canny.py

import binascii
import hashlib
import json

from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.ciphers import algorithms, Cipher, modes
from django.conf import settings

from pinecast.helpers import gravatar


def get_canny_token(req):
    if not req.user:
        return None

    user_data = {
        'avatarURL': gravatar(req.user.email),
        'email': req.user.email,
        'id': req.user.id,
        'name': req.user.email,
    }
    plaintext = json.dumps(user_data)
    
    def pad_input(input):
      block_size = 16
      if (len(input) % block_size == 0):
        return input
      padding_required = block_size - (len(input) % block_size)
      return input.encode('utf-8') + padding_required * bytes([padding_required])

    dig = hashlib.md5(settings.CANNY_SSO_KEY.encode('utf-8')).digest()
    cipher = Cipher(algorithms.AES(dig), modes.ECB(), backend=default_backend())
    encryptor = cipher.encryptor()
    encrypted = encryptor.update(pad_input(plaintext)) + encryptor.finalize()
    return binascii.hexlify(bytearray(encrypted)).decode('utf-8')