Permalink
Browse files

Allow the timestamp to have an embedded 'T' as per the ISO standard.

  • Loading branch information...
1 parent fe4ab71 commit 04ca45b93e258d73ffa829a3801d05cd794e6e10 @KayEss KayEss committed Apr 2, 2012
Showing with 20 additions and 2 deletions.
  1. +4 −0 ChangeLog
  2. +2 −1 fost_authn/authentication.py
  3. +13 −0 fost_authn_debug/tests/test_authentication.py
  4. +1 −1 setup.py
View
@@ -1,3 +1,7 @@
+2012-04-02 Kirit Saelensminde <kirit@felspar.com>
+ Use the key in the Authorization header to look up the user name.
+ Allow the timestamp to have an embedded 'T' as per the ISO standard.
+
2011-10-20 Kirit Saelensminde <kirit@felspar.com>
Fixed the setup.py so that it contains the correct Python project name.
@@ -71,7 +71,8 @@ def _request_signature(backend, request, key, hmac):
logging.info("About to parse time stamp from %s",
request.META['HTTP_X_FOST_TIMESTAMP'][:19])
signed_time = datetime.strptime(
- request.META['HTTP_X_FOST_TIMESTAMP'][:19], '%Y-%m-%d %H:%M:%S')
+ request.META['HTTP_X_FOST_TIMESTAMP'][:19].replace('T', ' '),
+ '%Y-%m-%d %H:%M:%S')
utc_now = datetime.utcnow()
delta = timedelta(0, getattr(settings,
'FOST_AUTHN_MAXIMUM_CLOCK_SKEW', 300))
@@ -73,6 +73,19 @@ def test_signed_request(self):
self.assertTrue(self.request.SIGNED.has_key(key), (key, self.request.SIGNED))
+ def test_signed_request(self):
+ now = self.request.META['HTTP_X_FOST_TIMESTAMP']
+ self.request.META['HTTP_X_FOST_TIMESTAMP'] = now[:10] + 'T' + now[11:] + 'Z'
+ self.request.sign_request(self.key, self.secret())
+ key, self.hmac = self.middleware.key_hmac(self.request)
+ with mock.patch('fost_authn.authentication._forbid', self.fail):
+ result = self.backend.authenticate(request = self.request,
+ key = self.key, hmac = self.hmac)
+ self.assertTrue(hasattr(self.request, 'SIGNED'))
+ for key in ['X-FOST-Headers']:
+ self.assertTrue(self.request.SIGNED.has_key(key), (key, self.request.SIGNED))
+
+
class TestSigned(_TestBaseWithGetSecret):
"""
Perform various tests on the signed headers
View
@@ -10,7 +10,7 @@ def read(fname1, fname2):
setup(
name = "django-fost-authn",
- version = "0.3.0.1",
+ version = "0.3.0.2",
author = "Kirit Saelensminde",
author_email = "kirit@felspar.com",
url = 'https://github.com/Felspar/django-fost-authn',

0 comments on commit 04ca45b

Please sign in to comment.