def parse_ticket(secret, ticket, ip): """ Parse the ticket, returning (timestamp, userid, tokens, user_data). If the ticket cannot be parsed, ``BadTicket`` will be raised with an explanation. """ ticket = ticket.strip('"') digest = ticket[:32] try: timestamp = int(ticket[32:40], 16) except ValueError as e: raise BadTicket('Timestamp is not a hex integer: %s' % e) try: userid, data = ticket[40:].split('!', 1) except ValueError: raise BadTicket('userid is not followed by !') userid = url_unquote(userid) if '!' in data: tokens, user_data = data.split('!', 1) else: # @@: Is this the right order? tokens = '' user_data = data expected = calculate_digest(ip, timestamp, secret, userid, tokens, user_data) if expected != digest: raise BadTicket('Digest signature is not correct', expected=(expected, digest)) tokens = tokens.split(',') return (timestamp, userid, tokens, user_data)
def parse_ticket(secret, ticket, ip, digest_algorithm=DEFAULT_DIGEST): """ Parse the ticket, returning (timestamp, userid, tokens, user_data). If the ticket cannot be parsed, ``BadTicket`` will be raised with an explanation. """ ticket = ticket.strip('"') if isinstance(digest_algorithm, str): digest_algorithm = getattr(hashlib, digest_algorithm) if digest_algorithm is None: digest_algorithm = DEFAULT_DIGEST try: digest_func = digest_algorithm() digest_size = digest_func.digest_size * 2 except: digest_func = digest_algorithm digest_size = digest_func.digest_size * 2 digest = ticket[:digest_size] try: timestamp = int(ticket[digest_size:digest_size+8], 16) except ValueError as e: raise BadTicket('Timestamp is not a hex integer: %s' % e) try: userid, data = ticket[digest_size+8:].split('!', 1) except ValueError: raise BadTicket('userid is not followed by !') userid = url_unquote(userid) if '!' in data: tokens, user_data = data.split('!', 1) else: # @@: Is this the right order? tokens = '' user_data = data if isinstance(digest_algorithm, str): digest_algorithm = getattr(hashlib, digest_algorithm) expected = calculate_digest(ip, timestamp, secret, userid, tokens, user_data, digest_algorithm) if expected != digest: raise BadTicket('Digest signature is not correct', expected=(expected, digest)) tokens = tokens.split(',') return (timestamp, userid, tokens, user_data)