def _inner(request, *args, **kwargs):
function_wrapper = {
'basic': login_or_basic_ex(allow_cc_users=True),
'digest': login_or_digest_ex(allow_cc_users=True),
}[determine_authtype_from_request(request, default=default)]
if not function_wrapper:
return HttpResponseForbidden()
return function_wrapper(fn)(request, *args, **kwargs)
def _inner(request, *args, **kwargs):
function_wrapper = {
BASIC: login_or_basic_ex(allow_cc_users=True),
DIGEST: login_or_digest_ex(allow_cc_users=True),
API_KEY: login_or_api_key_ex(allow_cc_users=True)
}[determine_authtype_from_request(request, default=default)]
if not function_wrapper:
return HttpResponseForbidden()
return function_wrapper(fn)(request, *args, **kwargs)
def _inner(request, *args, **kwargs):
function_wrapper = {
BASIC: login_or_basic_ex(allow_cc_users=True),
DIGEST: login_or_digest_ex(allow_cc_users=True),
API_KEY: login_or_api_key_ex(allow_cc_users=True)
}[determine_authtype_from_request(request, default=default)]
if not function_wrapper:
return HttpResponseForbidden()
return function_wrapper(fn)(request, *args, **kwargs)
def _inner(request, *args, **kwargs):
authtype = determine_authtype_from_request(request, default=default)
if authtype == FORMPLAYER and not allow_formplayer:
return HttpResponseForbidden()
function_wrapper = {
BASIC: login_or_basic_ex(allow_cc_users=True),
DIGEST: login_or_digest_ex(allow_cc_users=True),
API_KEY: login_or_api_key_ex(allow_cc_users=True),
FORMPLAYER: login_or_formplayer_ex(allow_cc_users=True),
}[authtype]
return function_wrapper(fn)(request, *args, **kwargs)
def _inner(request, *args, **kwargs):
authtype = determine_authtype_from_request(request, default=default)
if authtype == FORMPLAYER and not allow_formplayer:
return HttpResponseForbidden()
function_wrapper = {
BASIC: login_or_basic_ex(allow_cc_users=True),
DIGEST: login_or_digest_ex(allow_cc_users=True),
API_KEY: login_or_api_key_ex(allow_cc_users=True),
FORMPLAYER: login_or_formplayer_ex(allow_cc_users=True),
}[authtype]
return function_wrapper(fn)(request, *args, **kwargs)
def _inner(request, *args, **kwargs):
authtype = determine_authtype_from_request(request, default=default)
if authtype == FORMPLAYER and not allow_formplayer:
auth_logger.info(
"Request rejected reason=%s request=%s",
"formplayer_auth:not_enabled_for_request", request.path
)
return HttpResponseForbidden()
request.auth_type = authtype # store auth type on request for access in views
function_wrapper = get_auth_decorator_map(allow_cc_users=True)[authtype]
return function_wrapper(fn)(request, *args, **kwargs)
def _inner(request, domain, *args, **kwargs):
response = f(request, domain, *args, **kwargs)
if response.status_code == 401:
auth_type = determine_authtype_from_request(request)
if auth_type and auth_type == 'basic':
username, _ = get_username_and_password_from_request(request)
if username:
valid, message, error_code = ensure_active_user_by_username(username)
if not valid:
return json_response({
"error": error_code,
"default_response": message
}, status_code=406)
return response
def _inner(request, domain, *args, **kwargs):
response = f(request, domain, *args, **kwargs)
if response.status_code == 401:
auth_type = determine_authtype_from_request(request)
if auth_type and auth_type == 'basic':
username, password = get_username_and_password_from_request(request)
if username:
valid, message, error_code = ensure_active_user_by_username(username)
if not valid:
return json_response({
"error": error_code,
"default_response": message
}, status_code=406)
return response
def _inner(request, *args, **kwargs):
authtype = determine_authtype_from_request(request, default=default)
if authtype == FORMPLAYER and not allow_formplayer:
auth_logger.info(
"Request rejected reason=%s request=%s",
"formplayer_auth:not_enabled_for_request", request.path
)
return HttpResponseForbidden()
request.auth_type = authtype # store auth type on request for access in views
function_wrapper = {
BASIC: login_or_basic_ex(allow_cc_users=True),
DIGEST: login_or_digest_ex(allow_cc_users=True),
API_KEY: login_or_api_key_ex(allow_cc_users=True),
FORMPLAYER: login_or_formplayer_ex(allow_cc_users=True),
}[authtype]
return function_wrapper(fn)(request, *args, **kwargs)
def secure_post(request, domain, app_id=None):
authtype_map = {
DIGEST: _secure_post_digest,
BASIC: _secure_post_basic,
NOAUTH: _noauth_post,
}
if request.GET.get('authtype'):
authtype = request.GET['authtype']
else:
authtype = determine_authtype_from_request(request, default=BASIC)
try:
decorated_view = authtype_map[authtype]
except KeyError:
return HttpResponseBadRequest('authtype must be one of: {0}'.format(
','.join(authtype_map)))
return decorated_view(request, domain, app_id=app_id)
def secure_post(request, domain, app_id=None):
authtype_map = {
'digest': _secure_post_digest,
'basic': _secure_post_basic,
'noauth': _noauth_post,
}
if request.GET.get('authtype'):
authtype = request.GET['authtype']
else:
authtype = determine_authtype_from_request(request, default=BASIC)
try:
decorated_view = authtype_map[authtype]
except KeyError:
return HttpResponseBadRequest(
'authtype must be one of: {0}'.format(','.join(authtype_map))
)
return decorated_view(request, domain, app_id=app_id)
def secure_post(request, domain, app_id=None):
authtype_map = {
'digest': _secure_post_digest,
'basic': _secure_post_basic,
'noauth': _noauth_post,
}
if toggles.ANONYMOUS_WEB_APPS_USAGE.enabled(domain):
authtype_map['token'] = _secure_post_token
if request.GET.get('authtype'):
authtype = request.GET['authtype']
else:
authtype = determine_authtype_from_request(request, default=BASIC)
try:
decorated_view = authtype_map[authtype]
except KeyError:
return HttpResponseBadRequest('authtype must be one of: {0}'.format(
','.join(authtype_map)))
return decorated_view(request, domain, app_id=app_id)
def determine_authtype(request):
if request.GET.get('authtype'):
return request.GET['authtype']
return determine_authtype_from_request(request)
def determine_authtype(request):
if request.GET.get('authtype'):
return request.GET['authtype']
return determine_authtype_from_request(request)
def test_basic_is_default(self):
self.assertEqual('basic', determine_authtype_from_request(self._mock_request()))
def test_override_default(self):
self.assertEqual('digest', determine_authtype_from_request(self._mock_request(), default='digest'))
def test_digest_header_overrides_default(self):
self.assertEqual('digest',
determine_authtype_from_request(self._mock_request(auth_header='Digest whatever')))
def test_basic_header_overrides_default(self):
self.assertEqual('basic',
determine_authtype_from_request(self._mock_request(auth_header='Basic whatever'),
default='digest'))
def test_user_agent_beats_header(self):
# todo: we may want to change the behavior of this test and have the header win.
# this is currently just to make sure we don't change existing behavior
self.assertEqual('basic',
determine_authtype_from_request(self._mock_request(user_agent='Android',
auth_header='Digest whatever')))
