def shorten(matchobj):
url = matchobj.group(0)
settings = getMAXSettings(request)
bitly_username = settings.get('max_bitly_username', '')
bitly_api_key = settings.get('max_bitly_api_key', '')
return shortenURL(url, bitly_username, bitly_api_key, secure=request.url.startswith('https://'))
def new_function(*args, **kw):
nkargs = [a for a in args]
context, request = isinstance(nkargs[0], Root) and tuple(nkargs) or tuple(nkargs[::-1])
# Extract the username and token from request headers
# It will be like:
# headers = {"X-Oauth-Token": "jfa1sDF2SDF234", "X-Oauth-Username": "******", "X-Oauth-Scope": "widgetcli"}
settings = getMAXSettings(request)
oauth_token = request.headers.get("X-Oauth-Token", "")
username = request.headers.get("X-Oauth-Username", "")
scope = request.headers.get("X-Oauth-Scope", "")
if not oauth_token or not username:
raise Unauthorized, "No auth headers found."
if allowed_scopes:
if scope not in allowed_scopes:
raise Unauthorized, "The specified scope is not allowed for this resource."
# Validate access token
payload = {"oauth_token": oauth_token, "user_id": username}
if scope:
payload["scope"] = scope
r = requests.post(settings["max_oauth_check_endpoint"], data=payload, verify=False)
if r.status_code == 200:
# Valid token, proceed.
return view_function(*args, **kw)
else:
raise Unauthorized, "Invalid token."
def _validate_user(self, request):
"""
Extracts and validates user from the request.
Performs several checks that will result on Unauthorized
exceptions if failed. At the end the successfully authenticated
username is returned.
"""
oauth_token, username, scope = request.auth_headers
if scope not in self.allowed_scopes:
raise Unauthorized('The specified scope is not allowed for this resource.')
settings = getMAXSettings(request)
valid = check_token(
settings['max_oauth_check_endpoint'],
username, oauth_token, scope,
asbool(settings.get('max_oauth_standard', True)))
if not valid:
raise Unauthorized('Invalid token.')
request.__authenticated_userid__ = username
return username
def __init__(self, request):
self.request = request
settings = getMAXSettings(request)
self.url = settings.get('max_rabbitmq', '')
self.message_defaults = settings.get('max_message_defaults', {})
self.enabled = True
client_properties = {
"product": "max",
"version": pkg_resources.require('max')[0].version,
"platform": 'Python {0.major}.{0.minor}.{0.micro}'.format(sys.version_info),
"server": settings.get('max_server', '')
}
try:
self.client = RabbitClient(self.url, client_properties=client_properties)
except AttributeError:
self.enabled = False
except socket_error:
raise ConnectionError("Could not connect to rabbitmq broker")
def new_function(*args, **kw):
nkargs = [a for a in args]
context, request = isinstance(
nkargs[0], Root) and tuple(nkargs) or tuple(nkargs[::-1])
# Extract the username and token from request headers
# It will be like:
# headers = {"X-Oauth-Token": "jfa1sDF2SDF234", "X-Oauth-Username": "******", "X-Oauth-Scope": "widgetcli"}
settings = getMAXSettings(request)
oauth_token = request.headers.get('X-Oauth-Token', '')
username = request.headers.get('X-Oauth-Username', '')
scope = request.headers.get('X-Oauth-Scope', '')
if not oauth_token or not username:
raise Unauthorized, 'No auth headers found.'
if allowed_scopes:
if scope not in allowed_scopes:
raise Unauthorized, 'The specified scope is not allowed for this resource.'
# Validate access token
payload = {
"oauth_token": oauth_token,
"user_id": username,
}
if scope:
payload['scope'] = scope
r = requests.post(settings['max_oauth_check_endpoint'],
data=payload,
verify=False)
if r.status_code == 200:
# Valid token, proceed.
return view_function(*args, **kw)
else:
raise Unauthorized, 'Invalid token.'
