def _client_credentials(self, _request):
_api_key = _request.get("client_id")
_api_secret = _request.get("client_secret")
_redis = self.application.redis
_key = ApiInfo.__tablename__ + ".api_key." + _api_key
_api = _redis.get(_key)
if _api == None:
logging.error("no api_key:%s" % _api_key)
self.send_error(400)
return
_api = json.loads(_api)
_api_uuid = _api[0]
_api_level = _api[1]
if _api_level != API_LEVEL.PPCOM and _api_level != API_LEVEL.PPCONSOLE and _api_level != API_LEVEL.THIRD_PARTY_CONSOLE:
self.send_error(400)
return
if _api_level == API_LEVEL.PPCONSOLE:
_api_level = API_LEVEL.PPCONSOLE_BEFORE_LOGIN
if _api_secret != _api[3]:
logging.error("client_secret not match client_id:%s, client_secret:%s, api_scecret:%s" % (_api_key, _api_secret, _api[3]))
self.send_error(400)
return
_api_code = str(uuid.uuid1())
_api_code = hashlib.sha1(_api_code).hexdigest()
_api_code = base64.b64encode(_api_code)
_api_token = str(uuid.uuid1())
_api_token = hashlib.sha1(_api_token).hexdigest()
_api_token = base64.b64encode(_api_token)
_row = ApiTokenData(uuid=str(uuid.uuid1()),
api_code=_api_code,
api_token=_api_token,
api_uuid=_api_uuid,
api_level=_api_level)
_row.async_add(_redis)
_row.create_redis_keys(_redis)
self.set_header("Content-Type", "application/json")
self._header()
_return = {
"access_token": _api_token,
"token_type": "Bearer",
}
self.write(json.dumps(_return))
return
def post(self, *args, **kwargs):
_redis = self.application.redis
logging.info(self.request.body);
_user_email = self.get_body_argument("user_email")
_user_password = self.get_body_argument("user_password")
_token_data_uuid = self.get_body_argument("token_data_uuid")
_redirect_uri = self.get_body_argument("redirect_uri")
_state = self.get_body_argument("state")
_key = DeviceUser.__tablename__ + ".user_email." + _user_email
if not _redis.exists(_key):
logging.info("no such user %s" %_user_email)
self.send_error(500)
# self.setErrorCode(API_ERR.NO_USER)
return
_user_uuid = _redis.get(_key)
_user = redis_hash_to_dict(_redis, DeviceUser, _user_uuid)
if _user == None:
logging.info("no such user %s" %_user_email)
self.send_error(500)
# self.setErrorCode(API_ERR.NO_USER)
return
_pass = hashlib.sha1(_user_password).hexdigest()
if _pass != _user.get("user_password"):
logging.info("password not match %s" %_user_email)
self.send_error(500);
# self.setErrorCode(API_ERR.MIS_ERR)
return
_row = ApiTokenData(**{ "uuid": _token_data_uuid, "is_code_authorized": True })
_row.async_update(_redis)
_row.update_redis_keys(_redis)
_token_data = redis_hash_to_dict(_redis, ApiTokenData, _token_data_uuid)
_code = _token_data.get("api_code")
_redirect_target = _redirect_uri + "?code=" + _code + "&state=" + _state
logging.info(_redirect_target)
self.redirect(_redirect_target, permanent=True, status=301)
return
def _client_credentials(self, _request):
_api_key = _request.get("client_id")
_api_secret = _request.get("client_secret")
_redis = self.application.redis
_key = ApiInfo.__tablename__ + ".api_key." + _api_key
_api = _redis.get(_key)
if _api == None:
logging.error("no api_key:%s" % _api_key)
self.send_error(400)
return
_api = json.loads(_api)
_app_uuid = _api[0]
_api_uuid = _api[1]
_api_level = _api[2]
# _api[3] is api_secret
if _api_level != API_LEVEL.PPCOM and _api_level != API_LEVEL.PPCONSOLE and _api_level != API_LEVEL.THIRD_PARTY_CONSOLE:
self.send_error(400)
return
if _api_level == API_LEVEL.PPCONSOLE:
_api_level = API_LEVEL.PPCONSOLE_BEFORE_LOGIN
if _api_secret != _api[3]:
logging.error(
"client_secret not match client_id:%s, client_secret:%s, api_scecret:%s"
% (_api_key, _api_secret, _api[3]))
self.send_error(400)
return
_api_code = str(uuid.uuid1())
_api_code = hashlib.sha1(_api_code).hexdigest()
_api_code = base64.b64encode(_api_code)
_api_token = str(uuid.uuid1())
_api_token = hashlib.sha1(_api_token).hexdigest()
_api_token = base64.b64encode(_api_token)
_row = ApiTokenData(uuid=str(uuid.uuid1()),
api_code=_api_code,
api_token=_api_token,
app_uuid=_app_uuid,
api_uuid=_api_uuid,
api_level=_api_level)
_row.async_add(_redis)
_row.create_redis_keys(_redis)
self.set_header("Content-Type", "application/json")
self._header()
_return = {
"access_token": _api_token,
"token_type": "Bearer",
}
self.write(json.dumps(_return))
return
def _delete_auth_token(self):
_key = ApiTokenData.__tablename__ + \
