Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / google-api-python-client / f4839b0d74d8678a8e08964ce3e5899a77d8375f / . / docs / epy / oauth2client.xsrfutil-pysrc.html
blob: b93db62034304522d76492678a51774c4cf95425 [file] [log] [blame]
Joe Gregorio1b425aa2012-08-24 12:04:34 -0400[diff] [blame]1<?xml version="1.0" encoding="ascii"?>
2<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
3 "DTD/xhtml1-transitional.dtd">
4<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
5<head>
6 <title>oauth2client.xsrfutil</title>
7 <link rel="stylesheet" href="epydoc.css" type="text/css" />
8 <script type="text/javascript" src="epydoc.js"></script>
9</head>
10
11<body bgcolor="white" text="black" link="blue" vlink="#204080"
12 alink="#204080">
13<!-- ==================== NAVIGATION BAR ==================== -->
14<table class="navbar" border="0" width="100%" cellpadding="0"
15 bgcolor="#a0c0ff" cellspacing="0">
16 <tr valign="middle">
17
18 <!-- Tree link -->
19 <th>&nbsp;&nbsp;&nbsp;<a
20 href="module-tree.html">Trees</a>&nbsp;&nbsp;&nbsp;</th>
21
22 <!-- Index link -->
23 <th>&nbsp;&nbsp;&nbsp;<a
24 href="identifier-index.html">Indices</a>&nbsp;&nbsp;&nbsp;</th>
25
26 <!-- Help link -->
27 <th>&nbsp;&nbsp;&nbsp;<a
28 href="help.html">Help</a>&nbsp;&nbsp;&nbsp;</th>
29
30 <th class="navbar" width="100%"></th>
31 </tr>
32</table>
33<table width="100%" cellpadding="0" cellspacing="0">
34 <tr valign="top">
35 <td width="100%">
36 <span class="breadcrumbs">
37 <a href="oauth2client-module.html">Package&nbsp;oauth2client</a> ::
38 Module&nbsp;xsrfutil
39 </span>
40 </td>
41 <td>
42 <table cellpadding="0" cellspacing="0">
43 <!-- hide/show private -->
44 <tr><td align="right"><span class="options">[<a href="javascript:void(0);" class="privatelink"
45 onclick="toggle_private();">hide&nbsp;private</a>]</span></td></tr>
46 <tr><td align="right"><span class="options"
47 >[<a href="frames.html" target="_top">frames</a
48 >]&nbsp;|&nbsp;<a href="oauth2client.xsrfutil-pysrc.html"
49 target="_top">no&nbsp;frames</a>]</span></td></tr>
50 </table>
51 </td>
52 </tr>
53</table>
54<h1 class="epydoc">Source Code for <a href="oauth2client.xsrfutil-module.html">Module oauth2client.xsrfutil</a></h1>
55<pre class="py-src">
56<a name="L1"></a><tt class="py-lineno"> 1</tt> <tt class="py-line"><tt class="py-comment">#!/usr/bin/python2.5</tt> </tt>
57<a name="L2"></a><tt class="py-lineno"> 2</tt> <tt class="py-line"><tt class="py-comment">#</tt> </tt>
58<a name="L3"></a><tt class="py-lineno"> 3</tt> <tt class="py-line"><tt class="py-comment"># Copyright 2010 the Melange authors.</tt> </tt>
59<a name="L4"></a><tt class="py-lineno"> 4</tt> <tt class="py-line"><tt class="py-comment">#</tt> </tt>
60<a name="L5"></a><tt class="py-lineno"> 5</tt> <tt class="py-line"><tt class="py-comment"># Licensed under the Apache License, Version 2.0 (the "License");</tt> </tt>
61<a name="L6"></a><tt class="py-lineno"> 6</tt> <tt class="py-line"><tt class="py-comment"># you may not use this file except in compliance with the License.</tt> </tt>
62<a name="L7"></a><tt class="py-lineno"> 7</tt> <tt class="py-line"><tt class="py-comment"># You may obtain a copy of the License at</tt> </tt>
63<a name="L8"></a><tt class="py-lineno"> 8</tt> <tt class="py-line"><tt class="py-comment">#</tt> </tt>
64<a name="L9"></a><tt class="py-lineno"> 9</tt> <tt class="py-line"><tt class="py-comment"># http://www.apache.org/licenses/LICENSE-2.0</tt> </tt>
65<a name="L10"></a><tt class="py-lineno"> 10</tt> <tt class="py-line"><tt class="py-comment">#</tt> </tt>
