def get(self):
"""
.. :quickref: OIDC;
:status 200: OK
:status 401: Unauthorized
:resheader X-Rucio-Auth-Token: The authentication token
"""
headers = self.get_headers()
headers.set('Content-Type', 'application/octet-stream')
headers.set('Cache-Control', 'no-cache, no-store, max-age=0, must-revalidate')
headers.add('Cache-Control', 'post-check=0, pre-check=0')
headers.set('Pragma', 'no-cache')
vo = request.headers.get('X-Rucio-VO', default='def')
account = request.headers.get('X-Rucio-Account', default=None)
token = request.headers.get('X-Rucio-Auth-Token', default=None)
if token is None or account is None:
return generate_http_error_flask(401, CannotAuthorize.__name__, 'Cannot authorize token request.', headers=headers)
try:
result = refresh_cli_auth_token(token, account, vo=vo)
except AccessDenied:
return generate_http_error_flask(401, CannotAuthorize.__name__, 'Cannot authorize token request.', headers=headers)
if result is not None and len(result) > 1:
headers.set('X-Rucio-Auth-Token', str(result[0]))
headers.set('X-Rucio-Auth-Token-Expires', str(result[1]))
else:
headers.set('X-Rucio-Auth-Token', '')
headers.set('X-Rucio-Auth-Token-Expires', '')
return '', 200, headers
def GET(self):
"""
HTTP Success:
200 OK
HTTP Error:
401 Unauthorized
:param QUERY_STRING: the URL query string itself
:returns: "Rucio-Auth-Token" as a variable-length string header.
"""
header('Access-Control-Allow-Origin', ctx.env.get('HTTP_ORIGIN'))
header('Access-Control-Allow-Headers',
ctx.env.get('HTTP_ACCESS_CONTROL_REQUEST_HEADERS'))
header('Access-Control-Allow-Methods', '*')
header('Access-Control-Allow-Credentials', 'true')
header('Access-Control-Expose-Headers', 'X-Rucio-Auth-Token')
header('Content-Type', 'application/octet-stream')
header('Cache-Control',
'no-cache, no-store, max-age=0, must-revalidate')
header('Cache-Control', 'post-check=0, pre-check=0', False)
header('Pragma', 'no-cache')
vo = ctx.env.get('HTTP_X_RUCIO_VO', 'def')
account = ctx.env.get('HTTP_X_RUCIO_ACCOUNT')
token = ctx.env.get('HTTP_X_RUCIO_AUTH_TOKEN')
try:
result = refresh_cli_auth_token(token, account, vo=vo)
except AccessDenied:
raise generate_http_error(401, 'CannotAuthorize',
'Cannot authorize token request.')
except RucioException as error:
raise generate_http_error(500, error.__class__.__name__,
error.args[0])
except Exception as error:
print(format_exc())
raise InternalError(error)
if not result:
header('X-Rucio-Auth-Token', '')
header('X-Rucio-Auth-Token-Expires', '')
return str()
else:
if result[0] and result[1]:
header('X-Rucio-Auth-Token', str(result[0]))
header('X-Rucio-Auth-Token-Expires', str(result[1]))
else:
header('X-Rucio-Auth-Token', '')
header('X-Rucio-Auth-Token-Expires', '')
return str()
def get(self):
"""
.. :quickref: OIDC;
:status 200: OK
:status 401: Unauthorized
:resheader X-Rucio-Auth-Token: The authentication token
"""
headers = Headers()
headers.set('Access-Control-Allow-Origin', request.environ.get('HTTP_ORIGIN'))
headers.set('Access-Control-Allow-Headers', request.environ.get('HTTP_ACCESS_CONTROL_REQUEST_HEADERS'))
headers.set('Access-Control-Allow-Methods', '*')
headers.set('Access-Control-Allow-Credentials', 'true')
headers.set('Access-Control-Expose-Headers', 'X-Rucio-Auth-Token')
headers.set('Content-Type', 'application/octet-stream')
headers.set('Cache-Control', 'no-cache, no-store, max-age=0, must-revalidate')
headers.add('Cache-Control', 'post-check=0, pre-check=0')
headers.set('Pragma', 'no-cache')
vo = request.headers.get('X-Rucio-VO', default='def')
account = request.headers.get('X-Rucio-Account', default=None)
token = request.headers.get('X-Rucio-Auth-Token', default=None)
if token is None or account is None:
return generate_http_error_flask(401, 'CannotAuthorize', 'Cannot authorize token request.', headers=headers)
try:
result = refresh_cli_auth_token(token, account, vo=vo)
except AccessDenied:
return generate_http_error_flask(401, 'CannotAuthorize', 'Cannot authorize token request.', headers=headers)
except Exception as error:
logging.exception("Internal Error")
return str(error), 500, headers
if result is not None and len(result) > 1:
headers.set('X-Rucio-Auth-Token', str(result[0]))
headers.set('X-Rucio-Auth-Token-Expires', str(result[1]))
else:
headers.set('X-Rucio-Auth-Token', '')
headers.set('X-Rucio-Auth-Token-Expires', '')
return '', 200, headers