def get_admin_cookies(container, verify=True, raise_message=None):
# type: (AnySettingsContainer, bool, Optional[Str]) -> CookiesType
from magpie.api.schemas import SigninAPI # pylint: disable=C0415
magpie_url = get_magpie_url(container)
magpie_login_url = "{}{}".format(magpie_url, SigninAPI.path)
cred = {
"user_name": get_constant("MAGPIE_ADMIN_USER", container),
"password": get_constant("MAGPIE_ADMIN_PASSWORD", container)
}
resp = requests.post(magpie_login_url,
data=cred,
headers={"Accept": CONTENT_TYPE_JSON},
verify=verify)
if resp.status_code != HTTPOk.code:
if raise_message:
raise_log(raise_message, logger=LOGGER)
raise resp.raise_for_status()
token_name = get_constant("MAGPIE_COOKIE_NAME", container)
# use specific domain to differentiate between `.{hostname}` and `{hostname}` variations if applicable
request_cookies = resp.cookies
magpie_cookies = list(
filter(lambda cookie: cookie.name == token_name, request_cookies))
magpie_domain = urlparse(
magpie_url).hostname if len(magpie_cookies) > 1 else None
session_cookies = RequestsCookieJar.get(request_cookies,
token_name,
domain=magpie_domain)
return {token_name: session_cookies}
def test_set_cookiejar(httpbin):
"""Set cookies locally and test that they are received remotely."""
# construct a phony cookiejar and attach it to the session
jar = RequestsCookieJar()
jar.set('field', 'value')
assert jar.get('field') == 'value'
browser = mechanicalsoup.Browser()
browser.set_cookiejar(jar)
resp = browser.get(httpbin + "/cookies")
assert resp.json() == {'cookies': {'field': 'value'}}
def test_set_cookiejar(httpbin):
"""Set cookies locally and test that they are received remotely."""
# construct a phony cookiejar and attach it to the session
jar = RequestsCookieJar()
jar.set('field', 'value')
assert jar.get('field') == 'value'
browser = mechanicalsoup.Browser()
browser.set_cookiejar(jar)
resp = browser.get(httpbin + "/cookies")
assert resp.json() == {'cookies': {'field': 'value'}}
def update_request_cookies(self, request):
"""
Ensure login of the user and update the request cookies if Twitcher is in a special configuration.
Only update if `MAGPIE_COOKIE_NAME` is missing and is retrievable from `access_token` in `Authorization` header.
Counter-validate the login procedure by calling Magpie's `/session` which should indicated a logged user.
"""
token_name = get_constant("MAGPIE_COOKIE_NAME",
settings_name=request.registry.settings)
if "Authorization" in request.headers and token_name not in request.cookies:
magpie_prov = request.params.get("provider", "WSO2")
magpie_path = ProviderSigninAPI.path.format(
provider_name=magpie_prov)
magpie_auth = "{}{}".format(self.magpie_url, magpie_path)
headers = dict(request.headers)
headers.update({
"Homepage-Route": "/session",
"Accept": CONTENT_TYPE_JSON
})
session_resp = requests.get(magpie_auth,
headers=headers,
verify=self.twitcher_ssl_verify)
if session_resp.status_code != HTTPOk.code:
raise OWSAccessForbidden(
"Not authorized to access this resource. " +
"Provider login failed with following reason: [{}].".
format(session_resp.reason))
# use specific domain to differentiate between `.{hostname}` and `{hostname}` variations if applicable
# noinspection PyProtectedMember
request_cookies = session_resp.request._cookies
magpie_cookies = list(
filter(lambda cookie: cookie.name == token_name,
request_cookies))
magpie_domain = urlparse(
self.magpie_url).hostname if len(magpie_cookies) > 1 else None
session_cookies = RequestsCookieJar.get(request_cookies,
token_name,
domain=magpie_domain)
if not session_resp.json().get(
"authenticated") or not session_cookies:
raise OWSAccessForbidden(
"Not authorized to access this resource. " +
"Session authentication could not be verified.")
request.cookies.update({token_name: session_cookies})
