Speed up signing paths (#93127)

This commit is contained in:
J. Nick Koston 2023-05-17 15:01:13 -05:00 committed by GitHub
parent d0460d5424
commit 3f43184187
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -6,11 +6,13 @@ from datetime import timedelta
from ipaddress import ip_address
import logging
import secrets
import time
from typing import Any, Final
from aiohttp import hdrs
from aiohttp.web import Application, Request, StreamResponse, middleware
import jwt
from jwt import api_jws
from yarl import URL
from homeassistant.auth import jwt_wrapper
@ -18,8 +20,8 @@ from homeassistant.auth.const import GROUP_ID_READ_ONLY
from homeassistant.auth.models import User
from homeassistant.components import websocket_api
from homeassistant.core import HomeAssistant, callback
from homeassistant.helpers.json import json_bytes
from homeassistant.helpers.storage import Store
from homeassistant.util import dt as dt_util
from homeassistant.util.network import is_local
from .const import KEY_AUTHENTICATED, KEY_HASS_REFRESH_TOKEN_ID, KEY_HASS_USER
@ -60,20 +62,19 @@ def async_sign_path(
refresh_token_id = hass.data[STORAGE_KEY]
url = URL(path)
now = dt_util.utcnow()
now_timestamp = int(time.time())
expiration_timestamp = now_timestamp + int(expiration.total_seconds())
params = [itm for itm in url.query.items() if itm[0] not in SAFE_QUERY_PARAMS]
encoded = jwt.encode(
json_payload = json_bytes(
{
"iss": refresh_token_id,
"path": url.path,
"params": params,
"iat": now,
"exp": now + expiration,
},
secret,
algorithm="HS256",
"iat": now_timestamp,
"exp": expiration_timestamp,
}
)
encoded = api_jws.encode(json_payload, secret, "HS256")
params.append((SIGN_QUERY_PARAM, encoded))
url = url.with_query(params)
return f"{url.path}?{url.query_string}"