î _ÝVïã@sÀdZddlmZddlZddlZddlZddlZddlZddlZddl Z ddl m Z ddl m Z ddlmZmZddlmZddlmZmZmZdd lmZejd ƒZGd d „d eƒZGd d„deƒZdd„Zdd„Zdd„Z ddd„Z!Gdd„de"ƒZ#dde#ddd„Z$dde#ddd„Z%Gd d!„d!e"ƒZ&Gd"d#„d#e&ƒZ'dS)$a` Functions for creating and restoring url-safe signed JSON objects. The format used looks like this: >>> signing.dumps("hello") 'ImhlbGxvIg:1QaUZC:YIye-ze3TTx7gtSv422nZA4sgmk' There are two components here, separated by a ':'. The first component is a URLsafe base64 encoded JSON of the object passed to dumps(). The second component is a base64 encoded hmac/SHA1 hash of "$first_component:$secret" signing.loads(s) checks the signature and returns the deserialized object. If the signature fails, a BadSignature exception is raised. >>> signing.loads("ImhlbGxvIg:1QaUZC:YIye-ze3TTx7gtSv422nZA4sgmk") u'hello' >>> signing.loads("ImhlbGxvIg:1QaUZC:YIye-ze3TTx7gtSv422nZA4sgmk-modified") ... BadSignature: Signature failed: ImhlbGxvIg:1QaUZC:YIye-ze3TTx7gtSv422nZA4sgmk-modified You can optionally compress the JSON prior to base64 encoding it to save space, using the compress=True argument. This checks if compression actually helps and only applies compression if the result is a shorter string: >>> signing.dumps(range(1, 20), compress=True) '.eJwFwcERACAIwLCF-rCiILN47r-GyZVJsNgkxaFxoDgxcOHGxMKD_T7vhAml:1QaUaL:BA0thEZrp4FQVXIXuOvYJtLJSrQ' The fact that the string is compressed is signalled by the prefixed '.' at the start of the base64 JSON. There are 65 url-safe characters: the 64 used by url-safe base64 and the ':'. These functions make use of all of them. é)Úunicode_literalsN)Úsettings)Úbaseconv)Úconstant_time_compareÚ salted_hmac)ÚRemovedInDjango110Warning)Ú force_bytesÚ force_strÚ force_text)Ú import_stringz^[A-z0-9-_=]*$c@seZdZdZdS)Ú BadSignaturez" Signature does not match N)Ú__name__Ú __module__Ú __qualname__Ú__doc__©rrú5/tmp/pip-build-ghmbqnp_/Django/django/core/signing.pyr 8s r c@seZdZdZdS)ÚSignatureExpiredz< Signature timestamp is older than required max_age N)r rrrrrrrr?s rcCstj|ƒjdƒS)Nó=)Úbase64Úurlsafe_b64encodeÚstrip)ÚsrrrÚ b64_encodeFsrcCs&dt|ƒ d}tj||ƒS)Nré)ÚlenrÚurlsafe_b64decode)rÚpadrrrÚ b64_decodeJsrcCstt|||ƒjƒƒS)N)rrÚdigest)ÚsaltÚvalueÚkeyrrrÚ base64_hmacOsr#z%django.core.signing.get_cookie_signercCs2ttjƒ}ttjƒ}|d|d|ƒS)Nsdjango.http.cookiesr )r rZSIGNING_BACKENDrÚ SECRET_KEY)r ÚSignerr"rrrÚget_cookie_signerSsr&c@s.eZdZdZdd„Zdd„ZdS)ÚJSONSerializerzW Simple wrapper around json to be used in signing.dumps and signing.loads. cCstj|ddƒjdƒS)NÚ separatorsú,ú:zlatin-1)r)r*)ÚjsonÚdumpsÚencode)ÚselfÚobjrrrr,^szJSONSerializer.dumpscCstj|jdƒƒS)Nzlatin-1)r+ÚloadsÚdecode)r.