Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / google-api-python-client / 3aaca548a7bea3c67d49c28f2b13b4cf9a21633b / . / docs / epy / oauth2client.xsrfutil-module.html
blob: 4ff22d7f3323204a14f15bdc3c35966cc4a79ec3 [file] [log] [blame]
Joe Gregorio1b425aa2012-08-24 12:04:34 -0400[diff] [blame]1<?xml version="1.0" encoding="ascii"?>
2<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
3 "DTD/xhtml1-transitional.dtd">
4<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
5<head>
6 <title>oauth2client.xsrfutil</title>
7 <link rel="stylesheet" href="epydoc.css" type="text/css" />
8 <script type="text/javascript" src="epydoc.js"></script>
9</head>
10
11<body bgcolor="white" text="black" link="blue" vlink="#204080"
12 alink="#204080">
13<!-- ==================== NAVIGATION BAR ==================== -->
14<table class="navbar" border="0" width="100%" cellpadding="0"
15 bgcolor="#a0c0ff" cellspacing="0">
16 <tr valign="middle">
17
18 <!-- Tree link -->
19 <th>&nbsp;&nbsp;&nbsp;<a
20 href="module-tree.html">Trees</a>&nbsp;&nbsp;&nbsp;</th>
21
22 <!-- Index link -->
23 <th>&nbsp;&nbsp;&nbsp;<a
24 href="identifier-index.html">Indices</a>&nbsp;&nbsp;&nbsp;</th>
25
26 <!-- Help link -->
27 <th>&nbsp;&nbsp;&nbsp;<a
28 href="help.html">Help</a>&nbsp;&nbsp;&nbsp;</th>
29
30 <th class="navbar" width="100%"></th>
31 </tr>
32</table>
33<table width="100%" cellpadding="0" cellspacing="0">
34 <tr valign="top">
35 <td width="100%">
36 <span class="breadcrumbs">
37 <a href="oauth2client-module.html">Package&nbsp;oauth2client</a> ::
38 Module&nbsp;xsrfutil
39 </span>
40 </td>
41 <td>
42 <table cellpadding="0" cellspacing="0">
43 <!-- hide/show private -->
44 <tr><td align="right"><span class="options">[<a href="javascript:void(0);" class="privatelink"
45 onclick="toggle_private();">hide&nbsp;private</a>]</span></td></tr>
46 <tr><td align="right"><span class="options"
47 >[<a href="frames.html" target="_top">frames</a
48 >]&nbsp;|&nbsp;<a href="oauth2client.xsrfutil-module.html"
49 target="_top">no&nbsp;frames</a>]</span></td></tr>
50 </table>
51 </td>
52 </tr>
53</table>
54<!-- ==================== MODULE DESCRIPTION ==================== -->
55<h1 class="epydoc">Module xsrfutil</h1><p class="nomargin-top"><span class="codelink"><a href="oauth2client.xsrfutil-pysrc.html">source&nbsp;code</a></span></p>
56<pre class="literalblock">
57Helper methods for creating &amp; verifying XSRF tokens.
58
59</pre>
60
61<hr />
62<div class="fields"> <dl><dt>Authors:</dt>
63 <dd>
64 &quot;Doug Coker&quot; &lt;dcoker@google.com&gt;,
65 &quot;Joe Gregorio&quot; &lt;jcgregorio@google.com&gt;
66 </dd>
67 </dl>
Joe Gregoriof4839b02012-09-06 13:47:24 -0400[diff] [blame]68</div><!-- ==================== FUNCTIONS ==================== -->
69<a name="section-Functions"></a>
70<table class="summary" border="1" cellpadding="3"
71 cellspacing="0" width="100%" bgcolor="white">
72<tr bgcolor="#70b0f0" class="table-header">
73 <td colspan="2" class="table-header">
74 <table border="0" cellpadding="0" cellspacing="0" width="100%">
75 <tr valign="top">
76 <td align="left"><span class="table-header">Functions</span></td>
77 <td align="right" valign="top"
78 ><span class="options">[<a href="#section-Functions"
79 class="privatelink" onclick="toggle_private();"
80 >hide private</a>]</span></td>
81 </tr>
82 </table>
83 </td>
84</tr>
85<tr>
86 <td width="15%" align="right" valign="top" class="summary">
87 <span class="summary-type">&nbsp;</span>
88 </td><td class="summary">
89 <table width="100%" cellpadding="0" cellspacing="0" border="0">
90 <tr>
91 <td><span class="summary-sig"><a href="oauth2client.xsrfutil-module.html#generate_token" class="summary-sig-name">generate_token</a>(<span class="summary-sig-arg">key</span>,
92 <span class="summary-sig-arg">user_id</span>,
93 <span class="summary-sig-arg">action_id</span>=<span class="summary-sig-default">&quot;&quot;</span>,
94 <span class="summary-sig-arg">when</span>=<span class="summary-sig-default">None</span>)</span><br />
95 Generates a URL-safe token for the given user, action, time tuple.</td>
96 <td align="right" valign="top">
97 <span class="codelink"><a href="oauth2client.xsrfutil-pysrc.html#generate_token">source&nbsp;code</a></span>
98
99 </td>
100 </tr>
101 </table>