66<a name="L11"></a><tt class="py-lineno"> 11</tt> <tt class="py-line"><tt class="py-comment"># Unless required by applicable law or agreed to in writing, software</tt> </tt>
67<a name="L12"></a><tt class="py-lineno"> 12</tt> <tt class="py-line"><tt class="py-comment"># distributed under the License is distributed on an "AS IS" BASIS,</tt> </tt>
68<a name="L13"></a><tt class="py-lineno"> 13</tt> <tt class="py-line"><tt class="py-comment"># WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</tt> </tt>
69<a name="L14"></a><tt class="py-lineno"> 14</tt> <tt class="py-line"><tt class="py-comment"># See the License for the specific language governing permissions and</tt> </tt>
70<a name="L15"></a><tt class="py-lineno"> 15</tt> <tt class="py-line"><tt class="py-comment"># limitations under the License.</tt> </tt>
71<a name="L16"></a><tt class="py-lineno"> 16</tt> <tt class="py-line"> </tt>
72<a name="L17"></a><tt class="py-lineno"> 17</tt> <tt class="py-line"><tt class="py-docstring">"""Helper methods for creating &amp; verifying XSRF tokens."""</tt> </tt>
73<a name="L18"></a><tt class="py-lineno"> 18</tt> <tt class="py-line"> </tt>
74<a name="L19"></a><tt class="py-lineno"> 19</tt> <tt class="py-line"><tt class="py-name">__authors__</tt> <tt class="py-op">=</tt> <tt class="py-op">[</tt> </tt>
75<a name="L20"></a><tt class="py-lineno"> 20</tt> <tt class="py-line"> <tt class="py-string">'"Doug Coker" &lt;dcoker@google.com&gt;'</tt><tt class="py-op">,</tt> </tt>
76<a name="L21"></a><tt class="py-lineno"> 21</tt> <tt class="py-line"> <tt class="py-string">'"Joe Gregorio" &lt;jcgregorio@google.com&gt;'</tt><tt class="py-op">,</tt> </tt>
77<a name="L22"></a><tt class="py-lineno"> 22</tt> <tt class="py-line"><tt class="py-op">]</tt> </tt>
78<a name="L23"></a><tt class="py-lineno"> 23</tt> <tt class="py-line"> </tt>
79<a name="L24"></a><tt class="py-lineno"> 24</tt> <tt class="py-line"> </tt>
80<a name="L25"></a><tt class="py-lineno"> 25</tt> <tt class="py-line"><tt class="py-keyword">import</tt> <tt class="py-name">base64</tt> </tt>
81<a name="L26"></a><tt class="py-lineno"> 26</tt> <tt class="py-line"><tt class="py-keyword">import</tt> <tt class="py-name">hmac</tt> </tt>
82<a name="L27"></a><tt class="py-lineno"> 27</tt> <tt class="py-line"><tt class="py-keyword">import</tt> <tt class="py-name">os</tt> <tt class="py-comment"># for urandom</tt> </tt>
83<a name="L28"></a><tt class="py-lineno"> 28</tt> <tt class="py-line"><tt class="py-keyword">import</tt> <tt class="py-name">time</tt> </tt>
84<a name="L29"></a><tt class="py-lineno"> 29</tt> <tt class="py-line"> </tt>
85<a name="L30"></a><tt class="py-lineno"> 30</tt> <tt class="py-line"><tt class="py-keyword">from</tt> <tt id="link-0" class="py-name" targets="Package oauth2client=oauth2client-module.html"><a title="oauth2client" class="py-name" href="#" onclick="return doclink('link-0', 'oauth2client', 'link-0');">oauth2client</a></tt> <tt class="py-keyword">import</tt> <tt id="link-1" class="py-name" targets="Module oauth2client.util=oauth2client.util-module.html"><a title="oauth2client.util" class="py-name" href="#" onclick="return doclink('link-1', 'util', 'link-1');">util</a></tt> </tt>
86<a name="L31"></a><tt class="py-lineno"> 31</tt> <tt class="py-line"> </tt>
87<a name="L32"></a><tt class="py-lineno"> 32</tt> <tt class="py-line"> </tt>
88<a name="L33"></a><tt class="py-lineno"> 33</tt> <tt class="py-line"><tt class="py-comment"># Delimiter character</tt> </tt>
89<a name="L34"></a><tt class="py-lineno"> 34</tt> <tt class="py-line"><tt id="link-2" class="py-name" targets="Variable oauth2client.xsrfutil.DELIMITER=oauth2client.xsrfutil-module.html#DELIMITER"><a title="oauth2client.xsrfutil.DELIMITER" class="py-name" href="#" onclick="return doclink('link-2', 'DELIMITER', 'link-2');">DELIMITER</a></tt> <tt class="py-op">=</tt> <tt class="py-string">':'</tt> </tt>
