Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / google-api-python-client / 1a0d5cdd20f640b821242a134277a1c156c0af2c / . / oauth2client / xsrfutil.py
blob: 7e1fe5c813301c5affbed55d40d9a924c2528f6e [file] [log] [blame]
Joe Gregorio6ceea2d2012-08-24 11:57:58 -0400[diff] [blame]1#!/usr/bin/python2.5
2#
3# Copyright 2010 the Melange authors.
4#
5# Licensed under the Apache License, Version 2.0 (the "License");
6# you may not use this file except in compliance with the License.
7# You may obtain a copy of the License at
8#
9# http://www.apache.org/licenses/LICENSE-2.0
10#
11# Unless required by applicable law or agreed to in writing, software
12# distributed under the License is distributed on an "AS IS" BASIS,
13# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14# See the License for the specific language governing permissions and
15# limitations under the License.
16
17"""Helper methods for creating & verifying XSRF tokens."""
18
19__authors__ = [
20 '"Doug Coker" <dcoker@google.com>',
21 '"Joe Gregorio" <jcgregorio@google.com>',
22]
23
24
25import base64
26import hmac
27import os # for urandom
28import time
29
30from oauth2client import util
31
32
33# Delimiter character
34DELIMITER = ':'
35
36# 1 hour in seconds
37DEFAULT_TIMEOUT_SECS = 1*60*60
38
39@util.positional(2)
40def generate_token(key, user_id, action_id="", when=None):
41 """Generates a URL-safe token for the given user, action, time tuple.
42
43 Args:
44 key: secret key to use.
45 user_id: the user ID of the authenticated user.
46 action_id: a string identifier of the action they requested
47 authorization for.
48 when: the time in seconds since the epoch at which the user was
49 authorized for this action. If not set the current time is used.
50
51 Returns:
52 A string XSRF protection token.
53 """
54 when = when or int(time.time())
55 digester = hmac.new(key)
56 digester.update(str(user_id))
57 digester.update(DELIMITER)
58 digester.update(action_id)
59 digester.update(DELIMITER)
60 digester.update(str(when))
61 digest = digester.digest()
62
63 token = base64.urlsafe_b64encode('%s%s%d' % (digest,
64 DELIMITER,
65 when))
66 return token
67
68
69@util.positional(3)
70def validate_token(key, token, user_id, action_id="", current_time=None):
71 """Validates that the given token authorizes the user for the action.
72
73 Tokens are invalid if the time of issue is too old or if the token
74 does not match what generateToken outputs (i.e. the token was forged).
75
76 Args:
77 key: secret key to use.
78 token: a string of the token generated by generateToken.
79 user_id: the user ID of the authenticated user.
80 action_id: a string identifier of the action they requested
81 authorization for.
82
83 Returns:
84 A boolean - True if the user is authorized for the action, False
85 otherwise.
86 """
87 if not token:
88 return False
89 try:
90 decoded = base64.urlsafe_b64decode(str(token))
91 token_time = long(decoded.split(DELIMITER)[-1])
92 except (TypeError, ValueError):
93 return False
94 if current_time is None:
95 current_time = time.time()
96 # If the token is too old it's not valid.
97 if current_time - token_time > DEFAULT_TIMEOUT_SECS:
98 return False
99
100 # The given token should match the generated one with the same time.
101 expected_token = generate_token(key, user_id, action_id=action_id,
102 when=token_time)
Joe Gregorio1a0d5cd2012-10-08 13:48:58 -0400[diff] [blame^]103 if len(token) != len(expected_token):
104 return False
105
106 # Perform constant time comparison to avoid timing attacks
107 different = 0
108 for x, y in zip(token, expected_token):
109 different |= ord(x) ^ ord(y)
110 if different:
Joe Gregorio6ceea2d2012-08-24 11:57:58 -0400[diff] [blame]111 return False
112
113 return True