Python's module itsdangerous

Tag: Generate POS file with EBS NES support safe stdin

This module is primarily used for signature and serialization

Usage scenarios:

First, add a signature to the string:

The sender and receiver have the same key-"Secret-key", the sender uses the key to sign the sent content, the receiver uses the same key to connect to the received content to verify whether the sender sent the content

1>>> fromItsdangerousImportsigner2>>> s = signer ('Secret-key')3>>> S.sign ('my string, SSSSSSSSSS,DDDDDDDDDDDDDLSD')4 'my string, Ssssssssss,dddddddddddddlsd.nsxtxgo_umn4gklzcfcioa-dzso'5>>>6>>> S.unsign ('my string, Ssssssssss,dddddddddddddlsd.nsxtxgo_umn4gklzcfcioa-dzso')7 'my string, SSSSSSSSSS,DDDDDDDDDDDDDLSD'8>>> S.unsign ('my string, Ssss.nsxtxgo_umn4gklzcfcioa-dzso')9 Traceback (most recent):TenFile"<stdin>", Line 1,inch<module> OneFile"/usr/local/lib/python2.7/site-packages/itsdangerous.py", line 374,inchunsign APayload=value) -Itsdangerous. Badsignature:signature'Nsxtxgo_umn4gklzcfcioa-dzso'Does notMatch ->>> S.unsign ('my string, SSSSSSSSSS,DDDDDDDDDDDDDLSD.NSXTXGO_UMN4GKLZCFCIOA-DZSP') the Traceback (most recent): -File"<stdin>", Line 1,inch<module> -File"/usr/local/lib/python2.7/site-packages/itsdangerous.py", line 374,inchunsign -Payload=value) +Itsdangerous. Badsignature:signature'NSXTXGO_UMN4GKLZCFCIOA-DZSP'Does notMatch ->>>

Two, the signature with time stamp:

Signature has a certain timeliness, when the sender sends, with time information, the receiver to determine how long the time is invalid

 from Import Timestampsigner>>> s = Timestampsigner ('secret-key')> >> string = s.sign ('foo')>>> s.unsign (String, max_age=5) 
Foo
>>> s.unsign (String, max_age=5) Traceback (most recent call last):  > 5 Seconds

Third, serialization

 >>> from  itsdangerous import   serializer  >>> s = Serializer ( secret-key   "  )  >>> S.dumps ([1, 2, 3, 4  "  [1, 2, 3, 4].r7r9rhggdpvvwl3inzluiifelmo    and It can of course also load:  >>> s.loads ("  [1, 2, 3, 4].r7r9rhggdpvvwl3inzluiifelmo   " ) [ 1, 2, 3, 4]if you want to the timestamp attached You can use the Timedserializer.  

Iv. Serialization with timestamps:

>>> fromItsdangerousImportTimedserializer>>> S=timedserializer ('Secret-key')>>> S.dumps ([1,2,3,4])'[1, 2, 3, 4]. DI7WHQ.YVOJWQWAU5MVRGUVKOQA7654VXC'>>> S.loads ('[1, 2, 3, 4]. DI7WHQ.YVOJWQWAU5MVRGUVKOQA7654VXC')[1, 2, 3, 4]>>> S.loads ('[1, 2, 3, 4]. DI7WHQ.YVOJWQWAU5MVRGUVKOQA7654VXC', max_age=10) Traceback (most recent): File"<stdin>", Line 1,inch<module>File"/usr/local/lib/python2.7/site-packages/itsdangerous.py", line 643,inchloads Unsign (s, max_age, Return_timestamp=True) File"/usr/local/lib/python2.7/site-packages/itsdangerous.py", line 463,inchunsign date_signed=self.timestamp_to_datetime (timestamp)) itsdangerous. Signatureexpired:signature Age> 10seconds>>> S.loads ('[1, 2, 3, 4]. DI7WHQ.YVOJWQWAU5MVRGUVKOQA7654VXC', max_age=40)[1, 2, 3, 4]>>>

Five, URL security serialization

For scenarios that qualify strings, you can use URL-safe serialization

 from Import Urlsafeserializer>>> s = Urlsafeserializer ('secret-key') >>> S.dumps ([1, 2, 3, 4])'wzesmiwzldrd.wsphqc0gr7vuqivlsukj0ietdgo' >>> s.loads ('wzesmiwzldrd.wsphqc0gr7vuqivlsukj0ietdgo') [1, 2, 3, 4]

VI. JSON Web Signature

JSON Web Signatures

Starting with "itsdangerous" 0.18 JSON Web Signatures is also supported. They generally work very similar to the already existing URL safe serializer but would emit headers according to the Curren T Draft (Ten) of the JSON Web Signature (JWS) [ Draft-ietf-jose-json-web-signature ].

 from Import Jsonwebsignatureserializer>>> s = Jsonwebsignatureserializer ('secret-key'  )>>> s.dumps ({'x': ')'  EyJhbGciOiJIUzI1NiJ9.eyJ4Ijo0Mn0.ZdTn1YyGz9Yx5B5wNpWRL221G1WpVE5fPCPKNuc6UAo'

When loading the value back the header is not being returned by default like with the other serializers. However it is possible to also ask for the header by PASSING return_h Eader=true . Custom header fields can be provided upon serialization:

 >>> s. Dumps (0header_fields= { ' V ' : 1}) >>> s. Loads ( ' Eyjhbgcioijiuzi1niisinyiojf9.ma.wt-rzi9yu06r919vbdaf '  ...  ' tln82_iiqd70j_j-3f4z_am '  return_header=true ...  (0, {u ' alg ': U ' HS256 ', U ' V ': 1})            

"Itsdangerous" only provides HMAC SHA derivatives and the none algorithm at the moment and does don't support the ECC based Ones. The algorithm in the header was checked against the one of the serializer and on a mismatch a badsignatureexceptio N is raised.

Seven, JSON web signature with timestamp

 from Import  = Serializer ('secret-key'expires_in=60) s.dumps ({'  ID'#  User is a encapsulated object in model

 

Viii. Value of salt

The salt value here is not the same as the salt value in the encryption algorithm, where the salt value can be applied to all cases above, different salt values, generated signatures or serialized values are not the same

>>> S1 = Urlsafeserializer ('Secret-key', salt='Activate-salt')>>> S1.dumps (42)'Ndi.kubvfoougp5paifeqljbxqbftxs'>>> s2 = Urlsafeserializer ('Secret-key', salt='Upgrade-salt')>>> S2.dumps (42)'Ndi.7lx-n1p-z2vej7nt1_2bntkjgte'>>> s2.loads (S1.dumps (42) Traceback (most recent): Itsdangerous. Badsignature:signature"Kubvfoougp5paifeqljbxqbftxs"Does notMatchonly the serializer with the same salt can load the value:>>> s2.loads (S2.dumps (42))42

Refer

1, https://pythonhosted.org/itsdangerous/

2, http://itsdangerous.readthedocs.io/en/latest/

3, http://cxymrzero.github.io/blog/2015/03/18/flask-token/

Python's module itsdangerous