90<a name="L35"></a><tt class="py-lineno"> 35</tt> <tt class="py-line"> </tt>
91<a name="L36"></a><tt class="py-lineno"> 36</tt> <tt class="py-line"><tt class="py-comment"># 1 hour in seconds</tt> </tt>
92<a name="L37"></a><tt class="py-lineno"> 37</tt> <tt class="py-line"><tt id="link-3" class="py-name" targets="Variable oauth2client.xsrfutil.DEFAULT_TIMEOUT_SECS=oauth2client.xsrfutil-module.html#DEFAULT_TIMEOUT_SECS"><a title="oauth2client.xsrfutil.DEFAULT_TIMEOUT_SECS" class="py-name" href="#" onclick="return doclink('link-3', 'DEFAULT_TIMEOUT_SECS', 'link-3');">DEFAULT_TIMEOUT_SECS</a></tt> <tt class="py-op">=</tt> <tt class="py-number">1</tt><tt class="py-op">*</tt><tt class="py-number">60</tt><tt class="py-op">*</tt><tt class="py-number">60</tt> </tt>
93<a name="generate_token"></a><div id="generate_token-def"><a name="L38"></a><tt class="py-lineno"> 38</tt> <tt class="py-line"> </tt>
94<a name="L39"></a><tt class="py-lineno"> 39</tt> <tt class="py-line"><tt class="py-decorator">@</tt><tt class="py-decorator">util</tt><tt class="py-op">.</tt><tt id="link-4" class="py-name" targets="Function oauth2client.util.positional()=oauth2client.util-module.html#positional"><a title="oauth2client.util.positional" class="py-name" href="#" onclick="return doclink('link-4', 'positional', 'link-4');">positional</a></tt><tt class="py-op">(</tt><tt class="py-number">2</tt><tt class="py-op">)</tt> </tt>
95<a name="L40"></a><tt class="py-lineno"> 40</tt> <a class="py-toggle" href="#" id="generate_token-toggle" onclick="return toggle('generate_token');">-</a><tt class="py-line"><tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.xsrfutil-module.html#generate_token">generate_token</a><tt class="py-op">(</tt><tt class="py-param">key</tt><tt class="py-op">,</tt> <tt class="py-param">user_id</tt><tt class="py-op">,</tt> <tt class="py-param">action_id</tt><tt class="py-op">=</tt><tt class="py-string">""</tt><tt class="py-op">,</tt> <tt class="py-param">when</tt><tt class="py-op">=</tt><tt class="py-name">None</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
96</div><div id="generate_token-collapsed" style="display:none;" pad="+++" indent="++++"></div><div id="generate_token-expanded"><a name="L41"></a><tt class="py-lineno"> 41</tt> <tt class="py-line"> <tt class="py-docstring">"""Generates a URL-safe token for the given user, action, time tuple.</tt> </tt>
97<a name="L42"></a><tt class="py-lineno"> 42</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
98<a name="L43"></a><tt class="py-lineno"> 43</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
99<a name="L44"></a><tt class="py-lineno"> 44</tt> <tt class="py-line"><tt class="py-docstring"> key: secret key to use.</tt> </tt>
100<a name="L45"></a><tt class="py-lineno"> 45</tt> <tt class="py-line"><tt class="py-docstring"> user_id: the user ID of the authenticated user.</tt> </tt>
101<a name="L46"></a><tt class="py-lineno"> 46</tt> <tt class="py-line"><tt class="py-docstring"> action_id: a string identifier of the action they requested</tt> </tt>
102<a name="L47"></a><tt class="py-lineno"> 47</tt> <tt class="py-line"><tt class="py-docstring"> authorization for.</tt> </tt>
103<a name="L48"></a><tt class="py-lineno"> 48</tt> <tt class="py-line"><tt class="py-docstring"> when: the time in seconds since the epoch at which the user was</tt> </tt>
