From 36ad98fd5e4b7358dc2aa903b6d51569bf19c5f8 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sat, 12 May 2018 11:57:32 -0400 Subject: Add support for extracting timestamp from a Fernet token (#4229) * Add API for retrieving the seconds-to-expiry for the token, given a TTL. * Process PR feedback: * Do compute the TTL, but just the age of the token. The caller can decided what to do next. * Factored out the HMAC signature verification to a separate function. * Fixed a copy&paste mistake in the test cases * Tests cleanup. * `struct` no longer needed * Document `def age()` * typo in `age()` documentation * token, not data * remove test for TTL expiry that is already covered by the parameterized `test_invalid()`. * let's call this extract_timestamp and just return timestamp * review comments * it's UNIX I know this --- tests/test_fernet.py | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'tests') diff --git a/tests/test_fernet.py b/tests/test_fernet.py index 6558d11b..75ecc356 100644 --- a/tests/test_fernet.py +++ b/tests/test_fernet.py @@ -122,6 +122,15 @@ class TestFernet(object): with pytest.raises(ValueError): Fernet(base64.urlsafe_b64encode(b"abc"), backend=backend) + def test_extract_timestamp(self, monkeypatch, backend): + f = Fernet(base64.urlsafe_b64encode(b"\x00" * 32), backend=backend) + current_time = 1526138327 + monkeypatch.setattr(time, "time", lambda: current_time) + token = f.encrypt(b'encrypt me') + assert f.extract_timestamp(token) == current_time + with pytest.raises(InvalidToken): + f.extract_timestamp(b"nonsensetoken") + @pytest.mark.requires_backend_interface(interface=CipherBackend) @pytest.mark.requires_backend_interface(interface=HMACBackend) -- cgit v1.2.3