Skip to content

Commit 02dc92e

Browse files
officialasishkumarofficialasishkumar
authored
Flask secret (#90)
* fix: add new endpoints Signed-off-by: Asish Kumar <officialasishkumar@gmail.com> * feat: add test pipeline Signed-off-by: Asish Kumar <officialasishkumar@gmail.com> --------- Signed-off-by: Asish Kumar <officialasishkumar@gmail.com>
1 parent 818f29e commit 02dc92e

1 file changed

Lines changed: 9 additions & 21 deletions

File tree

flask-secret/main.py

Lines changed: 9 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -436,21 +436,20 @@ def jwtlab():
436436
"status": 200,
437437
"meta": {"endpoint": "jwtlab", "timestamp": FIXED_TIMESTAMP},
438438
"examples": {
439-
"url_raw": base, # token=<JWT>&...
440-
"url_u_escaped": u_escape_qs(base), # token\u003d<JWT>\u0026...
441-
"url_pct_amp": pct_amp(base), # token=<JWT>%26user_uuid=...
442-
"json_param": {"token": j}, # straight JSON param
439+
"url_raw": base,
440+
"url_pct_amp": pct_amp(base),
441+
"json_param": {"token": j},
443442
},
444443
}
445444
return make_response(payload)
446445

447446
@app.route("/curlmix", methods=["GET"])
448447
def curlmix():
449-
commons = generate_common_secrets() # deterministic
448+
commons = generate_common_secrets()
450449
rng = random.Random(515151)
451450

452-
bearer = opaque_token(rng, 40) # will match Bearer rule
453-
api_key = commons["openai_api_key"] # "sk-..." (already in defaults)
451+
bearer = opaque_token(rng, 40)
452+
api_key = commons["openai_api_key"]
454453

455454
# Put the same secrets in regular fields so the redaction mappings exist
456455
shadow = {
@@ -462,42 +461,31 @@ def curlmix():
462461
f"curl -s -H 'Authorization: Bearer {bearer}' "
463462
f"-H 'X-Api-Key: {api_key}' https://api.example.test/v1/things"
464463
)
465-
curl_u = (
466-
"curl -s -H \"Authorization\\u003a Bearer " + bearer + "\" "
467-
"-H \"X-Api-Key: " + api_key + "\" https://api.example.test/v1/things"
468-
)
469464

470465
payload = {
471466
"case": "curlmix",
472467
"status": 200,
473468
"meta": {"endpoint": "curlmix", "timestamp": FIXED_TIMESTAMP},
474-
"shadow": shadow, # these get redacted first
475-
"curl": curl_raw, # then these get rewritten by your mapper
476-
"curl_u_escaped": curl_u,
469+
"shadow": shadow,
470+
"curl": curl_raw,
477471
}
478472
return make_response(payload)
479473

480474
@app.route("/cdn", methods=["GET"])
481475
def cdn():
482476
rng = random.Random(616161)
483-
hmac_hex = rand(rng, HEX, 64) # looks like a SHA-256 hex
477+
hmac_hex = rand(rng, HEX, 64)
484478

485479
hdnts_plain = f"hdnts=st=1700000000~exp=1999999999~acl=/*~hmac={hmac_hex}"
486-
hdnts_u = (
487-
"hdnts\\u003dst\\u003d1700000000~exp\\u003d1999999999~acl\\u003d/*~hmac\\u003d" + hmac_hex
488-
)
489-
490480
payload = {
491481
"case": "cdn",
492482
"status": 200,
493483
"meta": {"endpoint": "cdn", "timestamp": FIXED_TIMESTAMP},
494484
"urls": {
495485
"akamai_hdnts": f"https://cdn.example.test/asset.m3u8?{hdnts_plain}",
496-
"akamai_hdnts_u": f"https://cdn.example.test/asset.m3u8?{hdnts_u}",
497486
},
498487
"fields": {
499488
"hdnts_plain": hdnts_plain,
500-
"hdnts_u_escaped": hdnts_u,
501489
},
502490
}
503491
return make_response(payload)

0 commit comments

Comments
 (0)