104<a name="L49"></a><tt class="py-lineno"> 49</tt> <tt class="py-line"><tt class="py-docstring"> authorized for this action. If not set the current time is used.</tt> </tt>
105<a name="L50"></a><tt class="py-lineno"> 50</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
106<a name="L51"></a><tt class="py-lineno"> 51</tt> <tt class="py-line"><tt class="py-docstring"> Returns:</tt> </tt>
107<a name="L52"></a><tt class="py-lineno"> 52</tt> <tt class="py-line"><tt class="py-docstring"> A string XSRF protection token.</tt> </tt>
108<a name="L53"></a><tt class="py-lineno"> 53</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
109<a name="L54"></a><tt class="py-lineno"> 54</tt> <tt class="py-line"> <tt class="py-name">when</tt> <tt class="py-op">=</tt> <tt class="py-name">when</tt> <tt class="py-keyword">or</tt> <tt class="py-name">int</tt><tt class="py-op">(</tt><tt class="py-name">time</tt><tt class="py-op">.</tt><tt class="py-name">time</tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
110<a name="L55"></a><tt class="py-lineno"> 55</tt> <tt class="py-line"> <tt class="py-name">digester</tt> <tt class="py-op">=</tt> <tt class="py-name">hmac</tt><tt class="py-op">.</tt><tt class="py-name">new</tt><tt class="py-op">(</tt><tt class="py-name">key</tt><tt class="py-op">)</tt> </tt>
111<a name="L56"></a><tt class="py-lineno"> 56</tt> <tt class="py-line"> <tt class="py-name">digester</tt><tt class="py-op">.</tt><tt class="py-name">update</tt><tt class="py-op">(</tt><tt class="py-name">str</tt><tt class="py-op">(</tt><tt class="py-name">user_id</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
112<a name="L57"></a><tt class="py-lineno"> 57</tt> <tt class="py-line"> <tt class="py-name">digester</tt><tt class="py-op">.</tt><tt class="py-name">update</tt><tt class="py-op">(</tt><tt id="link-5" class="py-name"><a title="oauth2client.xsrfutil.DELIMITER" class="py-name" href="#" onclick="return doclink('link-5', 'DELIMITER', 'link-2');">DELIMITER</a></tt><tt class="py-op">)</tt> </tt>
113<a name="L58"></a><tt class="py-lineno"> 58</tt> <tt class="py-line"> <tt class="py-name">digester</tt><tt class="py-op">.</tt><tt class="py-name">update</tt><tt class="py-op">(</tt><tt class="py-name">action_id</tt><tt class="py-op">)</tt> </tt>
114<a name="L59"></a><tt class="py-lineno"> 59</tt> <tt class="py-line"> <tt class="py-name">digester</tt><tt class="py-op">.</tt><tt class="py-name">update</tt><tt class="py-op">(</tt><tt id="link-6" class="py-name"><a title="oauth2client.xsrfutil.DELIMITER" class="py-name" href="#" onclick="return doclink('link-6', 'DELIMITER', 'link-2');">DELIMITER</a></tt><tt class="py-op">)</tt> </tt>
115<a name="L60"></a><tt class="py-lineno"> 60</tt> <tt class="py-line"> <tt class="py-name">digester</tt><tt class="py-op">.</tt><tt class="py-name">update</tt><tt class="py-op">(</tt><tt class="py-name">str</tt><tt class="py-op">(</tt><tt class="py-name">when</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
116<a name="L61"></a><tt class="py-lineno"> 61</tt> <tt class="py-line"> <tt class="py-name">digest</tt> <tt class="py-op">=</tt> <tt class="py-name">digester</tt><tt class="py-op">.</tt><tt class="py-name">digest</tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
117<a name="L62"></a><tt class="py-lineno"> 62</tt> <tt class="py-line"> </tt>
118<a name="L63"></a><tt class="py-lineno"> 63</tt> <tt class="py-line"> <tt class="py-name">token</tt> <tt class="py-op">=</tt> <tt class="py-name">base64</tt><tt class="py-op">.</tt><tt class="py-name">urlsafe_b64encode</tt><tt class="py-op">(</tt><tt class="py-string">'%s%s%d'</tt> <tt class="py-op">%</tt> <tt class="py-op">(</tt><tt class="py-name">digest</tt><tt class="py-op">,</tt> </tt>