102
103 </td>
104 </tr>
105<tr>
106 <td width="15%" align="right" valign="top" class="summary">
107 <span class="summary-type">&nbsp;</span>
108 </td><td class="summary">
109 <table width="100%" cellpadding="0" cellspacing="0" border="0">
110 <tr>
111 <td><span class="summary-sig"><a href="oauth2client.xsrfutil-module.html#validate_token" class="summary-sig-name">validate_token</a>(<span class="summary-sig-arg">key</span>,
112 <span class="summary-sig-arg">token</span>,
113 <span class="summary-sig-arg">user_id</span>,
114 <span class="summary-sig-arg">action_id</span>=<span class="summary-sig-default">&quot;&quot;</span>,
115 <span class="summary-sig-arg">current_time</span>=<span class="summary-sig-default">None</span>)</span><br />
116 Validates that the given token authorizes the user for the action.</td>
117 <td align="right" valign="top">
118 <span class="codelink"><a href="oauth2client.xsrfutil-pysrc.html#validate_token">source&nbsp;code</a></span>
119
120 </td>
121 </tr>
122 </table>
123
124 </td>
125 </tr>
126</table>
127<!-- ==================== VARIABLES ==================== -->
Joe Gregorio1b425aa2012-08-24 12:04:34 -0400[diff] [blame]128<a name="section-Variables"></a>
129<table class="summary" border="1" cellpadding="3"
130 cellspacing="0" width="100%" bgcolor="white">
131<tr bgcolor="#70b0f0" class="table-header">
132 <td colspan="2" class="table-header">
133 <table border="0" cellpadding="0" cellspacing="0" width="100%">
134 <tr valign="top">
135 <td align="left"><span class="table-header">Variables</span></td>
136 <td align="right" valign="top"
137 ><span class="options">[<a href="#section-Variables"
138 class="privatelink" onclick="toggle_private();"
139 >hide private</a>]</span></td>
140 </tr>
141 </table>
142 </td>
143</tr>
144<tr>
145 <td width="15%" align="right" valign="top" class="summary">
146 <span class="summary-type">&nbsp;</span>
147 </td><td class="summary">
Joe Gregoriof4839b02012-09-06 13:47:24 -0400[diff] [blame]148 <a name="DELIMITER"></a><span class="summary-name">DELIMITER</span> = <code title="':'">':'</code>
Joe Gregorio1b425aa2012-08-24 12:04:34 -0400[diff] [blame]149 </td>
150 </tr>
151<tr>
152 <td width="15%" align="right" valign="top" class="summary">
153 <span class="summary-type">&nbsp;</span>
154 </td><td class="summary">
Joe Gregoriof4839b02012-09-06 13:47:24 -0400[diff] [blame]155 <a name="DEFAULT_TIMEOUT_SECS"></a><span class="summary-name">DEFAULT_TIMEOUT_SECS</span> = <code title="1* 60* 60">1* 60* 60</code>
Joe Gregorio1b425aa2012-08-24 12:04:34 -0400[diff] [blame]156 </td>
157 </tr>
158</table>
Joe Gregoriof4839b02012-09-06 13:47:24 -0400[diff] [blame]159<!-- ==================== FUNCTION DETAILS ==================== -->
160<a name="section-FunctionDetails"></a>
161<table class="details" border="1" cellpadding="3"
162 cellspacing="0" width="100%" bgcolor="white">
163<tr bgcolor="#70b0f0" class="table-header">
164 <td colspan="2" class="table-header">
165 <table border="0" cellpadding="0" cellspacing="0" width="100%">
166 <tr valign="top">
167 <td align="left"><span class="table-header">Function Details</span></td>
168 <td align="right" valign="top"
169 ><span class="options">[<a href="#section-FunctionDetails"
170 class="privatelink" onclick="toggle_private();"
171 >hide private</a>]</span></td>
172 </tr>
173 </table>
174 </td>
175</tr>
176</table>
177<a name="generate_token"></a>
178<div>
179<table class="details" border="1" cellpadding="3"
180 cellspacing="0" width="100%" bgcolor="white">
181<tr><td>
182 <table width="100%" cellpadding="0" cellspacing="0" border="0">
183 <tr valign="top"><td>
184 <h3 class="epydoc"><span class="sig"><span class="sig-name">generate_token</span>(<span class="sig-arg">key</span>,
185 <span class="sig-arg">user_id</span>,
186 <span class="sig-arg">action_id</span>=<span class="sig-default">&quot;&quot;</span>,
187 <span class="sig-arg">when</span>=<span class="sig-default">None</span>)</span>
188 </h3>
189 </td><td align="right" valign="top"
190 ><span class="codelink"><a href="oauth2client.xsrfutil-pysrc.html#generate_token">source&nbsp;code</a></span>&nbsp;
191 </td>
192 </tr></table>
193
194 <pre class="literalblock">
195Generates a URL-safe token for the given user, action, time tuple.
