utils: remove wrong limitation on secret length, make secret only required for the generate command
This commit is contained in:
parent
fe05bc40d0
commit
d533635916
|
@ -12,7 +12,6 @@ def decode_secret(secret):
|
|||
secret = secret[4:].decode('base64')
|
||||
elif secret.startswith('hex:'):
|
||||
secret = secret[4:].decode('hex')
|
||||
assert len(secret) == 20, 'secret must be 20 bytes long'
|
||||
return secret
|
||||
|
||||
def generate_domino_ltpa_token(user, secret, creation=None, expire=None,
|
||||
|
@ -61,10 +60,9 @@ if __name__ == '__main__':
|
|||
import datetime
|
||||
|
||||
parser = argparse.ArgumentParser(description='Process some integers.')
|
||||
parser.add_argument('--secret',
|
||||
required=True,
|
||||
help='secret as hex or b64 string, must be 20 bytes long, prefix '
|
||||
'with hex: or b64:')
|
||||
secret_arg = parser.add_argument('--secret',
|
||||
help='secret as plain, hex or base-64 encoded string, prefix '
|
||||
'with hex: or b64: for encoded strings')
|
||||
subparsers = parser.add_subparsers(help='sub-command help')
|
||||
|
||||
# create the parser for the "a" command
|
||||
|
@ -78,19 +76,22 @@ if __name__ == '__main__':
|
|||
parser_parse.add_argument('token', help='the LTPA cookie content')
|
||||
|
||||
args = parser.parse_args()
|
||||
if args.secret.startswith('hex:'):
|
||||
secret = args.secret[4:].decode('hex')
|
||||
elif args.secret.startswith('b64:'):
|
||||
secret = args.secret[4:].decode('base64')
|
||||
else:
|
||||
secret = args.secret
|
||||
assert len(secret) == 20, 'an LTPA secret must be 20 bytes long'
|
||||
if args.secret:
|
||||
if args.secret.startswith('hex:'):
|
||||
args.secret = args.secret[4:].decode('hex')
|
||||
elif args.secret.startswith('b64:'):
|
||||
args.secret = args.secret[4:].decode('base64')
|
||||
else:
|
||||
args.secret = args.secret
|
||||
|
||||
if args.command == 'generate':
|
||||
if not args.secret:
|
||||
raise argparse.ArgumentError(secret_arg,
|
||||
'is required to generate a token')
|
||||
print generate_domino_ltpa_token(user=args.user,
|
||||
secret=secret)
|
||||
secret=args.secret)
|
||||
elif args.command == 'parse':
|
||||
user, creation, expire = parse_token(args.token, secret=secret)
|
||||
user, creation, expire = parse_token(args.token, secret=args.secret)
|
||||
def from_timestamp(t):
|
||||
return datetime.datetime.utcfromtimestamp(t).isoformat() + 'Z'
|
||||
print 'User:', user
|
||||
|
|
Reference in New Issue