119<a name="L64"></a><tt class="py-lineno"> 64</tt> <tt class="py-line"> <tt id="link-7" class="py-name"><a title="oauth2client.xsrfutil.DELIMITER" class="py-name" href="#" onclick="return doclink('link-7', 'DELIMITER', 'link-2');">DELIMITER</a></tt><tt class="py-op">,</tt> </tt>
120<a name="L65"></a><tt class="py-lineno"> 65</tt> <tt class="py-line"> <tt class="py-name">when</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
121<a name="L66"></a><tt class="py-lineno"> 66</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt class="py-name">token</tt> </tt>
122</div><a name="L67"></a><tt class="py-lineno"> 67</tt> <tt class="py-line"> </tt>
123<a name="validate_token"></a><div id="validate_token-def"><a name="L68"></a><tt class="py-lineno"> 68</tt> <tt class="py-line"> </tt>
124<a name="L69"></a><tt class="py-lineno"> 69</tt> <tt class="py-line"><tt class="py-decorator">@</tt><tt class="py-decorator">util</tt><tt class="py-op">.</tt><tt id="link-8" class="py-name"><a title="oauth2client.util.positional" class="py-name" href="#" onclick="return doclink('link-8', 'positional', 'link-4');">positional</a></tt><tt class="py-op">(</tt><tt class="py-number">3</tt><tt class="py-op">)</tt> </tt>
125<a name="L70"></a><tt class="py-lineno"> 70</tt> <a class="py-toggle" href="#" id="validate_token-toggle" onclick="return toggle('validate_token');">-</a><tt class="py-line"><tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.xsrfutil-module.html#validate_token">validate_token</a><tt class="py-op">(</tt><tt class="py-param">key</tt><tt class="py-op">,</tt> <tt class="py-param">token</tt><tt class="py-op">,</tt> <tt class="py-param">user_id</tt><tt class="py-op">,</tt> <tt class="py-param">action_id</tt><tt class="py-op">=</tt><tt class="py-string">""</tt><tt class="py-op">,</tt> <tt class="py-param">current_time</tt><tt class="py-op">=</tt><tt class="py-name">None</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
126</div><div id="validate_token-collapsed" style="display:none;" pad="+++" indent="++++"></div><div id="validate_token-expanded"><a name="L71"></a><tt class="py-lineno"> 71</tt> <tt class="py-line"> <tt class="py-docstring">"""Validates that the given token authorizes the user for the action.</tt> </tt>
127<a name="L72"></a><tt class="py-lineno"> 72</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
128<a name="L73"></a><tt class="py-lineno"> 73</tt> <tt class="py-line"><tt class="py-docstring"> Tokens are invalid if the time of issue is too old or if the token</tt> </tt>
129<a name="L74"></a><tt class="py-lineno"> 74</tt> <tt class="py-line"><tt class="py-docstring"> does not match what generateToken outputs (i.e. the token was forged).</tt> </tt>
130<a name="L75"></a><tt class="py-lineno"> 75</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
131<a name="L76"></a><tt class="py-lineno"> 76</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
132<a name="L77"></a><tt class="py-lineno"> 77</tt> <tt class="py-line"><tt class="py-docstring"> key: secret key to use.</tt> </tt>
133<a name="L78"></a><tt class="py-lineno"> 78</tt> <tt class="py-line"><tt class="py-docstring"> token: a string of the token generated by generateToken.</tt> </tt>
134<a name="L79"></a><tt class="py-lineno"> 79</tt> <tt class="py-line"><tt class="py-docstring"> user_id: the user ID of the authenticated user.</tt> </tt>
135<a name="L80"></a><tt class="py-lineno"> 80</tt> <tt class="py-line"><tt class="py-docstring"> action_id: a string identifier of the action they requested</tt> </tt>
