HEX
Server: Apache/2.4.65 (Ubuntu)
System: Linux ielts-store-v2 6.8.0-1036-gcp #38~22.04.1-Ubuntu SMP Thu Aug 14 01:19:18 UTC 2025 x86_64
User: root (0)
PHP: 7.2.34-54+ubuntu20.04.1+deb.sury.org+1
Disabled: pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,
$ pwd: /snap/google-cloud-cli/current/lib/third_party/oauthlib/oauth1/rfc5849/endpoints/
Upload Files
File: //snap/google-cloud-cli/current/lib/third_party/oauthlib/oauth1/rfc5849/endpoints/signature_only.py
# -*- coding: utf-8 -*-
"""oauthlib.oauth1.rfc5849.endpoints.signature_only ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

This module is an implementation of the signing logic of OAuth 1.0 RFC 5849.
"""

from __future__ import absolute_import, unicode_literals

import logging

from .. import errors
from .base import BaseEndpoint

log = logging.getLogger(__name__)


class SignatureOnlyEndpoint(BaseEndpoint):
  """An endpoint only responsible for verifying an oauth signature."""

  def validate_request(self, uri, http_method='GET', body=None, headers=None):
    """Validate a signed OAuth request.

        :param uri: The full URI of the token request.
        :param http_method: A valid HTTP verb, i.e. GET, POST, PUT, HEAD, etc.
        :param body: The request body as a string.
        :param headers: The request headers as a dict.
        :returns: A tuple of 2 elements.
                  1. True if valid, False otherwise.
                  2. An oauthlib.common.Request object.
        """
    try:
      request = self._create_request(uri, http_method, body, headers)
    except errors.OAuth1Error as err:
      log.info('Exception caught while validating request, %s.' % err)
      return False, None

    try:
      self._check_transport_security(request)
      self._check_mandatory_parameters(request)
    except errors.OAuth1Error as err:
      log.info('Exception caught while validating request, %s.' % err)
      return False, request

    if not self.request_validator.validate_timestamp_and_nonce(
        request.client_key, request.timestamp, request.nonce, request):
      log.debug('[Failure] verification failed: timestamp/nonce')
      return False, request

    # The server SHOULD return a 401 (Unauthorized) status code when
    # receiving a request with invalid client credentials.
    # Note: This is postponed in order to avoid timing attacks, instead
    # a dummy client is assigned and used to maintain near constant
    # time request verification.
    #
    # Note that early exit would enable client enumeration
    valid_client = self.request_validator.validate_client_key(
        request.client_key, request)
    if not valid_client:
      request.client_key = self.request_validator.dummy_client

    valid_signature = self._check_signature(request)

    # log the results to the validator_log
    # this lets us handle internal reporting and analysis
    request.validator_log['client'] = valid_client
    request.validator_log['signature'] = valid_signature

    # We delay checking validity until the very end, using dummy values for
    # calculations and fetching secrets/keys to ensure the flow of every
    # request remains almost identical regardless of whether valid values
    # have been supplied. This ensures near constant time execution and
    # prevents malicious users from guessing sensitive information
    v = all((valid_client, valid_signature))
    if not v:
      log.info('[Failure] request verification failed.')
      log.info('Valid client: %s', valid_client)
      log.info('Valid signature: %s', valid_signature)
    return v, request
@ Telegram