diff options
| author | Hoylen Sue <hoylen@hoylen.com> | 2017-01-26 10:55:42 +1000 |
|---|---|---|
| committer | Hoylen Sue <hoylen@hoylen.com> | 2017-08-01 22:25:11 +1000 |
| commit | 0c7c8fb2e0e331d7e1460f2c6476a425abf395eb (patch) | |
| tree | 64427db7e1e0cdd7c223fa8fd455f0801fa926bd | |
| parent | f30123a4705730e686bc9ae9284f3cb22d63ff84 (diff) | |
| download | oauthlib-0c7c8fb2e0e331d7e1460f2c6476a425abf395eb.tar.gz | |
Only log signature base string when verification fails.
| -rw-r--r-- | oauthlib/oauth1/rfc5849/signature.py | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/oauthlib/oauth1/rfc5849/signature.py b/oauthlib/oauth1/rfc5849/signature.py index 6bf3e77..d2da319 100644 --- a/oauthlib/oauth1/rfc5849/signature.py +++ b/oauthlib/oauth1/rfc5849/signature.py @@ -570,8 +570,8 @@ def verify_hmac_sha1(request, client_secret=None, signature = sign_hmac_sha1(base_string, client_secret, resource_owner_secret) match = safe_string_equals(signature, request.signature) - log.debug('Verify HMAC-SHA1: signature base string: {}'.format(base_string)) - log.debug('Verify HMAC-SHA1: signature matches={}'.format(match)) + if not match: + log.debug('Verify HMAC-SHA1 failed: sig base string: %s', base_string) return match @@ -606,8 +606,8 @@ def verify_rsa_sha1(request, rsa_public_key): key = _prepare_key_plus(alg, rsa_public_key) verify_ok = alg.verify(message, key, sig) - log.debug('Verify RSA-SHA1: signature base string: {}'.format(message)) - log.debug('Verify RSA-SHA1: signature verifies={}'.format(verify_ok)) + if not verify_ok: + log.debug('Verify RSA-SHA1 failed: sig base string: %s', message) return verify_ok @@ -620,5 +620,6 @@ def verify_plaintext(request, client_secret=None, resource_owner_secret=None): """ signature = sign_plaintext(client_secret, resource_owner_secret) match = safe_string_equals(signature, request.signature) - log.debug('Verify PLAINTEXT: signature matches={}'.format(match)) + if not match: + log.debug('Verify PLAINTEXT failed') return match |