136<a name="L81"></a><tt class="py-lineno"> 81</tt> <tt class="py-line"><tt class="py-docstring"> authorization for.</tt> </tt>
137<a name="L82"></a><tt class="py-lineno"> 82</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
138<a name="L83"></a><tt class="py-lineno"> 83</tt> <tt class="py-line"><tt class="py-docstring"> Returns:</tt> </tt>
139<a name="L84"></a><tt class="py-lineno"> 84</tt> <tt class="py-line"><tt class="py-docstring"> A boolean - True if the user is authorized for the action, False</tt> </tt>
140<a name="L85"></a><tt class="py-lineno"> 85</tt> <tt class="py-line"><tt class="py-docstring"> otherwise.</tt> </tt>
141<a name="L86"></a><tt class="py-lineno"> 86</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
142<a name="L87"></a><tt class="py-lineno"> 87</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-keyword">not</tt> <tt class="py-name">token</tt><tt class="py-op">:</tt> </tt>
143<a name="L88"></a><tt class="py-lineno"> 88</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt class="py-name">False</tt> </tt>
144<a name="L89"></a><tt class="py-lineno"> 89</tt> <tt class="py-line"> <tt class="py-keyword">try</tt><tt class="py-op">:</tt> </tt>
145<a name="L90"></a><tt class="py-lineno"> 90</tt> <tt class="py-line"> <tt class="py-name">decoded</tt> <tt class="py-op">=</tt> <tt class="py-name">base64</tt><tt class="py-op">.</tt><tt class="py-name">urlsafe_b64decode</tt><tt class="py-op">(</tt><tt class="py-name">str</tt><tt class="py-op">(</tt><tt class="py-name">token</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
146<a name="L91"></a><tt class="py-lineno"> 91</tt> <tt class="py-line"> <tt class="py-name">token_time</tt> <tt class="py-op">=</tt> <tt class="py-name">long</tt><tt class="py-op">(</tt><tt class="py-name">decoded</tt><tt class="py-op">.</tt><tt class="py-name">split</tt><tt class="py-op">(</tt><tt id="link-9" class="py-name"><a title="oauth2client.xsrfutil.DELIMITER" class="py-name" href="#" onclick="return doclink('link-9', 'DELIMITER', 'link-2');">DELIMITER</a></tt><tt class="py-op">)</tt><tt class="py-op">[</tt><tt class="py-op">-</tt><tt class="py-number">1</tt><tt class="py-op">]</tt><tt class="py-op">)</tt> </tt>
147<a name="L92"></a><tt class="py-lineno"> 92</tt> <tt class="py-line"> <tt class="py-keyword">except</tt> <tt class="py-op">(</tt><tt class="py-name">TypeError</tt><tt class="py-op">,</tt> <tt class="py-name">ValueError</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
148<a name="L93"></a><tt class="py-lineno"> 93</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt class="py-name">False</tt> </tt>
149<a name="L94"></a><tt class="py-lineno"> 94</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-name">current_time</tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
150<a name="L95"></a><tt class="py-lineno"> 95</tt> <tt class="py-line"> <tt class="py-name">current_time</tt> <tt class="py-op">=</tt> <tt class="py-name">time</tt><tt class="py-op">.</tt><tt class="py-name">time</tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
151<a name="L96"></a><tt class="py-lineno"> 96</tt> <tt class="py-line"> <tt class="py-comment"># If the token is too old it's not valid.</tt> </tt>
152<a name="L97"></a><tt class="py-lineno"> 97</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-name">current_time</tt> <tt class="py-op">-</tt> <tt class="py-name">token_time</tt> <tt class="py-op">&gt;</tt> <tt id="link-10" class="py-name"><a title="oauth2client.xsrfutil.DEFAULT_TIMEOUT_SECS" class="py-name" href="#" onclick="return doclink('link-10', 'DEFAULT_TIMEOUT_SECS', 'link-3');">DEFAULT_TIMEOUT_SECS</a></tt><tt class="py-op">:</tt> </tt>
