Created
July 28, 2016 19:06
-
-
Save johnwheeler/a580d4ee96cb3ad093ab5270d2ee200c to your computer and use it in GitHub Desktop.
Revisions
-
John Wheeler created this gist
Jul 28, 2016 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,50 @@ import os import base64 import posixpath from datetime import datetime from six.moves.urllib.parse import urlparse from six.moves.urllib.request import urlopen from . import logger class VerificationError(Exception): pass def verify_timestamp(timestamp): dt = datetime.utcnow() - timestamp.replace(tzinfo=None) if dt.seconds > 150: raise VerificationError("Timestamp verification failed") def verify_application_id(candidate, records): if candidate not in records: raise VerificationError("Application ID verification failed") def _valid_certificate_url(cert_url): parsed_url = urlparse(cert_url) if parsed_url.scheme == 'https': if parsed_url.hostname == "s3.amazonaws.com": if posixpath.normpath(parsed_url.path).startswith("/echo.api/"): return True return False def _valid_certificate(cert): not_after = cert.get_notAfter().decode('utf-8') not_after = datetime.strptime(not_after, '%Y%m%d%H%M%SZ') if datetime.utcnow() >= not_after: return False found = False for i in range(0, cert.get_extension_count()): extension = cert.get_extension(i) short_name = extension.get_short_name().decode('utf-8') value = str(extension) if 'subjectAltName' == short_name and 'DNS:echo-api.amazon.com' == value: found = True break if not found: return False return True
John Wheeler
created
this gist