Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
cipher_text = Token.create(identity, timestamp - TOKEN_TIME_OUT)
pytest.raises(TokenTimeout, Token.check, identity, cipher_text)
key = Token.get_key(identity)
aes_obj = AES.new(key, AES.MODE_CBC, key[1:] + 'x')
cipher_text = base64.b16encode(aes_obj.encrypt('error timestamp '))
pytest.raises(TokenInvalid, Token.check, identity, cipher_text)
Token.get_key.return_value = 't' * 16
pytest.raises(TokenInvalid, Token.check, identity, cipher_text)
# error key
Token.get_key.return_value = 'p' * 13
pytest.raises(TokenKeyInvalid, Token.create, identity)
pytest.raises(TokenKeyInvalid, Token.check, identity, cipher_text)
assert Token.check(identity, cipher_text) == True
cipher_text = Token.create(identity, timestamp - TOKEN_TIME_OUT)
pytest.raises(TokenTimeout, Token.check, identity, cipher_text)
key = Token.get_key(identity)
aes_obj = AES.new(key, AES.MODE_CBC, key[1:] + 'x')
cipher_text = base64.b16encode(aes_obj.encrypt('error timestamp '))
pytest.raises(TokenInvalid, Token.check, identity, cipher_text)
Token.get_key.return_value = 't' * 16
pytest.raises(TokenInvalid, Token.check, identity, cipher_text)
# error key
Token.get_key.return_value = 'p' * 13
pytest.raises(TokenKeyInvalid, Token.create, identity)
pytest.raises(TokenKeyInvalid, Token.check, identity, cipher_text)
:param str identity: Username or App Id
:param str cipher_text: Token value
:return: bool. Token Valid or Invalid
:raise TokenInvalid: Token invalid
:raise TokenKeyInvalid: Key must be 16 bytes long
:raise TokenTimeout: Token time out
"""
if len(cipher_text) % 16 != 0:
raise TokenInvalid('Token must be a multiple of 16 in length')
key = self.__key_provider(identity)
try:
aes_obj = AES.new(key, AES.MODE_CBC, key[1:] + 'x')
except ValueError:
raise TokenKeyInvalid('Key must be 16 bytes long')
try:
byte_text = aes_obj.decrypt(base64.b16decode(cipher_text, True)).rstrip(b'\x00')
plaintext = byte_text[: -16]
except binascii.Error: # base64 raise
raise TokenInvalid('Token invalid')
try:
# check time
if time.time() - int(plaintext) > TOKEN_TIME_OUT:
raise TokenTimeout('Token time out')
except ValueError:
raise TokenInvalid('Token invalid, must be timestamp')
return True
:raise TokenTimestampInvalid: Token timestamp invalid, timestamp must be integer
:raise TokenKeyInvalid: Key must be 16 bytes long
"""
key = self.__key_provider(identity)
try:
plaintext = '%d%s' % (timestamp or int(time.time()), key)
except TypeError:
raise TokenTimestampInvalid('Token timestamp invalid, timestamp must be integer')
# plaintext must be a multiple of 16 in length
fill_size = 16 - len(plaintext) % 16
byte_text = plaintext.encode() + b'\x00' * (0 if fill_size == 16 else fill_size)
try:
aes_obj = AES.new(key, AES.MODE_CBC, key[1:] + 'x')
except ValueError:
raise TokenKeyInvalid('Key must be 16 bytes long')
cipher_text = aes_obj.encrypt(byte_text)
return base64.b16encode(cipher_text).decode()