diff options
author | Hoylen Sue <hoylen@hoylen.com> | 2017-01-20 15:47:56 +1000 |
---|---|---|
committer | Hoylen Sue <hoylen@hoylen.com> | 2017-08-01 22:25:11 +1000 |
commit | f30123a4705730e686bc9ae9284f3cb22d63ff84 (patch) | |
tree | 8269d2e0f3794ec117332e51fe071ea87f8343a5 /oauthlib/oauth1 | |
parent | 5c05aa0fe0d9277acf557eb243c8164c8695a391 (diff) | |
download | oauthlib-f30123a4705730e686bc9ae9284f3cb22d63ff84.tar.gz |
Extra logging for verifying signatures.
Diffstat (limited to 'oauthlib/oauth1')
-rw-r--r-- | oauthlib/oauth1/rfc5849/__init__.py | 2 | ||||
-rw-r--r-- | oauthlib/oauth1/rfc5849/signature.py | 19 |
2 files changed, 17 insertions, 4 deletions
diff --git a/oauthlib/oauth1/rfc5849/__init__.py b/oauthlib/oauth1/rfc5849/__init__.py index 997251e..06902e2 100644 --- a/oauthlib/oauth1/rfc5849/__init__.py +++ b/oauthlib/oauth1/rfc5849/__init__.py @@ -143,7 +143,7 @@ class Client(object): base_string = signature.construct_base_string(request.http_method, normalized_uri, normalized_params) - log.debug("Base signing string: {0}".format(base_string)) + log.debug("Signing: signature base string: {0}".format(base_string)) if self.signature_method not in self.SIGNATURE_METHODS: raise ValueError('Invalid signature method.') diff --git a/oauthlib/oauth1/rfc5849/signature.py b/oauthlib/oauth1/rfc5849/signature.py index 8fa22ba..6bf3e77 100644 --- a/oauthlib/oauth1/rfc5849/signature.py +++ b/oauthlib/oauth1/rfc5849/signature.py @@ -26,6 +26,8 @@ from __future__ import absolute_import, unicode_literals import binascii import hashlib import hmac +import logging + try: import urlparse except ImportError: @@ -34,6 +36,7 @@ from . import utils from oauthlib.common import urldecode, extract_params, safe_string_equals from oauthlib.common import bytes_type, unicode_type +log = logging.getLogger(__name__) def construct_base_string(http_method, base_string_uri, normalized_encoded_request_parameters): @@ -566,7 +569,11 @@ def verify_hmac_sha1(request, client_secret=None, base_string = construct_base_string(request.http_method, uri, norm_params) signature = sign_hmac_sha1(base_string, client_secret, resource_owner_secret) - return safe_string_equals(signature, request.signature) + match = safe_string_equals(signature, request.signature) + log.debug('Verify HMAC-SHA1: signature base string: {}'.format(base_string)) + log.debug('Verify HMAC-SHA1: signature matches={}'.format(match)) + return match + def _prepare_key_plus(alg, keystr): if isinstance(keystr, bytes_type): @@ -597,7 +604,11 @@ def verify_rsa_sha1(request, rsa_public_key): alg = _jwt_rs1_signing_algorithm() key = _prepare_key_plus(alg, rsa_public_key) - return alg.verify(message, key, sig) + + verify_ok = alg.verify(message, key, sig) + log.debug('Verify RSA-SHA1: signature base string: {}'.format(message)) + log.debug('Verify RSA-SHA1: signature verifies={}'.format(verify_ok)) + return verify_ok def verify_plaintext(request, client_secret=None, resource_owner_secret=None): @@ -608,4 +619,6 @@ def verify_plaintext(request, client_secret=None, resource_owner_secret=None): .. _`section 3.4`: http://tools.ietf.org/html/rfc5849#section-3.4 """ signature = sign_plaintext(client_secret, resource_owner_secret) - return safe_string_equals(signature, request.signature) + match = safe_string_equals(signature, request.signature) + log.debug('Verify PLAINTEXT: signature matches={}'.format(match)) + return match |