mirror of
https://github.com/home-assistant/core.git
synced 2025-07-25 06:07:17 +00:00
Speed up signing paths (#93127)
This commit is contained in:
parent
d0460d5424
commit
3f43184187
@ -6,11 +6,13 @@ from datetime import timedelta
|
|||||||
from ipaddress import ip_address
|
from ipaddress import ip_address
|
||||||
import logging
|
import logging
|
||||||
import secrets
|
import secrets
|
||||||
|
import time
|
||||||
from typing import Any, Final
|
from typing import Any, Final
|
||||||
|
|
||||||
from aiohttp import hdrs
|
from aiohttp import hdrs
|
||||||
from aiohttp.web import Application, Request, StreamResponse, middleware
|
from aiohttp.web import Application, Request, StreamResponse, middleware
|
||||||
import jwt
|
import jwt
|
||||||
|
from jwt import api_jws
|
||||||
from yarl import URL
|
from yarl import URL
|
||||||
|
|
||||||
from homeassistant.auth import jwt_wrapper
|
from homeassistant.auth import jwt_wrapper
|
||||||
@ -18,8 +20,8 @@ from homeassistant.auth.const import GROUP_ID_READ_ONLY
|
|||||||
from homeassistant.auth.models import User
|
from homeassistant.auth.models import User
|
||||||
from homeassistant.components import websocket_api
|
from homeassistant.components import websocket_api
|
||||||
from homeassistant.core import HomeAssistant, callback
|
from homeassistant.core import HomeAssistant, callback
|
||||||
|
from homeassistant.helpers.json import json_bytes
|
||||||
from homeassistant.helpers.storage import Store
|
from homeassistant.helpers.storage import Store
|
||||||
from homeassistant.util import dt as dt_util
|
|
||||||
from homeassistant.util.network import is_local
|
from homeassistant.util.network import is_local
|
||||||
|
|
||||||
from .const import KEY_AUTHENTICATED, KEY_HASS_REFRESH_TOKEN_ID, KEY_HASS_USER
|
from .const import KEY_AUTHENTICATED, KEY_HASS_REFRESH_TOKEN_ID, KEY_HASS_USER
|
||||||
@ -60,20 +62,19 @@ def async_sign_path(
|
|||||||
refresh_token_id = hass.data[STORAGE_KEY]
|
refresh_token_id = hass.data[STORAGE_KEY]
|
||||||
|
|
||||||
url = URL(path)
|
url = URL(path)
|
||||||
now = dt_util.utcnow()
|
now_timestamp = int(time.time())
|
||||||
|
expiration_timestamp = now_timestamp + int(expiration.total_seconds())
|
||||||
params = [itm for itm in url.query.items() if itm[0] not in SAFE_QUERY_PARAMS]
|
params = [itm for itm in url.query.items() if itm[0] not in SAFE_QUERY_PARAMS]
|
||||||
encoded = jwt.encode(
|
json_payload = json_bytes(
|
||||||
{
|
{
|
||||||
"iss": refresh_token_id,
|
"iss": refresh_token_id,
|
||||||
"path": url.path,
|
"path": url.path,
|
||||||
"params": params,
|
"params": params,
|
||||||
"iat": now,
|
"iat": now_timestamp,
|
||||||
"exp": now + expiration,
|
"exp": expiration_timestamp,
|
||||||
},
|
}
|
||||||
secret,
|
|
||||||
algorithm="HS256",
|
|
||||||
)
|
)
|
||||||
|
encoded = api_jws.encode(json_payload, secret, "HS256")
|
||||||
params.append((SIGN_QUERY_PARAM, encoded))
|
params.append((SIGN_QUERY_PARAM, encoded))
|
||||||
url = url.with_query(params)
|
url = url.with_query(params)
|
||||||
return f"{url.path}?{url.query_string}"
|
return f"{url.path}?{url.query_string}"
|
||||||
|
Loading…
x
Reference in New Issue
Block a user