Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def tester(app, token, endpoint):
test_app = webtest.TestApp(app)
response = test_app.get(endpoint, expect_errors=True)
assert response.status_code == 403
timestamp = str(time.time())
nonce = str(random.randint(0, 10000))
signature = get_signature(token, timestamp, nonce)
echostr = generate_token()
params = "?timestamp=%s&nonce=%s&signature=%s&echostr=%s" % (
timestamp, nonce, signature, echostr
)
response = test_app.get(endpoint + params)
assert response.status_code == 200
assert response.body.decode('utf-8') == echostr
response = test_app.get(endpoint, expect_errors=True)
assert response.status_code == 403
assert response.body.decode('utf-8') == u'喵'
xml = """
def test_tornado(self):
token = self.token
timestamp = str(time.time())
nonce = str(random.randint(0, 10000))
signature = get_signature(token, timestamp, nonce)
echostr = generate_token()
params = "?timestamp=%s&nonce=%s&signature=%s&echostr=%s" % (
timestamp, nonce, signature, echostr
)
response = self.fetch(path=self.endpoint + params)
assert response.code == 200
assert response.body.decode('utf-8') == echostr
response = self.fetch(path=self.endpoint, )
assert response.code == 403
assert response.body.decode('utf-8') == u'喵'
xml = """
)
)
from django.test.utils import setup_test_environment
setup_test_environment()
from django.test.client import Client
from werobot.parser import parse_xml, process_message
import django
django.setup()
client = Client()
token = 'TestDjango'
timestamp = str(time.time())
nonce = str(random.randint(0, 10000))
signature = get_signature(token, timestamp, nonce)
echostr = generate_token()
response = client.get(
'/robot/', {
'signature': signature,
'timestamp': timestamp,
'nonce': nonce,
'echostr': echostr
}
)
assert response.status_code == 200
assert response.content.decode('utf-8') == echostr
xml = """
def encrypt_message(self, reply, timestamp=None, nonce=None):
"""
加密微信回复
:param reply: 加密前的回复
:type reply: WeChatReply 或 XML 文本
:return: 加密后的回复文本
"""
if hasattr(reply, "render"):
reply = reply.render()
timestamp = timestamp or to_text(int(time.time()))
nonce = nonce or generate_token(5)
encrypt = to_text(self.prp_crypto.encrypt(reply, self.app_id))
signature = get_signature(self.token, timestamp, nonce, encrypt)
return to_text(
self.ENCRYPTED_MESSAGE_XML.format(
encrypt=encrypt,
signature=signature,
timestamp=timestamp,
nonce=nonce
)
def decrypt_message(self, timestamp, nonce, msg_signature, encrypt_msg):
"""
解密收到的微信消息
:param timestamp: 请求 URL 中收到的 timestamp
:param nonce: 请求 URL 中收到的 nonce
:param msg_signature: 请求 URL 中收到的 msg_signature
:param encrypt_msg: 收到的加密文本. ( XML 中的 部分 )
:return: 解密后的 XML 文本
"""
signature = get_signature(self.token, timestamp, nonce, encrypt_msg)
if signature != msg_signature:
raise InvalidSignature(msg_signature)
return self.prp_crypto.decrypt(encrypt_msg, self.app_id)