Ticket #16182: 16182-increased-signing-precision-3.diff

File 16182-increased-signing-precision-3.diff, 3.1 KB (added by andrewgodwin, 4 years ago)

Modified patch to use time_func

  • django/core/signing.py

     
    158158
    159159
    160160class TimestampSigner(Signer):
     161    def __init__(self, *args, **kwargs):
     162        self.time_func = kwargs.pop('time', time.time)
     163        super(TimestampSigner, self).__init__(*args, **kwargs)
     164   
    161165    def timestamp(self):
    162         return baseconv.base62.encode(int(time.time()))
     166        return baseconv.base62.encode(int(self.time_func() * 10000))
    163167
    164168    def sign(self, value):
    165169        value = smart_str('%s%s%s' % (value, self.sep, self.timestamp()))
     
    168172    def unsign(self, value, max_age=None):
    169173        result =  super(TimestampSigner, self).unsign(value)
    170174        value, timestamp = result.rsplit(self.sep, 1)
    171         timestamp = baseconv.base62.decode(timestamp)
     175        timestamp = baseconv.base62.decode(timestamp) / 10000.0
    172176        if max_age is not None:
    173177            # Check timestamp is not older than max_age
    174             age = time.time() - timestamp
     178            age = self.time_func() - timestamp
    175179            if age > max_age:
    176180                raise SignatureExpired(
    177181                    'Signature age %s > %s seconds' % (age, max_age))
  • tests/regressiontests/signing/tests.py

     
    9898
    9999    def test_timestamp_signer(self):
    100100        value = u'hello'
    101         _time = time.time
    102         time.time = lambda: 123456789
    103         try:
    104             signer = signing.TimestampSigner('predictable-key')
    105             ts = signer.sign(value)
    106             self.assertNotEqual(ts,
    107                 signing.Signer('predictable-key').sign(value))
     101        signer = signing.TimestampSigner('predictable-key',
     102            time=lambda: 123456789)
     103        ts = signer.sign(value)
     104        self.assertNotEqual(ts,
     105            signing.Signer('predictable-key').sign(value))
    108106
    109             self.assertEqual(signer.unsign(ts), value)
    110             time.time = lambda: 123456800
    111             self.assertEqual(signer.unsign(ts, max_age=12), value)
    112             self.assertEqual(signer.unsign(ts, max_age=11), value)
    113             self.assertRaises(
    114                 signing.SignatureExpired, signer.unsign, ts, max_age=10)
    115         finally:
    116             time.time = _time
     107        self.assertEqual(signer.unsign(ts), value)
     108        signer = signing.TimestampSigner('predictable-key',
     109            time=lambda: 123456800)
     110        self.assertEqual(signer.unsign(ts, max_age=12), value)
     111        self.assertEqual(signer.unsign(ts, max_age=11), value)
     112        self.assertRaises(
     113            signing.SignatureExpired, signer.unsign, ts, max_age=10)
     114   
     115    def test_timestamp_precision(self):
     116        one = signing.TimestampSigner('key', time=lambda: 123.4567).sign('v')
     117        two = signing.TimestampSigner('key', time=lambda: 123.4568).sign('v')
     118        self.assertNotEqual(one, two)
Back to Top