ó i4Vdc@s®dZddlmZddlZddlZddlZddlZddlZddlZddl Z ddl m Z ddl m Z ddlmZmZddlmZddlmZmZmZdd lmZejd ƒZd efd „ƒYZd efd„ƒYZd„Zd„Zd„Z dd„Z!de"fd„ƒYZ#dde#e%d„Z&dde#dd„Z'de"fd„ƒYZ(de(fd„ƒYZ)dS(u` Functions for creating and restoring url-safe signed JSON objects. The format used looks like this: >>> signing.dumps("hello") 'ImhlbGxvIg:1QaUZC:YIye-ze3TTx7gtSv422nZA4sgmk' There are two components here, separated by a ':'. The first component is a URLsafe base64 encoded JSON of the object passed to dumps(). The second component is a base64 encoded hmac/SHA1 hash of "$first_component:$secret" signing.loads(s) checks the signature and returns the deserialized object. If the signature fails, a BadSignature exception is raised. >>> signing.loads("ImhlbGxvIg:1QaUZC:YIye-ze3TTx7gtSv422nZA4sgmk") u'hello' >>> signing.loads("ImhlbGxvIg:1QaUZC:YIye-ze3TTx7gtSv422nZA4sgmk-modified") ... BadSignature: Signature failed: ImhlbGxvIg:1QaUZC:YIye-ze3TTx7gtSv422nZA4sgmk-modified You can optionally compress the JSON prior to base64 encoding it to save space, using the compress=True argument. This checks if compression actually helps and only applies compression if the result is a shorter string: >>> signing.dumps(range(1, 20), compress=True) '.eJwFwcERACAIwLCF-rCiILN47r-GyZVJsNgkxaFxoDgxcOHGxMKD_T7vhAml:1QaUaL:BA0thEZrp4FQVXIXuOvYJtLJSrQ' The fact that the string is compressed is signalled by the prefixed '.' at the start of the base64 JSON. There are 65 url-safe characters: the 64 used by url-safe base64 and the ':'. These functions make use of all of them. iÿÿÿÿ(tunicode_literalsN(tsettings(tbaseconv(tconstant_time_comparet salted_hmac(tRemovedInDjango110Warning(t force_bytest force_strt force_text(t import_stringu^[A-z0-9-_=]*$t BadSignaturecBseZdZRS(u" Signature does not match (t__name__t __module__t__doc__(((sa/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/signing.pyR 8stSignatureExpiredcBseZdZRS(u< Signature timestamp is older than required max_age (R R R (((sa/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/signing.pyR?scCstj|ƒjdƒS(Nt=(tbase64turlsafe_b64encodetstrip(ts((sa/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/signing.pyt b64_encodeFscCs&dt|ƒ d}tj||ƒS(NRi(tlenRturlsafe_b64decode(Rtpad((sa/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/signing.pyt b64_decodeJscCstt|||ƒjƒƒS(N(RRtdigest(tsalttvaluetkey((sa/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/signing.pyt base64_hmacOsu%django.core.signing.get_cookie_signercCs2ttjƒ}ttjƒ}|d|d|ƒS(Nsdjango.http.cookiesR(R RtSIGNING_BACKENDRt SECRET_KEY(RtSignerR((sa/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/signing.pytget_cookie_signerSstJSONSerializercBs eZdZd„Zd„ZRS(uW Simple wrapper around json to be used in signing.dumps and signing.loads. cCstj|ddƒjdƒS(Nt separatorsu,u:ulatin-1(u,u:(tjsontdumpstencode(tselftobj((sa/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/signing.pyR%^scCstj|jdƒƒS(Nulatin-1(R$tloadstdecode(R'tdata((sa/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/signing.pyR)as(R R R R%R)(((sa/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/signing.pyR"Ys udjango.core.signingc Cs“|ƒj|ƒ}t}|r[tj|ƒ}t|ƒt|ƒdkr[|}t}q[nt|ƒ}|rzd|}nt|d|ƒj|ƒS(u‹ Returns URL-safe, sha1 signed base64 compressed JSON string. If key is None, settings.SECRET_KEY is used instead. If compress is True (not the default) checks if compressing using zlib can save some space. Prepends a '.' to signify compression. This is included in the signature, to protect against zip bombs. Salt can be used to namespace the hash, so that a signed string is only valid for a given namespace. Leaving this at the default value or re-using a salt value across different parts of your application without good cause is a security risk. The serializer is expected to return a bytestring. it.R( R%tFalsetzlibtcompressRtTrueRtTimestampSignertsign( R(RRt serializerR/R+t is_compressedt compressedtbase64d((sa/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/signing.pyR%es   cCs„tt|d|ƒj|d|ƒƒ}t}|d dkrP|d}t}nt|ƒ}|rttj|ƒ}n|ƒj|ƒS(u} Reverse of dumps(), raises BadSignature if signature fails. The serializer is expected to accept a bytestring. Rtmax_ageiR,( RR1tunsignR-R0RR.t decompressR)(RRRR3R7R6R9R+((sa/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/signing.pyR)†s'   R cBs5eZdddd„Zd„Zd„Zd„ZRS(u:cCsy|p tj|_t|ƒ|_tj|jƒrJtjd|t ƒnt|pld|j j |j j fƒ|_ dS(NuJUnsafe Signer separator: %r (cannot be empty or consist of only A-z0-9-_=)u%s.%s(RRRRtsept _SEP_UNSAFEtmatchtwarningstwarnRt __class__R R R(R'RR:R((sa/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/signing.pyt__init__œs   cCs&t|jd||jƒ}t|ƒS(Nusigner(RRRR(R'Rt signature((sa/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/signing.pyRA¦scCs/t|ƒ}tdƒ||j|j|ƒfS(Nu%s%s%s(RtstrR:RA(R'R((sa/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/signing.pyR2«s cCs‚t|ƒ}|j|kr1td|jƒ‚n|j|jdƒ\}}t||j|ƒƒrnt|ƒStd|ƒ‚dS(NuNo "%s" found in valueiuSignature "%s" does not match(RR:R trsplitRRAR(R't signed_valueRtsig((sa/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/signing.pyR8¯s  N(R R tNoneR@RAR2R8(((sa/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/signing.pyR šs  R1cBs&eZd„Zd„Zdd„ZRS(cCstjjttjƒƒƒS(N(Rtbase62R&tintttime(R'((sa/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/signing.pyt timestamp»scCsDt|ƒ}tdƒ||j|jƒf}tt|ƒj|ƒS(Nu%s%s%s(RRBR:RJtsuperR1R2(R'R((sa/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/signing.pyR2¾s "cCs®tt|ƒj|ƒ}|j|jdƒ\}}tjj|ƒ}|dk rªt |t j ƒrr|j ƒ}nt j ƒ|}||krªtd||fƒ‚qªn|S(uk Retrieve original value and check it wasn't signed more than max_age seconds ago. iuSignature age %s > %s secondsN(RKR1R8RCR:RRGR*RFt isinstancetdatetimet timedeltat total_secondsRIR(R'RR7tresultRJtage((sa/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/signing.pyR8Ãs  N(R R RJR2RFR8(((sa/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/signing.pyR1¹s  (*R t __future__RRRMR$treRIR=R.t django.confRt django.utilsRtdjango.utils.cryptoRRtdjango.utils.deprecationRtdjango.utils.encodingRRRtdjango.utils.module_loadingR tcompileR;t ExceptionR RRRRR!tobjectR"RFR-R%R)R R1(((sa/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/signing.pyt"s4            !