Python validate_internal_request示例

编程语言: Python

命名空间/包名称: shared_helpers.services

方法/功能: validate_internal_request

hotexamples.com的示例: 6

Python validate_internal_request - 已找到6个示例。这些是从开源项目中提取的最受好评的shared_helpers.services.validate_internal_request现实Python示例。您可以评价示例，以帮助我们提高示例质量。

示例#1

显示文件

def check_csrf():
    """Verifies one of the following is true, or aborts with 400.

  a) the request includes a valid CSRF token
  b) the origin is explicitly allowed
  c) the request includes a valid internal token
  """
    if request.method in ['OPTIONS', 'GET']:
        return

    try:
        validate_csrf(request.headers.get('X-CSRFToken'))

        return
    except ValidationError:
        pass

    if request.headers.get('origin') in ADDITIONAL_ALLOWED_ORIGINS:
        return

    if request.path in csrf_exempt_paths:
        return

    try:
        validate_internal_request(request)

        return
    except InvalidInternalToken:
        pass

    abort(400, 'Invalid CSRF token.')

示例#2

显示文件

    def test_validate_internal_request__no_token(self):
        mock_request = Mock()

        mock_request.headers = {}

        with self.assertRaises(services.InvalidInternalToken) as cm:
            services.validate_internal_request(mock_request)

        self.assertEqual('no token', str(cm.exception))

示例#3

显示文件

    def test_validate_internal_request__invalid_signature__no_exp(
            self, mock_get_config_by_key_path):
        token = jwt.encode({'url': 'https://trot.to/api/users'},
                           'so_secret',
                           algorithm='HS256')

        mock_request = Mock()

        mock_request.headers = {'X-Token': token}
        mock_request.url = 'https://trot.to/api/users'

        with self.assertRaises(services.InvalidInternalToken) as cm:
            services.validate_internal_request(mock_request)

        self.assertEqual('missing exp', str(cm.exception))

        mock_get_config_by_key_path.assert_called_once_with(['signing_secret'])

示例#4

显示文件

    def test_validate_internal_request__mismatched_url(
            self, mock_get_config_by_key_path):
        token = jwt.encode(
            {
                'exp':
                datetime.datetime.utcnow() + datetime.timedelta(seconds=30),
                'url': 'https://trot.to/api/users/1'
            },
            'so_secret',
            algorithm='HS256')

        mock_request = Mock()

        mock_request.headers = {'X-Token': token}
        mock_request.url = 'https://trot.to/api/users'

        with self.assertRaises(services.InvalidInternalToken) as cm:
            services.validate_internal_request(mock_request)

        self.assertEqual('mismatched URL', str(cm.exception))

        mock_get_config_by_key_path.assert_called_once_with(['signing_secret'])

示例#5

显示文件

    def test_validate_internal_request__valid_token(
            self, mock_get_config_by_key_path):
        token = jwt.encode(
            {
                'exp':
                datetime.datetime.utcnow() + datetime.timedelta(seconds=30),
                'url': 'https://trot.to/api/users'
            },
            'so_secret',
            algorithm='HS256')

        mock_request = Mock()

        mock_request.headers = {'X-Token': token}
        mock_request.url = 'https://trot.to/api/users'

        self.assertEqual(True,
                         services.validate_internal_request(mock_request))

        mock_get_config_by_key_path.assert_called_once_with(['signing_secret'])

示例#6

显示文件

def get_users():
    services.validate_internal_request(request)

    return jsonify([{'id': 1}])