153<a name="L98"></a><tt class="py-lineno"> 98</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt class="py-name">False</tt> </tt>
154<a name="L99"></a><tt class="py-lineno"> 99</tt> <tt class="py-line"> </tt>
155<a name="L100"></a><tt class="py-lineno">100</tt> <tt class="py-line"> <tt class="py-comment"># The given token should match the generated one with the same time.</tt> </tt>
Joe Gregoriof4839b02012-09-06 13:47:24 -0400[diff] [blame^]156<a name="L101"></a><tt class="py-lineno">101</tt> <tt class="py-line"> <tt class="py-name">expected_token</tt> <tt class="py-op">=</tt> <tt id="link-11" class="py-name" targets="Function oauth2client.xsrfutil.generate_token()=oauth2client.xsrfutil-module.html#generate_token"><a title="oauth2client.xsrfutil.generate_token" class="py-name" href="#" onclick="return doclink('link-11', 'generate_token', 'link-11');">generate_token</a></tt><tt class="py-op">(</tt><tt class="py-name">key</tt><tt class="py-op">,</tt> <tt class="py-name">user_id</tt><tt class="py-op">,</tt> <tt class="py-name">action_id</tt><tt class="py-op">=</tt><tt class="py-name">action_id</tt><tt class="py-op">,</tt> </tt>
Joe Gregorio1b425aa2012-08-24 12:04:34 -0400[diff] [blame]157<a name="L102"></a><tt class="py-lineno">102</tt> <tt class="py-line"> <tt class="py-name">when</tt><tt class="py-op">=</tt><tt class="py-name">token_time</tt><tt class="py-op">)</tt> </tt>
158<a name="L103"></a><tt class="py-lineno">103</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-name">token</tt> <tt class="py-op">!=</tt> <tt class="py-name">expected_token</tt><tt class="py-op">:</tt> </tt>
159<a name="L104"></a><tt class="py-lineno">104</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt class="py-name">False</tt> </tt>
160<a name="L105"></a><tt class="py-lineno">105</tt> <tt class="py-line"> </tt>
161<a name="L106"></a><tt class="py-lineno">106</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt class="py-name">True</tt> </tt>
162</div><a name="L107"></a><tt class="py-lineno">107</tt> <tt class="py-line"> </tt><script type="text/javascript">
163<!--
164expandto(location.href);
165// -->
166</script>
167</pre>
168<br />
169<!-- ==================== NAVIGATION BAR ==================== -->
170<table class="navbar" border="0" width="100%" cellpadding="0"
171 bgcolor="#a0c0ff" cellspacing="0">
172 <tr valign="middle">
173
174 <!-- Tree link -->
175 <th>&nbsp;&nbsp;&nbsp;<a
176 href="module-tree.html">Trees</a>&nbsp;&nbsp;&nbsp;</th>
177
178 <!-- Index link -->
179 <th>&nbsp;&nbsp;&nbsp;<a
180 href="identifier-index.html">Indices</a>&nbsp;&nbsp;&nbsp;</th>
181
182 <!-- Help link -->
183 <th>&nbsp;&nbsp;&nbsp;<a
184 href="help.html">Help</a>&nbsp;&nbsp;&nbsp;</th>
185
186 <th class="navbar" width="100%"></th>
187 </tr>
188</table>
189<table border="0" cellpadding="0" cellspacing="0" width="100%%">
190 <tr>
191 <td align="left" class="footer">
Joe Gregoriof4839b02012-09-06 13:47:24 -0400[diff] [blame^]192 Generated by Epydoc 3.0.1 on Thu Sep 6 13:36:16 2012
Joe Gregorio1b425aa2012-08-24 12:04:34 -0400[diff] [blame]193 </td>
194 <td align="right" class="footer">
195 <a target="mainFrame" href="http://epydoc.sourceforge.net"
196 >http://epydoc.sourceforge.net</a>
197 </td>
198 </tr>
199</table>
200
201<script type="text/javascript">
202 <!--
203 // Private objects are initially displayed (because if
204 // javascript is turned off then we want them to be
205 // visible); but by default, we want to hide them. So hide
206 // them unless we have a cookie that says to show them.
207 checkCookie();
208 // -->
209</script>
210</body>
211</html>