expired signature test added, check corrected
parent
5d1a7628fd
commit
a5d5dde58b
|
@ -167,7 +167,7 @@ class HTTPSignatureAuth(requests.auth.AuthBase):
|
|||
key = key_resolver(key_id=sig_struct["keyId"], algorithm=sig_struct["algorithm"])
|
||||
Crypto(sig_struct["algorithm"]).verify(sig, sts, key)
|
||||
if expires_timestamp is not None:
|
||||
assert expires_timestamp > created_timestamp
|
||||
assert expires_timestamp > int(time.time())
|
||||
|
||||
|
||||
class HTTPSignatureHeaderAuth(HTTPSignatureAuth):
|
||||
|
|
17
test/test.py
17
test/test.py
|
@ -3,6 +3,7 @@
|
|||
from __future__ import absolute_import, division, print_function
|
||||
|
||||
import os, sys, unittest, logging, base64
|
||||
from datetime import timedelta
|
||||
|
||||
import requests
|
||||
from requests.adapters import HTTPAdapter
|
||||
|
@ -65,6 +66,22 @@ class TestRequestsHTTPSignature(unittest.TestCase):
|
|||
self.session.get(url,
|
||||
auth=HTTPSignatureAuth(key=hmac_secret[::-1], key_id="sekret", headers=["date", "digest"]))
|
||||
|
||||
def test_expired_signature(self):
|
||||
with self.assertRaises(AssertionError):
|
||||
preshared_key_id = 'squirrel'
|
||||
preshared_secret = 'monorail_cat'
|
||||
one_month = timedelta(days=-30)
|
||||
headers = ["(expires)"]
|
||||
auth = HTTPSignatureAuth(key=preshared_secret, key_id=preshared_key_id,
|
||||
expires_in=one_month, headers=headers)
|
||||
|
||||
def key_resolver(key_id, algorithm):
|
||||
return preshared_secret
|
||||
|
||||
url = 'http://example.com/path'
|
||||
response = requests.get(url, auth=auth)
|
||||
HTTPSignatureAuth.verify(response.request, key_resolver=key_resolver)
|
||||
|
||||
def test_rfc_examples(self):
|
||||
# The date in the RFC is wrong (2014 instead of 2012).
|
||||
# See https://github.com/joyent/node-http-signature/issues/54
|
||||
|
|
Loading…
Reference in New Issue