def get_token(request): if request.credentials_id: token = request.db.get_token(request.credentials_id) _, credentials = get_hawk_credentials(token) return {'token': token, 'credentials': credentials} else: return forbidden_view(request)
def get_token(request): if request.credentials_id: token = request.db.get_token(request.credentials_id) _, credentials = get_hawk_credentials(token) return {"token": token, "credentials": credentials} else: return forbidden_view(request)
def post_browserid(request): """Get or create a token for this Assertion""" db = request.registry.browserid_db if 'assertion' in request.POST: # Persona login assertion = request.POST['assertion'] elif 'Authorization' in request.headers and \ request.headers['Authorization'].lower().startswith('browserid'): assertion = request.headers['Authorization'].split()[1] else: return forbidden_view() audience = json.loads(decode_bytes(assertion.split('.')[3]))['aud'] if audience not in request.registry['browserid.audiences']: raise HTTPBadRequest('Invalid audience') r = requests.post(request.registry['browserid.verifier_url'], data=json.dumps({'assertion': assertion, 'audience': audience}), headers={'Content-Type': 'application/json'}) if r.status_code == 500: raise HTTPBadRequest('An error occured: %s' % r.content) data = r.json() print data if data['issuer'] not in request.registry['browserid.trusted_issuers']: raise HTTPBadRequest( '%s is not configured as a trusted issuer.' % data['issuer'] ) user_id = data['email'] is_new = False try: token = db.get_user_token(user_id) except UserIdNotFound: is_new = True token = None token, credentials = get_hawk_credentials(token) if is_new: db.store_user_token(user_id, token) request.db.store_token(token, credentials) request.response.status = "201 Created" return { 'token': token, 'credentials': credentials }
def put_model(request): model_id = request.matchdict['model_id'] try: request.db.get_model_definition(model_id) if request.has_permission('put_model'): try: request.db.delete_model(model_id) except ModelNotFound: pass return handle_put_model(request) except ModelNotFound: return handle_put_model(request, create=True) return forbidden_view(request)