bug: Update vapid `exp` value if it's expired. (#113)

Closes #100
2019-05-09 10:05:00 -07:00 · 2019-05-09 10:05:00 -07:00 · 32e3fd9420
parent 2a23f45b78
commit 32e3fd9420
4 changed files with 57 additions and 2 deletions
--- a/README.rst
+++ b/README.rst
@ -187,6 +187,37 @@ Encode the ``data`` for future use. On error, returns a

    encoded_data = WebPush(subscription_info).encode(data)

+Stand Alone Webpush
+-------------------
+
+If you're not really into coding your own solution, there's also a
+"stand-alone" ``pywebpush`` command in the ./bin directory.
+
+This uses two files: \* the *data* file, which contains the message to
+send, in whatever form you like. \* the *subscription info* file, which
+contains the subscription information as JSON encoded data. This is
+usually returned by the Push ``subscribe`` method and looks something
+like:
+
+.. code:: json
+
+    {"endpoint": "https://push...",
+     "keys": {
+         "auth": "ab01...",
+         "p256dh": "aa02..."
+     }}
+
+If you're interested in just testing your applications WebPush
+interface, you could use the Command Line:
+
+.. code:: bash
+
+    ./bin/pywebpush --data stuff_to_send.data --info subscription.info
+
+which will encrypt and send the contents of ``stuff_to_send.data``.
+
+See ``./bin/pywebpush --help`` for available commands and options.
+
 .. |Build Status| image:: https://travis-ci.org/web-push-libs/pywebpush.svg?branch=master
   :target: https://travis-ci.org/web-push-libs/pywebpush
 .. |Requirements Status| image:: https://requires.io/github/web-push-libs/pywebpush/requirements.svg?branch=master
--- a/pywebpush/init.py
+++ b/pywebpush/init.py
@ -405,7 +405,10 @@ def webpush(subscription_info,
            url = urlparse(subscription_info.get('endpoint'))
            aud = "{}://{}".format(url.scheme, url.netloc)
            vapid_claims['aud'] = aud
-        if not vapid_claims.get('exp'):
+        # Remember, passed structures are mutable in python.
+        # It's possible that a previously set `exp` field is no longer valid.
+        if (not vapid_claims.get('exp')
+                or vapid_claims.get('exp') < int(time.time())):
            # encryption lives for 12 hours
            vapid_claims['exp'] = int(time.time()) + (12 * 60 * 60)
        if not vapid_private_key:
--- a/pywebpush/tests/test_webpush.py
+++ b/pywebpush/tests/test_webpush.py
@ -2,6 +2,7 @@ import base64
 import json
 import os
 import unittest
+import time

 from mock import patch, Mock
 from nose.tools import eq_, ok_, assert_is_not, assert_raises
@ -191,6 +192,26 @@ class WebpushTestCase(unittest.TestCase):
        vapid_sign.assert_called_once_with(claims)
        pusher_send.assert_called_once()

+    @patch.object(WebPusher, "send")
+    @patch.object(py_vapid.Vapid, "sign")
+    def test_webpush_vapid_exp(self, vapid_sign, pusher_send):
+        pusher_send.return_value.status_code = 200
+        subscription_info = self._gen_subscription_info()
+        data = "Mary had a little lamb"
+        vapid_key = py_vapid.Vapid.from_string(self.vapid_key)
+        claims = dict(sub="mailto:ops@example.com",
+                      aud="https://example.com",
+                      exp=int(time.time() - 48600))
+        webpush(
+            subscription_info=subscription_info,
+            data=data,
+            vapid_private_key=vapid_key,
+            vapid_claims=claims,
+        )
+        vapid_sign.assert_called_once_with(claims)
+        pusher_send.assert_called_once()
+        ok_(claims['exp'] > int(time.time()))
+
    @patch("requests.post")
    def test_send_bad_vapid_no_key(self, mock_post):
        mock_post.return_value.status_code = 200
--- a/setup.py
+++ b/setup.py
@ -4,7 +4,7 @@ import os
 from setuptools import find_packages, setup


-__version__ = "1.9.3"
+__version__ = "1.9.4"


 def read_from(file):