def validate_user_token(self):
if not self._user_auth_middleware:
# following config forces keystone middleware to always return the
# result back in HTTP_X_IDENTITY_STATUS env variable
conf_info = self._conf_info.copy()
conf_info['delay_auth_decision'] = True
self._user_auth_middleware = auth_token.AuthProtocol(
self.token_valid, conf_info)
if not self._user_auth_middleware:
return False, (403, " Permission denied")
request_attrs = {
'REQUEST_METHOD': get_request().route.method,
'bottle.app': get_request().environ['bottle.app'],
}
if 'HTTP_X_AUTH_TOKEN' in get_request().environ:
request_attrs['HTTP_X_AUTH_TOKEN'] =\
get_request().environ['HTTP_X_AUTH_TOKEN'].encode("ascii")
elif 'HTTP_X_USER_TOKEN' in get_request().environ:
request_attrs['HTTP_X_USER_TOKEN'] =\
get_request().environ['HTTP_X_USER_TOKEN'].encode("ascii")
else:
return False, (400, "User token needed for validation")
b_req = bottle.BaseRequest(request_attrs)
# get permissions in internal context
orig_context = get_context()
i_req = ApiInternalRequest(b_req.url, b_req.urlparts, b_req.environ,
b_req.headers, None, None)
set_context(ApiContext(internal_req=i_req))
try:
token_info = self._user_auth_middleware(
get_request().headers.environ, self.start_response)
finally:
set_context(orig_context)
return True, token_info
def validate_user_token(self):
if not self._user_auth_middleware:
# following config forces keystone middleware to always return the
# result back in HTTP_X_IDENTITY_STATUS env variable
conf_info = self._conf_info.copy()
conf_info['delay_auth_decision'] = True
self._user_auth_middleware = auth_token.AuthProtocol(
self.token_valid, conf_info)
if not self._user_auth_middleware:
return False, (403, " Permission denied")
request_attrs = {
'REQUEST_METHOD': get_request().route.method,
'bottle.app': get_request().environ['bottle.app'],
}
if 'HTTP_X_AUTH_TOKEN' in get_request().environ:
request_attrs['HTTP_X_AUTH_TOKEN'] =\
get_request().environ['HTTP_X_AUTH_TOKEN'].encode("ascii")
elif 'HTTP_X_USER_TOKEN' in get_request().environ:
request_attrs['HTTP_X_USER_TOKEN'] =\
get_request().environ['HTTP_X_USER_TOKEN'].encode("ascii")
else:
return False, (400, "User token needed for validation")
b_req = bottle.BaseRequest(request_attrs)
# get permissions in internal context
orig_context = get_context()
i_req = ApiInternalRequest(b_req.url, b_req.urlparts, b_req.environ,
b_req.headers, None, None)
set_context(ApiContext(internal_req=i_req))
try:
token_info = self._user_auth_middleware(
get_request().headers.environ, self.start_response)
finally:
set_context(orig_context)
return True, token_info