".api_token." + self.api_token
_uuid = self.application.redis.get(_key)
if not _uuid:
return
_row = ApiTokenData(uuid=_uuid)
_row.delete_redis_keys(self.application.redis)
_row.async_delete(self.application.redis)
return
def post(self, *args, **kwargs):
_redis = self.application.redis
logging.info(self.request.body)
_user_email = self.get_body_argument("user_email")
_user_password = self.get_body_argument("user_password")
_token_data_uuid = self.get_body_argument("token_data_uuid")
_redirect_uri = self.get_body_argument("redirect_uri")
_state = self.get_body_argument("state")
_key = DeviceUser.__tablename__ + ".user_email." + _user_email
if not _redis.exists(_key):
logging.info("no such user %s" % _user_email)
self.send_error(500)
# self.setErrorCode(API_ERR.NO_USER)
return
_user_uuid = _redis.get(_key)
_user = redis_hash_to_dict(_redis, DeviceUser, _user_uuid)
if _user == None:
logging.info("no such user %s" % _user_email)
self.send_error(500)
# self.setErrorCode(API_ERR.NO_USER)
return
_pass = hashlib.sha1(_user_password).hexdigest()
if _pass != _user.get("user_password"):
logging.info("password not match %s" % _user_email)
self.send_error(500)
# self.setErrorCode(API_ERR.MIS_ERR)
return
_row = ApiTokenData(**{
"uuid": _token_data_uuid,
"is_code_authorized": True
})
_row.async_update()
_row.update_redis_keys(_redis)
_token_data = redis_hash_to_dict(_redis, ApiTokenData,
_token_data_uuid)
_code = _token_data.get("api_code")
_redirect_target = _redirect_uri + "?code=" + _code + "&state=" + _state
logging.info(_redirect_target)
self.redirect(_redirect_target, permanent=True, status=301)
return
def get(self, *args, **kwargs):
_fields = ["client_id", "redirect_uri", "state", "scope", "response_type"]
_request_dict = {}
for _field in _fields:
_request_dict[_field] = self.get_query_argument(_field, default=None)
if _request_dict.get("response_type") != "code":
logging.error("response_type not code")
self.send_error(501)
return
if _request_dict.get("client_id") == None:
logging.error("no client_id")
self.send_error(400)
return
_redis = self.application.redis
_key = ApiInfo.__tablename__ + ".api_key." + _request_dict.get("client_id")
_api = _redis.get(_key)
if _api == None:
logging.error("no api_key:%s" % _request_dict.get("client_id"))
self.send_error(404)
return
_api = json.loads(_api)
_app_uuid = _api[0]
_api_uuid = _api[1]
_api_level = _api[2]
_api_code = str(uuid.uuid1())
_api_code = hashlib.sha1(_api_code).hexdigest()
_api_code = base64.b64encode(_api_code)
_api_token = str(uuid.uuid1())
_api_token = hashlib.sha1(_api_token).hexdigest()
_api_token = base64.b64encode(_api_token)
_row = ApiTokenData(uuid=str(uuid.uuid1()), api_code=_api_code, api_token=_api_token,
app_uuid=_app_uuid, api_uuid=_api_uuid, api_level=_api_level)
_row.async_add(_redis)
_row.create_redis_keys(_redis)
if _request_dict.get("redirect_uri") != None:
loader = Loader(os.path.abspath(os.path.dirname(__file__)) + "/static/templates")
login_form = loader.load("login_form.html").generate(**{
"state": _request_dict.get("state"),
"redirect_uri": _request_dict.get("redirect_uri"),
"token_data_uuid": _row.uuid
})
self.write(login_form)
return
if _request_dict.get("redirect_uri") == None:
self.set_header("Content-Type", "application/json")
self._header()
_return = {
"state": _request_dict.get("state"),
"code": _row.api_code,
}
self.write(json.dumps(_return))
return
return
def _password(self, _request):
_api_key = _request.get("client_id")
_user_email = _request.get("user_email")
_user_password = _request.get("user_password")
_redis = self.application.redis
_key = ApiInfo.__tablename__ + ".api_key." + _api_key
_api = _redis.get(_key)
if _api == None:
logging.error("no api_key:%s" % _api_key)
self._write_error()
return
_api = json.loads(_api)
_app_uuid = _api[0]
_api_uuid = _api[1]
_api_level = _api[2]
# _api[3] is api_secret
if _api_level != API_LEVEL.PPKEFU and _api_level != API_LEVEL.PPCONSOLE:
logging.error("only PPKEFU / PPCONSOLE use password mode")
self._write_error()
return
_key = DeviceUser.__tablename__ + ".user_email." + _user_email
_user_uuid = _redis.get(_key)
if _user_uuid == None:
logging.error("no such user %s" % _user_email)
self._write_error()
return
_key = DeviceUser.__tablename__ + ".uuid." + _user_uuid
_password = _redis.hget(_key, "user_password")
