File: refresh_session.py

package info (click to toggle)
firefox 147.0-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 4,683,324 kB
  • sloc: cpp: 7,607,156; javascript: 6,532,492; ansic: 3,775,158; python: 1,415,368; xml: 634,556; asm: 438,949; java: 186,241; sh: 62,751; makefile: 18,079; objc: 13,092; perl: 12,808; yacc: 4,583; cs: 3,846; pascal: 3,448; lex: 1,720; ruby: 1,003; php: 436; lisp: 258; awk: 247; sql: 66; sed: 54; csh: 10; exp: 6
file content (52 lines) | stat: -rw-r--r-- 2,291 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
 
import importlib
import json
from urllib.parse import parse_qs
jwt_helper = importlib.import_module('device-bound-session-credentials.jwt_helper')
session_manager = importlib.import_module('device-bound-session-credentials.session_manager')

def main(request, response):
    test_session_manager = session_manager.find_for_request(request)
    test_session_manager.set_has_called_refresh(True)

    if test_session_manager.get_refresh_endpoint_unavailable():
        return (500, response.headers, "")

    session_id_header = request.headers.get("Sec-Secure-Session-Id")
    if session_id_header == None:
        return (400, response.headers, "")
    session_id_header = session_id_header.decode('utf-8')
    session_id = int(session_id_header)

    if test_session_manager.get_should_refresh_end_session():
        response_body = {
            "session_identifier": session_id,
            "continue": False
        }
        return (200, response.headers, json.dumps(response_body))

    if test_session_manager.get_has_custom_query_param() and 'refreshQueryParam' not in parse_qs(request.url_parts.query):
        return (400, response.headers, "")

    session_key = test_session_manager.get_session_key(session_id)
    if session_key == None:
        return (400, response.headers, "")

    if test_session_manager.get_refresh_sends_challenge():
        challenge = "refresh_challenge_value"
        if request.headers.get("Secure-Session-Response") == None:
            return (403, [('Secure-Session-Challenge', f'"{challenge}";id="{session_id}"')], "")

        jwt_header, jwt_payload, verified = jwt_helper.decode_jwt(request.headers.get("Secure-Session-Response").decode('utf-8'), session_key)

        early_challenge = test_session_manager.get_early_challenge(session_id)
        if early_challenge is not None:
            challenge = early_challenge

        if test_session_manager.get_registration_sends_challenge_with_instructions():
            test_session_manager.reset_registration_sends_challenge_with_instructions()
            challenge = "login_challenge_value"

        if not verified or jwt_payload.get("jti") != challenge:
            return (400, response.headers, "")

    return test_session_manager.get_session_instructions_response(session_id, request)