Ejemplo n.º 1
0
def get_user(request, start_response):
    start_response('200 OK', [('Content-type', 'application/json')])

    _, userid = request.path.rsplit('/', 1)
    user = services.get_gluu_user(int(userid))

    return json_response(user)
Ejemplo n.º 2
0
def user_info(request, start_response):
    start_response('200 OK', [('Content-type', 'application/json')])

    method, value = request.authorization
    if method == 'Bearer':
        token = jwt.decode(value, verify=False)
    else:
        raise Exception("%s authentication method is not supported." % method)

    user = services.get_gluu_user(int(token['sub']))

    return json_response({
        'sub':
        token['sub'],
        'inum':
        token['sub'],
        'email':
        next((x['value'] for x in user['emails'] if x['primary'] == 'true'),
             ''),
        'family_name':
        user.get('name', {}).get('familyName'),
        'given_name':
        user.get('name', {}).get('givenName'),
        'user_name':
        user.get('userName', ''),
        'name':
        user.get('displayName', ''),
    })
Ejemplo n.º 3
0
def get_users(request, start_response):
    start_response('200 OK', [('Content-type', 'application/json')])

    with services.database() as db:
        users = [
            services.get_gluu_user(row['id']) for row in db['gluu_user'].all()
        ]

    return json_response(users)
Ejemplo n.º 4
0
def create_user(request, start_response):
    start_response('200 OK', [('Content-type', 'application/json')])

    with services.database() as db:
        user_id = db['gluu_user'].insert({
            'data': json.dumps(request.json),
        })

    return json_response(services.get_gluu_user(user_id))
Ejemplo n.º 5
0
def auth_token(request, start_response):
    start_response('200 OK', [('Content-type', 'application/json')])
    return json_response({
        'scope': request.POST['scope'],
        'access_token': get_jwt_token({
            'aud': 'client-id',
            'sub': 'user-id',
            'scope': request.POST['scope'],
        }),
        'expires_in': 300,
    })
Ejemplo n.º 6
0
def auth_token(request, start_response):
    start_response('200 OK', [('Content-type', 'application/json')])

    method, value = request.authorization
    if method == 'Basic':
        clientid, secret = base64.b64decode(value).split(b':', 1)
        if not isinstance(clientid, str):
            clientid = clientid.decode('UTF-8')
        if not isinstance(secret, str):
            secret = secret.decode('UTF-8')
    else:
        raise Exception("%s authentication method is not supported." % method)

    if request.POST['grant_type'] == 'authorization_code':
        if os.environ.get('APP_CONFIG'):
            config = ConfigParser()
            config.read(os.environ['APP_CONFIG'])
            scopes = (config.get('qvarn', 'scope') or '').replace(',',
                                                                  ' ').split()
        else:
            scopes = []

        user = services.get_gluu_user(int(request.POST['code']))

        return json_response({
            'access_token':
            get_jwt_token({
                'scope': ' '.join(scopes),
                'aud': clientid,
                'sub': request.POST['code'],
                'c_hash': 'c-hash',
            }),
            'id_token':
            get_jwt_token({
                'scope':
                ' '.join(scopes),
                'aud':
                clientid,
                'sub':
                request.POST['code'],
                'inum':
                request.POST['code'],
                'at_hash':
                'at-hash',
                'email':
                next((x['value']
                      for x in user['emails'] if x['primary'] == 'true'), ''),
                'family_name':
                user.get('name', {}).get('familyName'),
                'given_name':
                user.get('name', {}).get('givenName'),
                'user_name':
                user.get('userName', ''),
                'name':
                user.get('displayName', ''),
            }),
            'refresh_token':
            'refresh-token',
        })

    else:
        now = time.time()
        return json_response({
            'access_token':
            get_jwt_token({
                'aud': clientid,
                'sub': clientid,
                'scope': request.POST['scope'],
            }),
            'expires_in':
            now + 3600,
            'scope':
            request.POST['scope'],
            'token_type':
            'bearer',
        })
Ejemplo n.º 7
0
def perm(request, start_response):
    start_response('200 OK', [('Content-type', 'application/json')])
    return json_response({
        'rpt': 'rtp-perm',
    })
Ejemplo n.º 8
0
def rsrc_pr(request, start_response):
    start_response('200 OK', [('Content-type', 'application/json')])
    return json_response({
        'ticket': 'rsrc-pr-ticket',
    })