diff options
author | Hoylen Sue <hoylen@hoylen.com> | 2019-02-22 09:32:24 +1000 |
---|---|---|
committer | Hoylen Sue <hoylen@hoylen.com> | 2019-02-22 09:32:24 +1000 |
commit | 42023d8303113073e31a57e1bbf70216b7120e20 (patch) | |
tree | d484a8eace63905f25335a247184fde5a29cedcb | |
parent | 0a0a718355354f621e475b8bd8162b726d838c11 (diff) | |
download | oauthlib-42023d8303113073e31a57e1bbf70216b7120e20.tar.gz |
Renamed construct_base_string to signature_base_string.
-rw-r--r-- | oauthlib/oauth1/rfc5849/__init__.py | 2 | ||||
-rw-r--r-- | oauthlib/oauth1/rfc5849/signature.py | 23 | ||||
-rw-r--r-- | tests/oauth1/rfc5849/test_signatures.py | 12 |
3 files changed, 21 insertions, 16 deletions
diff --git a/oauthlib/oauth1/rfc5849/__init__.py b/oauthlib/oauth1/rfc5849/__init__.py index d6c44ea..4f462bb 100644 --- a/oauthlib/oauth1/rfc5849/__init__.py +++ b/oauthlib/oauth1/rfc5849/__init__.py @@ -137,7 +137,7 @@ class Client(object): log.debug("Normalized params: {0}".format(normalized_params)) log.debug("Normalized URI: {0}".format(normalized_uri)) - base_string = signature.construct_base_string(request.http_method, + base_string = signature.signature_base_string(request.http_method, normalized_uri, normalized_params) log.debug("Signing: signature base string: {0}".format(base_string)) diff --git a/oauthlib/oauth1/rfc5849/signature.py b/oauthlib/oauth1/rfc5849/signature.py index 589b68a..f899aca 100644 --- a/oauthlib/oauth1/rfc5849/signature.py +++ b/oauthlib/oauth1/rfc5849/signature.py @@ -40,9 +40,10 @@ except ImportError: log = logging.getLogger(__name__) -def construct_base_string(http_method, base_string_uri, + +def signature_base_string(http_method, base_str_uri, normalized_encoded_request_parameters): - """**String Construction** + """**Construct the signature base string.** Per `section 3.4.1.1`_ of the spec. For example, the HTTP request:: @@ -90,7 +91,7 @@ def construct_base_string(http_method, base_string_uri, # # .. _`Section 3.4.1.2`: https://tools.ietf.org/html/rfc5849#section-3.4.1.2 # .. _`Section 3.4.6`: https://tools.ietf.org/html/rfc5849#section-3.4.6 - base_string += utils.escape(base_string_uri) + base_string += utils.escape(base_str_uri) # 4. An "&" character (ASCII code 38). base_string += '&' @@ -649,12 +650,14 @@ def verify_hmac_sha1(request, client_secret=None, """ norm_params = normalize_parameters(request.params) bs_uri = base_string_uri(request.uri) - base_string = construct_base_string(request.http_method, bs_uri, norm_params) - signature = sign_hmac_sha1(base_string, client_secret, + sig_base_str = signature_base_string(request.http_method, bs_uri, + norm_params) + signature = sign_hmac_sha1(sig_base_str, client_secret, resource_owner_secret) match = safe_string_equals(signature, request.signature) if not match: - log.debug('Verify HMAC-SHA1 failed: sig base string: %s', base_string) + log.debug('Verify HMAC-SHA1 failed: signature base string: %s', + sig_base_str) return match @@ -682,15 +685,17 @@ def verify_rsa_sha1(request, rsa_public_key): """ norm_params = normalize_parameters(request.params) bs_uri = base_string_uri(request.uri) - message = construct_base_string(request.http_method, bs_uri, norm_params).encode('utf-8') + sig_base_str = signature_base_string(request.http_method, bs_uri, + norm_params).encode('utf-8') sig = binascii.a2b_base64(request.signature.encode('utf-8')) alg = _jwt_rs1_signing_algorithm() key = _prepare_key_plus(alg, rsa_public_key) - verify_ok = alg.verify(message, key, sig) + verify_ok = alg.verify(sig_base_str, key, sig) if not verify_ok: - log.debug('Verify RSA-SHA1 failed: sig base string: %s', message) + log.debug('Verify RSA-SHA1 failed: signature base string: %s', + sig_base_str) return verify_ok diff --git a/tests/oauth1/rfc5849/test_signatures.py b/tests/oauth1/rfc5849/test_signatures.py index db2c532..bb0dc78 100644 --- a/tests/oauth1/rfc5849/test_signatures.py +++ b/tests/oauth1/rfc5849/test_signatures.py @@ -3,7 +3,7 @@ from __future__ import absolute_import, unicode_literals from oauthlib.common import unicode_type from oauthlib.oauth1.rfc5849.signature import (collect_parameters, - construct_base_string, + signature_base_string, base_string_uri, normalize_parameters, sign_hmac_sha1, @@ -79,7 +79,7 @@ class SignatureTests(TestCase): resource_owner_secret = self.resource_owner_secret ) - def test_construct_base_string(self): + def test_signature_base_string(self): """ Example text to be turned into a base string:: @@ -104,20 +104,20 @@ class SignatureTests(TestCase): D%2522137131201%2522%252Coauth_nonce%253D%25227d8f3e4a%2522%252Coau th_signature%253D%2522bYT5CMsGcbgUdFHObYMEfcx6bsw%25253D%2522 """ - self.assertRaises(ValueError, construct_base_string, + self.assertRaises(ValueError, signature_base_string, self.http_method, self.base_string_url, self.normalized_encoded_request_parameters) - self.assertRaises(ValueError, construct_base_string, + self.assertRaises(ValueError, signature_base_string, self.http_method.decode('utf-8'), self.base_string_url, self.normalized_encoded_request_parameters) - self.assertRaises(ValueError, construct_base_string, + self.assertRaises(ValueError, signature_base_string, self.http_method.decode('utf-8'), self.base_string_url.decode('utf-8'), self.normalized_encoded_request_parameters) - base_string = construct_base_string( + base_string = signature_base_string( self.http_method.decode('utf-8'), self.base_string_url.decode('utf-8'), self.normalized_encoded_request_parameters.decode('utf-8') |