MCPcopy
hub / github.com/tornadoweb/tornado / _decode_xsrf_token

Method _decode_xsrf_token

tornado/web.py:1621–1655  ·  view source on GitHub ↗

Convert a cookie string into a the tuple form returned by _get_raw_xsrf_token.

(
        self, cookie: str
    )

Source from the content-addressed store, hash-verified

1619 return self._raw_xsrf_token
1620
1621 def _decode_xsrf_token(
1622 self, cookie: str
1623 ) -> Tuple[Optional[int], Optional[bytes], Optional[float]]:
1624 """Convert a cookie string into a the tuple form returned by
1625 _get_raw_xsrf_token.
1626 """
1627
1628 try:
1629 m = _signed_value_version_re.match(utf8(cookie))
1630
1631 if m:
1632 version = int(m.group(1))
1633 if version == 2:
1634 _, mask_str, masked_token, timestamp_str = cookie.split("|")
1635
1636 mask = binascii.a2b_hex(utf8(mask_str))
1637 token = _websocket_mask(mask, binascii.a2b_hex(utf8(masked_token)))
1638 timestamp = int(timestamp_str)
1639 return version, token, timestamp
1640 else:
1641 # Treat unknown versions as not present instead of failing.
1642 raise Exception("Unknown xsrf cookie version")
1643 else:
1644 version = 1
1645 try:
1646 token = binascii.a2b_hex(utf8(cookie))
1647 except (binascii.Error, TypeError):
1648 token = utf8(cookie)
1649 # We don't have a usable timestamp in older versions.
1650 timestamp = int(time.time())
1651 return (version, token, timestamp)
1652 except Exception:
1653 # Catch exceptions and return nothing instead of failing.
1654 gen_log.debug("Uncaught exception in _decode_xsrf_token", exc_info=True)
1655 return None, None, None
1656
1657 def check_xsrf_cookie(self) -> None:
1658 """Verifies that the ``_xsrf`` cookie matches the ``_xsrf`` argument.

Callers 2

_get_raw_xsrf_tokenMethod · 0.95
check_xsrf_cookieMethod · 0.95

Calls 4

utf8Function · 0.90
splitMethod · 0.80
timeMethod · 0.80
matchMethod · 0.45

Tested by

no test coverage detected