diff options
author | wil paredes <code@dystedium.com> | 2014-02-07 00:07:33 -0800 |
---|---|---|
committer | wil paredes <code@dystedium.com> | 2014-02-07 00:07:33 -0800 |
commit | b87bad733d4b2eef81967f98602cfdbb0997fb72 (patch) | |
tree | 5819bf8886f8c6f0d7a7d993a00f6382006793f0 | |
parent | 3bade2705b75909e7e589723d7d61c808fe16d3d (diff) | |
download | pyjwt-b87bad733d4b2eef81967f98602cfdbb0997fb72.tar.gz |
refactor decode(), fix setup.py for automated sdist builds
* split decode() internals into load() and verify_signature()
* pull code out of read() function in setup.py so it doesn't
fail when using distutils.core.run_setup() to build an archive
* the setup.py change also uses with so file closing is automatic
-rw-r--r-- | jwt/__init__.py | 51 | ||||
-rwxr-xr-x | setup.py | 7 |
2 files changed, 36 insertions, 22 deletions
diff --git a/jwt/__init__.py b/jwt/__init__.py index 708d7ca..4e1d5d2 100644 --- a/jwt/__init__.py +++ b/jwt/__init__.py @@ -137,6 +137,16 @@ def encode(payload, key, algorithm='HS256'): def decode(jwt, key='', verify=True, verify_expiration=True, leeway=0): + payload, signing_input, header, signature = load(jwt) + + if verify: + verify_signature(payload, signing_input, header, signature, key, + verify_expiration, leeway) + + return payload + + +def load(jwt): if isinstance(jwt, unicode): jwt = jwt.encode('utf-8') try: @@ -168,22 +178,25 @@ def decode(jwt, key='', verify=True, verify_expiration=True, leeway=0): except (TypeError, binascii.Error): raise DecodeError("Invalid crypto padding") - if verify: - try: - if isinstance(key, unicode): - key = key.encode('utf-8') - if header['alg'].startswith('HS'): - expected = verify_methods[header['alg']](signing_input, key) - if not constant_time_compare(signature, expected): - raise DecodeError("Signature verification failed") - else: - if not verify_methods[header['alg']](signing_input, key, signature): - raise DecodeError("Signature verification failed") - except KeyError: - raise DecodeError("Algorithm not supported") - - if 'exp' in payload and verify_expiration: - utc_timestamp = timegm(datetime.utcnow().utctimetuple()) - if payload['exp'] < (utc_timestamp - leeway): - raise ExpiredSignature("Signature has expired") - return payload + return (payload, signing_input, header, signature) + + +def verify_signature(payload, signing_input, header, signature, key='', + verify_expiration=True, leeway=0): + try: + if isinstance(key, unicode): + key = key.encode('utf-8') + if header['alg'].startswith('HS'): + expected = verify_methods[header['alg']](signing_input, key) + if not constant_time_compare(signature, expected): + raise DecodeError("Signature verification failed") + else: + if not verify_methods[header['alg']](signing_input, key, signature): + raise DecodeError("Signature verification failed") + except KeyError: + raise DecodeError("Algorithm not supported") + + if 'exp' in payload and verify_expiration: + utc_timestamp = timegm(datetime.utcnow().utctimetuple()) + if payload['exp'] < (utc_timestamp - leeway): + raise ExpiredSignature("Signature has expired") @@ -3,8 +3,9 @@ import os from setuptools import setup -def read(fname): - return open(os.path.join(os.path.dirname(__file__), fname)).read() +with open(os.path.join(os.path.dirname(__file__), 'README.md')) as readme: + long_description = readme.read() + setup( name="PyJWT", @@ -17,7 +18,7 @@ setup( url="http://github.com/progrium/pyjwt", packages=['jwt'], scripts=['bin/jwt'], - long_description=read('README.md'), + long_description=long_description, classifiers=[ "Development Status :: 3 - Alpha", "License :: OSI Approved :: MIT License", |