def get_token(request):
if request.credentials_id:
token = request.db.get_token(request.credentials_id)
_, credentials = get_hawk_credentials(token)
return {'token': token, 'credentials': credentials}
else:
return forbidden_view(request)
def get_token(request):
if request.credentials_id:
token = request.db.get_token(request.credentials_id)
_, credentials = get_hawk_credentials(token)
return {"token": token, "credentials": credentials}
else:
return forbidden_view(request)
def post_browserid(request):
"""Get or create a token for this Assertion"""
db = request.registry.browserid_db
if 'assertion' in request.POST:
# Persona login
assertion = request.POST['assertion']
elif 'Authorization' in request.headers and \
request.headers['Authorization'].lower().startswith('browserid'):
assertion = request.headers['Authorization'].split()[1]
else:
return forbidden_view()
audience = json.loads(decode_bytes(assertion.split('.')[3]))['aud']
if audience not in request.registry['browserid.audiences']:
raise HTTPBadRequest('Invalid audience')
r = requests.post(request.registry['browserid.verifier_url'],
data=json.dumps({'assertion': assertion,
'audience': audience}),
headers={'Content-Type': 'application/json'})
if r.status_code == 500:
raise HTTPBadRequest('An error occured: %s' % r.content)
data = r.json()
print data
if data['issuer'] not in request.registry['browserid.trusted_issuers']:
raise HTTPBadRequest(
'%s is not configured as a trusted issuer.' % data['issuer']
)
user_id = data['email']
is_new = False
try:
token = db.get_user_token(user_id)
except UserIdNotFound:
is_new = True
token = None
token, credentials = get_hawk_credentials(token)
if is_new:
db.store_user_token(user_id, token)
request.db.store_token(token, credentials)
request.response.status = "201 Created"
return {
'token': token,
'credentials': credentials
}
def put_model(request):
model_id = request.matchdict['model_id']
try:
request.db.get_model_definition(model_id)
if request.has_permission('put_model'):
try:
request.db.delete_model(model_id)
except ModelNotFound:
pass
return handle_put_model(request)
except ModelNotFound:
return handle_put_model(request, create=True)
return forbidden_view(request)
def put_model(request):
model_id = request.matchdict['model_id']
try:
request.db.get_model_definition(model_id)
if request.has_permission('put_model'):
try:
request.db.delete_model(model_id)
except ModelNotFound:
pass
return handle_put_model(request)
except ModelNotFound:
return handle_put_model(request, create=True)
return forbidden_view(request)