196
197Args:
198 key: secret key to use.
199 user_id: the user ID of the authenticated user.
200 action_id: a string identifier of the action they requested
201 authorization for.
202 when: the time in seconds since the epoch at which the user was
203 authorized for this action. If not set the current time is used.
204
205Returns:
206 A string XSRF protection token.
207
208</pre>
209 <dl class="fields">
210 <dt>Decorators:</dt>
211 <dd><ul class="nomargin-top">
212 <li><code>@util.positional(2)</code></li>
213 </ul></dd>
214 </dl>
215</td></tr></table>
216</div>
217<a name="validate_token"></a>
218<div>
219<table class="details" border="1" cellpadding="3"
220 cellspacing="0" width="100%" bgcolor="white">
221<tr><td>
222 <table width="100%" cellpadding="0" cellspacing="0" border="0">
223 <tr valign="top"><td>
224 <h3 class="epydoc"><span class="sig"><span class="sig-name">validate_token</span>(<span class="sig-arg">key</span>,
225 <span class="sig-arg">token</span>,
226 <span class="sig-arg">user_id</span>,
227 <span class="sig-arg">action_id</span>=<span class="sig-default">&quot;&quot;</span>,
228 <span class="sig-arg">current_time</span>=<span class="sig-default">None</span>)</span>
229 </h3>
230 </td><td align="right" valign="top"
231 ><span class="codelink"><a href="oauth2client.xsrfutil-pysrc.html#validate_token">source&nbsp;code</a></span>&nbsp;
232 </td>
233 </tr></table>
234
235 <pre class="literalblock">
236Validates that the given token authorizes the user for the action.
237
238Tokens are invalid if the time of issue is too old or if the token
239does not match what generateToken outputs (i.e. the token was forged).
240
241Args:
242 key: secret key to use.
243 token: a string of the token generated by generateToken.
244 user_id: the user ID of the authenticated user.
245 action_id: a string identifier of the action they requested
246 authorization for.
247
248Returns:
249 A boolean - True if the user is authorized for the action, False
250 otherwise.
251
252</pre>
253 <dl class="fields">
254 <dt>Decorators:</dt>
255 <dd><ul class="nomargin-top">
256 <li><code>@util.positional(3)</code></li>
257 </ul></dd>
258 </dl>
259</td></tr></table>
260</div>
261<br />
Joe Gregorio1b425aa2012-08-24 12:04:34 -0400[diff] [blame]262<!-- ==================== NAVIGATION BAR ==================== -->
263<table class="navbar" border="0" width="100%" cellpadding="0"
264 bgcolor="#a0c0ff" cellspacing="0">
265 <tr valign="middle">
266
267 <!-- Tree link -->
268 <th>&nbsp;&nbsp;&nbsp;<a
269 href="module-tree.html">Trees</a>&nbsp;&nbsp;&nbsp;</th>
270
271 <!-- Index link -->
272 <th>&nbsp;&nbsp;&nbsp;<a
273 href="identifier-index.html">Indices</a>&nbsp;&nbsp;&nbsp;</th>
274
275 <!-- Help link -->
276 <th>&nbsp;&nbsp;&nbsp;<a
277 href="help.html">Help</a>&nbsp;&nbsp;&nbsp;</th>
278
279 <th class="navbar" width="100%"></th>
280 </tr>
281</table>
282<table border="0" cellpadding="0" cellspacing="0" width="100%%">
283 <tr>
284 <td align="left" class="footer">
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]285 Generated by Epydoc 3.0.1 on Tue Aug 6 12:16:42 2013
Joe Gregorio1b425aa2012-08-24 12:04:34 -0400[diff] [blame]286 </td>
287 <td align="right" class="footer">
288 <a target="mainFrame" href="http://epydoc.sourceforge.net"
289 >http://epydoc.sourceforge.net</a>
290 </td>
291 </tr>
292</table>
293
294<script type="text/javascript">
295 <!--
296 // Private objects are initially displayed (because if
297 // javascript is turned off then we want them to be
298 // visible); but by default, we want to hide them. So hide
299 // them unless we have a cookie that says to show them.
300 checkCookie();
301 // -->
302</script>
303</body>
304</html>