def validate_bearer_token(self, token, scopes, request): self.authenticate_client(request) try: credentials = auth.decode_token(token, request.client.secret) request.user = credentials.get('userId') return True except: pass return False
def validate_bearer_token(self, token, scopes, request): if token is None: return False client = request.registry.web_client ttl = auth.DEFAULT_TTL try: token = auth.decode_token(token, client.client_secret, ttl) except auth.TokenInvalid: return False request.client = client # TODO: 3rd party authorizations request.user = token.get('userId') request.scopes = token.get('scopes', []) return True
def validate_request(self, request): token = request.headers.get('X-Annotator-Auth-Token') if token is None: return False client = get_consumer(request) if client is None: return False try: token = auth.decode_token(token, client.secret, client.ttl) except auth.TokenInvalid: return False if token['consumerKey'] != client.client_id: return False request.user = token.get('userId') return True
def test_decode_token(self): tok = auth.encode_token({}, 'secret') assert auth.decode_token(tok, 'secret'), "token should have been successfully decoded"
def test_decode_token_unicode(self): tok = auth.encode_token({}, 'secret') assert auth.decode_token( unicode(tok), 'secret'), "token should have been successfully decoded"