Ejemplo n.º 1
0
def get_admin_cookies(container, verify=True, raise_message=None):
    # type: (AnySettingsContainer, bool, Optional[Str]) -> CookiesType
    from magpie.api.schemas import SigninAPI  # pylint: disable=C0415

    magpie_url = get_magpie_url(container)
    magpie_login_url = "{}{}".format(magpie_url, SigninAPI.path)
    cred = {
        "user_name": get_constant("MAGPIE_ADMIN_USER", container),
        "password": get_constant("MAGPIE_ADMIN_PASSWORD", container)
    }
    resp = requests.post(magpie_login_url,
                         data=cred,
                         headers={"Accept": CONTENT_TYPE_JSON},
                         verify=verify)
    if resp.status_code != HTTPOk.code:
        if raise_message:
            raise_log(raise_message, logger=LOGGER)
        raise resp.raise_for_status()
    token_name = get_constant("MAGPIE_COOKIE_NAME", container)

    # use specific domain to differentiate between `.{hostname}` and `{hostname}` variations if applicable
    request_cookies = resp.cookies
    magpie_cookies = list(
        filter(lambda cookie: cookie.name == token_name, request_cookies))
    magpie_domain = urlparse(
        magpie_url).hostname if len(magpie_cookies) > 1 else None
    session_cookies = RequestsCookieJar.get(request_cookies,
                                            token_name,
                                            domain=magpie_domain)

    return {token_name: session_cookies}
Ejemplo n.º 2
0
def test_set_cookiejar(httpbin):
    """Set cookies locally and test that they are received remotely."""
    # construct a phony cookiejar and attach it to the session
    jar = RequestsCookieJar()
    jar.set('field', 'value')
    assert jar.get('field') == 'value'

    browser = mechanicalsoup.Browser()
    browser.set_cookiejar(jar)
    resp = browser.get(httpbin + "/cookies")
    assert resp.json() == {'cookies': {'field': 'value'}}
Ejemplo n.º 3
0
def test_set_cookiejar(httpbin):
    """Set cookies locally and test that they are received remotely."""
    # construct a phony cookiejar and attach it to the session
    jar = RequestsCookieJar()
    jar.set('field', 'value')
    assert jar.get('field') == 'value'

    browser = mechanicalsoup.Browser()
    browser.set_cookiejar(jar)
    resp = browser.get(httpbin + "/cookies")
    assert resp.json() == {'cookies': {'field': 'value'}}
Ejemplo n.º 4
0
    def update_request_cookies(self, request):
        """
        Ensure login of the user and update the request cookies if Twitcher is in a special configuration.

        Only update if `MAGPIE_COOKIE_NAME` is missing and is retrievable from `access_token` in `Authorization` header.
        Counter-validate the login procedure by calling Magpie's `/session` which should indicated a logged user.
        """
        token_name = get_constant("MAGPIE_COOKIE_NAME",
                                  settings_name=request.registry.settings)
        if "Authorization" in request.headers and token_name not in request.cookies:
            magpie_prov = request.params.get("provider", "WSO2")
            magpie_path = ProviderSigninAPI.path.format(
                provider_name=magpie_prov)
            magpie_auth = "{}{}".format(self.magpie_url, magpie_path)
            headers = dict(request.headers)
            headers.update({
                "Homepage-Route": "/session",
                "Accept": CONTENT_TYPE_JSON
            })
            session_resp = requests.get(magpie_auth,
                                        headers=headers,
                                        verify=self.twitcher_ssl_verify)
            if session_resp.status_code != HTTPOk.code:
                raise OWSAccessForbidden(
                    "Not authorized to access this resource. " +
                    "Provider login failed with following reason: [{}].".
                    format(session_resp.reason))

            # use specific domain to differentiate between `.{hostname}` and `{hostname}` variations if applicable
            # noinspection PyProtectedMember
            request_cookies = session_resp.request._cookies
            magpie_cookies = list(
                filter(lambda cookie: cookie.name == token_name,
                       request_cookies))
            magpie_domain = urlparse(
                self.magpie_url).hostname if len(magpie_cookies) > 1 else None
            session_cookies = RequestsCookieJar.get(request_cookies,
                                                    token_name,
                                                    domain=magpie_domain)
            if not session_resp.json().get(
                    "authenticated") or not session_cookies:
                raise OWSAccessForbidden(
                    "Not authorized to access this resource. " +
                    "Session authentication could not be verified.")
            request.cookies.update({token_name: session_cookies})