• Search by Module
• Search by Words
• Search Projects

• Java
• Python
• JavaScript
• TypeScript
• C++
• Scala
• Blog

• django-request-token-master
  • poetry.lock
  • CHANGELOG
  • .coveragerc
  • request_token
    • apps.py
    • middleware.py
    • decorators.py
    • exceptions.py
    • templatetags
      • request_token_tags.py
      • __init__.py
    • models.py
    • __init__.py
    • utils.py
    • migrations
      • 0010_auto_20170521_1944.py
      • 0004_remove_requesttoken_target_url.py
      • 0005_auto_20160103_1655.py
      • 0002_auto_20151227_1428.py
      • 0001_initial.py
      • 0008_convert_token_data_to_jsonfield.py
      • 0007_add_client_ipv6.py
      • 0011_update_model_meta_options.py
      • __init__.py
      • 0009_requesttokenerror.py
      • 0003_auto_20151229_1105.py
      • 0006_auto_20161104_1428.py
    • settings.py
    • admin.py
    • context_processors.py
  • .prettierrc
  • .pre-commit-config.yaml
  • LICENSE
  • manage.py
  • .editorconfig
  • .flake8
  • README.rst
  • .pylintrc
  • mypy.ini
  • .travis.yml
  • tests
    • test_utils.py
    • integration_tests.py
    • test_decorators.py
    • test_templatetags.py
    • test_middleware.py
    • templates
      • 403.html
      • test_form.html
    • test_apps.py
    • test_migrations.py
    • views.py
    • test_models.py
    • urls.py
    • __init__.py
    • settings.py
    • test_context_processors.py
    • test_admin.py
  • pytest.ini
  • pyproject.toml
  • .isort.cfg
  • .gitignore
  • tox.ini

"""Basic encode/decode utils, taken from PyJWT."""
from __future__ import annotations

import calendar
import datetime
from typing import Dict, List, Optional, Sequence

from django.conf import settings
from jwt import decode as jwt_decode
from jwt import encode as jwt_encode
from jwt import exceptions

# verification options - signature and expiry date
DEFAULT_DECODE_OPTIONS = {
    "verify_signature": True,
    "verify_exp": True,
    "verify_nbf": True,
    "verify_iat": True,
    "verify_aud": False,
    "verify_iss": False,  # we're only validating our own claims
    "require_exp": False,
    "require_iat": False,
    "require_nbf": False,
}

MANDATORY_CLAIMS = ("jti", "sub", "mod")


def check_mandatory_claims(
    payload: dict, claims: Sequence[str] = MANDATORY_CLAIMS
) -> None:
    """Check dict for mandatory claims."""
    for claim in claims:
        if claim not in payload:
            raise exceptions.MissingRequiredClaimError(claim)


def encode(payload: dict, check_claims: Sequence[str] = MANDATORY_CLAIMS) -> bytes:
    """Encode JSON payload (using SECRET_KEY)."""
    check_mandatory_claims(payload, claims=check_claims)
    return jwt_encode(payload, settings.SECRET_KEY)


def decode(
    token: bytes,
    options: Optional[Dict[str, bool]] = None,
    check_claims: Optional[Sequence[str]] = None,
    algorithms: Optional[List[str]] = None,
) -> dict:
    """Decode JWT payload and check for 'jti', 'sub' claims."""
    if not options:
        options = DEFAULT_DECODE_OPTIONS
    if not check_claims:
        check_claims = MANDATORY_CLAIMS
    if not algorithms:
        # default encode algorithm - see PyJWT.encode
        algorithms = ["HS256"]
    decoded = jwt_decode(
        token, settings.SECRET_KEY, algorithms=algorithms, options=options
    )
    check_mandatory_claims(decoded, claims=check_claims)
    return decoded


def to_seconds(timestamp: datetime.datetime) -> Optional[int]:
    """Convert timestamp into integers since epoch."""
    try:
        return calendar.timegm(timestamp.utctimetuple())
    except Exception:  # pylint: disable=broad-except
        return None