if _user_password != _password:
logging.error("password not match in:%s, real:%s" % (_user_password, _password))
self._write_error()
return
_api_code = str(uuid.uuid1())
_api_code = hashlib.sha1(_api_code).hexdigest()
_api_code = base64.b64encode(_api_code)
_api_token = str(uuid.uuid1())
_api_token = hashlib.sha1(_api_token).hexdigest()
_api_token = base64.b64encode(_api_token)
_row = ApiTokenData(uuid=str(uuid.uuid1()), api_code=_api_code, api_token=_api_token,
app_uuid=_app_uuid, api_uuid=_api_uuid, api_level=_api_level)
_row.async_add(_redis)
_row.create_redis_keys(_redis)
self.set_header("Content-Type", "application/json")
self._header()
_return = {
"error_code": 0,
"access_token": _api_token,
"user_uuid": _user_uuid,
"token_type": "Bearer",
}
self.write(json.dumps(_return))
return
def get(self, *args, **kwargs):
_fields = [
"client_id", "redirect_uri", "state", "scope", "response_type"
]
_request_dict = {}
for _field in _fields:
_request_dict[_field] = self.get_query_argument(_field,
default=None)
if _request_dict.get("response_type") != "code":
logging.error("response_type not code")
self.send_error(501)
return
if _request_dict.get("client_id") == None:
logging.error("no client_id")
self.send_error(400)
return
_redis = self.application.redis
_key = ApiInfo.__tablename__ + ".api_key." + _request_dict.get(
"client_id")
_api = _redis.get(_key)
if _api == None:
logging.error("no api_key:%s" % _request_dict.get("client_id"))
self.send_error(404)
return
_api = json.loads(_api)
_app_uuid = _api[0]
_api_uuid = _api[1]
_api_level = _api[2]
_api_code = str(uuid.uuid1())
_api_code = hashlib.sha1(_api_code).hexdigest()
_api_code = base64.b64encode(_api_code)
_api_token = str(uuid.uuid1())
_api_token = hashlib.sha1(_api_token).hexdigest()
_api_token = base64.b64encode(_api_token)
_row = ApiTokenData(uuid=str(uuid.uuid1()),
api_code=_api_code,
api_token=_api_token,
app_uuid=_app_uuid,
api_uuid=_api_uuid,
api_level=_api_level)
_row.async_add()
_row.create_redis_keys(_redis)
if _request_dict.get("redirect_uri") != None:
loader = Loader(
os.path.abspath(os.path.dirname(__file__)) +
"/static/templates")
login_form = loader.load("login_form.html").generate(
**{
"state": _request_dict.get("state"),
"redirect_uri": _request_dict.get("redirect_uri"),
"token_data_uuid": _row.uuid
})
self.write(login_form)
return
if _request_dict.get("redirect_uri") == None:
self.set_header("Content-Type", "application/json")
self._header()
_return = {
"state": _request_dict.get("state"),
"code": _row.api_code,
}
self.write(json.dumps(_return))
return
return
def _password(self, _request):
_api_key = _request.get("client_id")
_user_email = _request.get("user_email")
_user_password = _request.get("user_password")
_redis = self.application.redis
_key = ApiInfo.__tablename__ + ".api_key." + _api_key
_api = _redis.get(_key)
if _api == None:
logging.error("no api_key:%s" % _api_key)
self._write_error()
return
_api = json.loads(_api)
_app_uuid = _api[0]
_api_uuid = _api[1]
_api_level = _api[2]
# _api[3] is api_secret
if _api_level != API_LEVEL.PPKEFU and _api_level != API_LEVEL.PPCONSOLE:
logging.error("only PPKEFU / PPCONSOLE use password mode")
self._write_error()
return
_key = DeviceUser.__tablename__ + ".user_email." + _user_email
_user_uuid = _redis.get(_key)
if _user_uuid == None:
logging.error("no such user %s" % _user_email)
self._write_error()
return
_key = DeviceUser.__tablename__ + ".uuid." + _user_uuid
_password = _redis.hget(_key, "user_password")
if _user_password != _password:
logging.error("password not match in:%s, real:%s" %
(_user_password, _password))
self._write_error()
return
_api_code = str(uuid.uuid1())
_api_code = hashlib.sha1(_api_code).hexdigest()
_api_code = base64.b64encode(_api_code)
_api_token = str(uuid.uuid1())
_api_token = hashlib.sha1(_api_token).hexdigest()
_api_token = base64.b64encode(_api_token)
_row = ApiTokenData(uuid=str(uuid.uuid1()),
api_code=_api_code,
api_token=_api_token,
app_uuid=_app_uuid,
api_uuid=_api_uuid,
api_level=_api_level)
_row.async_add(_redis)
_row.create_redis_keys(_redis)
self.set_header("Content-Type", "application/json")
self._header()
_return = {
"error_code": 0,
"access_token": _api_token,
"user_uuid": _user_uuid,
"token_type": "Bearer",
}
self.write(json.dumps(_return))
return
