Mirror
/
app-MAIL-temp
mirror of https://github.com/simple-login/app.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #950 from simple-login/ac-deprecate-old-verp 

Remove deprecated verp email validation
This commit is contained in:
Adrià Casajús 2022-05-05 10:07:57 +02:00 committed by GitHub
parent 6d49ae62d4 c48247e852
commit f2d761c61b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
app/email_utils.py
View File

@ -1395,34 +1395,7 @@ def generate_verp_email(
).lower()
# Remove this method after 2022-05-20. Just for backwards compat.
def deprecated_get_verp_info_from_email(email: str) -> Optional[Tuple[VerpType, int]]:
idx = email.find("@")
if idx == -1:
return None
username = email[:idx]
fields = username.split(".")
if len(fields) != 3 or fields[0] != VERP_PREFIX:
return None
padding = (8 - (len(fields[1]) % 8)) % 8
payload = base64.b32decode(fields[1].encode("utf-8").upper() + (b"=" * padding))
padding = (8 - (len(fields[2]) % 8)) % 8
signature = base64.b32decode(fields[2].encode("utf-8").upper() + (b"=" * padding))
expected_signature = hmac.new(
VERP_EMAIL_SECRET.encode("utf-8"), payload, "shake128"
).digest()
if expected_signature != signature:
return None
data = json.loads(payload)
# verp type, object_id, time
if len(data) != 3:
return None
if data[2] > time.time() + VERP_MESSAGE_LIFETIME:
return None
return VerpType(data[0]), data[1]
def new_get_verp_info_from_email(email: str) -> Optional[Tuple[VerpType, int]]:
def get_verp_info_from_email(email: str) -> Optional[Tuple[VerpType, int]]:
"""This method processes the email address, checks if it's a signed verp email generated by us to receive bounces
and extracts the type of verp email and associated email log id/transactional email id stored as object_id
"""
@ -1449,10 +1422,3 @@ def new_get_verp_info_from_email(email: str) -> Optional[Tuple[VerpType, int]]:
if data[2] > (time.time() + VERP_MESSAGE_LIFETIME - VERP_TIME_START) / 60:
return None
return VerpType(data[0]), data[1]
# Replace with new_get_verp_info_from_email when deprecated_get_verp_info_from_email is removed
def get_verp_info_from_email(email: str) -> Optional[Tuple[VerpType, int]]:
return new_get_verp_info_from_email(email) or deprecated_get_verp_info_from_email(
email
)