Údatarrrr0aszJSONSerializer.loadsN)r rrrr,r0rrrrr'Ys  r'zdjango.core.signingFc Cs“|ƒj|ƒ}d}|r[tj|ƒ}t|ƒt|ƒdkr[|}d}q[nt|ƒ}|rzd|}nt|d|ƒj|ƒS)a‹ Returns URL-safe, sha1 signed base64 compressed JSON string. If key is None, settings.SECRET_KEY is used instead. If compress is True (not the default) checks if compressing using zlib can save some space. Prepends a '.' to signify compression. This is included in the signature, to protect against zip bombs. Salt can be used to namespace the hash, so that a signed string is only valid for a given namespace. Leaving this at the default value or re-using a salt value across different parts of your application without good cause is a security risk. The serializer is expected to return a bytestring. FéTó.r )r,ÚzlibÚcompressrrÚTimestampSignerÚsign) r/r"r Ú serializerr6r2Z is_compressedÚ compressedÚbase64drrrr,es   r,cCstt|d|ƒj|d|ƒƒ}d}|dd…dkr\|dd…}d}nt|ƒ}|r€tj|ƒ}n|ƒj|ƒS)z} Reverse of dumps(), raises BadSignature if signature fails. The serializer is expected to accept a bytestring. r Úmax_ageFNr3r4T)rr7Úunsignrr5Ú decompressr0)rr"r r9r<r;r>r2rrrr0†s'  r0c@sIeZdZddddd„Zdd„Zdd„Zd d „ZdS) r%Nr*cCsy|p tj|_t|ƒ|_tj|jƒrJtjd|t ƒnt|pld|j j |j j fƒ|_ dS)NzJUnsafe Signer separator: %r (cannot be empty or consist of only A-z0-9-_=)z%s.%s)rr$r"r ÚsepÚ _SEP_UNSAFEÚmatchÚwarningsÚwarnrÚ __class__rr r )r.r"r?r rrrÚ__init__œs   zSigner.__init__cCs&t|jd||jƒ}t|ƒS)NZsigner)r#r r"r )r.r!Ú signaturerrrrF¦szSigner.signaturecCs/t|ƒ}tdƒ||j|j|ƒfS)Nz%s%s%s)r Ústrr?rF)r.r!rrrr8«s z Signer.signcCs‚t|ƒ}|j|kr1td|jƒ‚n|j|jdƒ\}}t||j|ƒƒrnt|ƒStd|ƒ‚dS)NzNo "%s" found in valuer3zSignature "%s" does not match)r r?r ÚrsplitrrFr )r.Z signed_valuer!Úsigrrrr=¯s  z Signer.unsign)r rrrErFr8r=rrrrr%šs   r%csCeZdZdd„Z‡fdd†Zd‡fdd†Z‡S)r7cCstjjttjƒƒƒS)N)rÚbase62r-ÚintÚtime)r.rrrÚ timestamp»szTimestampSigner.timestampcsDt|ƒ}tdƒ||j|jƒf}tt|ƒj|ƒS)Nz%s%s%s)r rGr?rMÚsuperr7r8)r.r!)rDrrr8¾s "zTimestampSigner.signNcs®tt|ƒj|ƒ}|j|jdƒ\}}tjj|ƒ}|dk rªt|t j ƒrr|j ƒ}nt j ƒ|}||krªt d||fƒ‚qªn|S)zk Retrieve original value and check it wasn't signed more than max_age seconds ago. r3NzSignature age %s > %s seconds)rNr7r=rHr?rrJr1Ú isinstanceÚdatetimeÚ timedeltaÚ total_secondsrLr)r.r!r<ÚresultrMZage)rDrrr=Ãs  zTimestampSigner.unsign)r rrrMr8r=rr)rDrr7¹s  r7)(rÚ __future__rrrPr+ÚrerLrBr5Z django.confrZ django.utilsrZdjango.utils.cryptorrZdjango.utils.deprecationrZdjango.utils.encodingrr r Zdjango.utils.module_loadingr Úcompiler@Ú Exceptionr rrrr#r&Úobjectr'r,r0r%r7rrrrÚ"s4           !