python-oauth2 icon indicating copy to clipboard operation
python-oauth2 copied to clipboard

Published 20 hours ago verified publisher icon joestump

Adding RSA SignatureMethod and test

Open rick446 opened this issue 14 years ago • 3 comments

That's pretty much it. Uses PyCrypto if it's installed, raises NotImplementedError otherwise.

rick446 avatar Dec 01 '10 20:12 rick446

I guess I should also mention that the patch includes unit testing

rick446 avatar Dec 02 '10 02:12 rick446

Hi @rick446! Thanks for the patch. It looks good and I'm glad to see it comes with a test. Two requests:

  1. Could you add a test to ensure that verify() doesn't accept the request when it comes with a bogus signatures that wasn't actually made by the private key?
  2. Could you add a test that the signature produced by your code matches the example signature from http://wiki.oauth.net/w/page/12238556/TestCases . (If it helps you could also use these other implementations to check signatures or to generate example signatures: https://github.com/nshah/python-oauth/blob/master/oauth/signature_method/rsa_sha1.py , http://code.google.com/p/gdata-python-client/source/browse/src/gdata/oauth/rsa.py .)

Thanks again!

Regards,

Zooko

zookos avatar Feb 01 '11 21:02 zookos

I have implemented this atop PyCrypto using X.509 certificates/public keys and RSA private keys in my Python implementation of OAuth 1.0. The tests you have mentioned pass.

See: https://github.com/gorakhargosh/pyoauth/blob/master/pyoauth/protocol.py#L189

The project is at http://github.com/gorakhargosh/pyoauth/

HTH.

Cheers! Khargosh.

gorakhargosh avatar Jul 07 '11 21:07 gorakhargosh