = self.crypto_helper.encrypt(plain_text)
decrypted_text = self.crypto_helper.decrypt(encrypted_text)
self.assertEqual(plain_text, decrypted_text)
def load(self) -> str:
enc_file_path = self._get_file_path(ENC_SECRET_FILE_NAME)
try:
with open(enc_file_path) as file:
return CryptoHelper(CRYPTO_KEY).decrypt(file.read())
except (OSError, IOError):
raise ImproperlyConfigured('There is no setting file %s' %
enc_file_path)
def test_encrypt(self):
secret_generator = SecretFileGenerator()
encrypted = secret_generator.encrypt_secrets(
{'test_key': 'test_value'})
decrypted = CryptoHelper(CRYPTO_KEY).decrypt(encrypted)
decrypted_secrets = json.loads(decrypted)
self.assertEqual(decrypted_secrets['test_key'], 'test_value')
def _decrypt_state(state: str) -> dict:
try:
decrypted_str = CryptoHelper(CRYPTO_KEY).decrypt(state)
except binascii.Error:
raise PermissionDenied() # base 64 decode 시, padding 길이가 다를 때 발생
except ValueError:
raise PermissionDenied() # cipher text 의 길이가 다를 때 발생
if not decrypted_str:
raise PermissionDenied() # 복호화가 정상적으로 되지 않을 때 발생
return json.loads(decrypted_str)
def generate(key: str,
u_idx: int,
client_id: str = None,
ttl: int = SSO_TOKEN_TTL) -> str:
expire_date = datetime.now() + timedelta(seconds=ttl)
data = {'u_idx': u_idx, 'expire_date': str(expire_date)}
if client_id:
data['client_id'] = client_id
return CryptoHelper(key).encrypt(json.dumps(data))
class EncryptedFieldMixin:
def __init__(self, *args, **kwargs):
self.key = kwargs.pop('key', None)
self.crypto = CryptoHelper(self.key)
super().__init__()
def from_db_value(self, value, expression, connection, context):
if value is None or len(value) <= 1:
return value
try:
return self.crypto.decrypt(value)
except ValueError:
return value
def get_prep_value(self, value):
if value is None or value == '':
return value
return self.crypto.encrypt(value)
def verify(key: str, otp: str) -> Tuple[int, str]:
try:
body = CryptoHelper(key).decrypt(otp)
data = json.loads(body)
except Exception:
raise FailVerifyOtpException('복호화에 실패했습니다.')
now = datetime.now()
expire_date = parser.parse(data['expire_date'])
if now > expire_date:
raise FailVerifyOtpException('토큰 유효시간이 만료되었습니다.')
return data['u_idx'], data['client_id']
def setUp(self):
self.crypto_helper = CryptoHelper('---dummy--key---')
def __init__(self, *args, **kwargs):
self.key = kwargs.pop('key', None)
self.crypto = CryptoHelper(self.key)
super().__init__()
def encrypt_secrets(self, secrets: Dict) -> str:
secrets_json = json.dumps(secrets)
return CryptoHelper(CRYPTO_KEY).encrypt(secrets_json)
def create_encrypted_state(u_idx: str) -> str:
state = {'time': datetime.now().timestamp(), 'u_idx': u_idx}
return CryptoHelper(CRYPTO_KEY).encrypt(json.dumps(state))