Trang chủ Khám phá Trợ giúp
Đăng nhập
yangck
/
celery
1
0
Fork 0
Các tập tin Các vấn đề 0 Yêu cầu khéo về 0 Wiki
Tree: 9a4d2acf1b
Branches Tags
celery
/
celery
/
security
/
serialization.py

serialization.py 2.4 KB
Lịch sử Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172 
  1. from __future__ import absolute_import
    2. 

  2. 

  3. import anyjson
    4. 

  4. import base64
    5. 

  5. 

  6. from kombu.serialization import registry
    7. 

  7. 

  8. from ..exceptions import SecurityError
    9. 

  9. from ..utils.encoding import bytes_to_str, str_to_bytes
    10. 

  10. 

  11. from .certificate import Certificate, FSCertStore
    12. 

  12. from .key import PrivateKey
    13. 

  13. 

  14. 

  15. def b64encode(s):
    16. 

  16.     return bytes_to_str(base64.b64encode(str_to_bytes(s)))
    17. 

  17. 

  18. 

  19. def b64decode(s):
    20. 

  20.     return base64.b64decode(str_to_bytes(s))
    21. 

  21. 

  22. 

  23. class SecureSerializer(object):
    24. 

  24. 

  25.     def __init__(self, key=None, cert=None, cert_store=None,
    26. 

  26.             serialize=anyjson.serialize,
    27. 

  27.             deserialize=anyjson.deserialize,
    28. 

  28.             digest='sha1'):
    29. 

  29.         self._key = key
    30. 

  30.         self._cert = cert
    31. 

  31.         self._cert_store = cert_store
    32. 

  32.         self._serialize = serialize
    33. 

  33.         self._deserialize = deserialize
    34. 

  34.         self._digest = digest
    35. 

  35. 

  36.     def serialize(self, data):
    37. 

  37.         """serialize data structure into string"""
    38. 

  38.         assert self._key is not None
    39. 

  39.         assert self._cert is not None
    40. 

  40.         try:
    41. 

  41.             data = self._serialize(data)
    42. 

  42.             signature = b64encode(self._key.sign(data, self._digest))
    43. 

  43.             signer = self._cert.get_id()
    44. 

  44.             return self._serialize(dict(data=data,
    45. 

  45.                                         signer=signer,
    46. 

  46.                                         signature=signature))
    47. 

  47.         except Exception, exc:
    48. 

  48.             raise SecurityError("Unable to serialize: %r" % (exc, ))
    49. 

  49. 

  50.     def deserialize(self, data):
    51. 

  51.         """deserialize data structure from string"""
    52. 

  52.         assert self._cert_store is not None
    53. 

  53.         try:
    54. 

  54.             data = self._deserialize(data)
    55. 

  55.             signature = b64decode(data["signature"])
    56. 

  56.             signer = data["signer"]
    57. 

  57.             data = data["data"]
    58. 

  58.             self._cert_store[signer].verify(data, signature, self._digest)
    59. 

  59.             return self._deserialize(data)
    60. 

  60.         except Exception, exc:
    61. 

  61.             raise SecurityError("Unable to deserialize: %r" % (exc, ))
    62. 

  62. 

  63. 

  64. def register_auth(key=None, cert=None, store=None):
    65. 

  65.     """register security serializer"""
    66. 

  66.     s = SecureSerializer(key and PrivateKey(key),
    67. 

  67.                          cert and Certificate(cert),
    68. 

  68.                          store and FSCertStore(store),
    69. 

  69.                          anyjson.serialize, anyjson.deserialize)
    70. 

  70.     registry.register("auth", s.serialize, s.deserialize,
    71. 

  71.                       content_type="application/data",
    72. 

  72.                       content_encoding="utf-8")
    73.