def write_key(request): '''write the password used to encrypt funf database files to your PDS''' response = None try: token = request.GET['bearer_token'] scope = "funf_write" scope = AccessRange.objects.get(key="funf_write") authenticator = Authenticator(scope=scope) try: # Validate the request. authenticator.validate(request) except AuthenticationException: # Return an error response. return authenticator.error_response( content="You didn't authenticate.") profile = authenticator.user.get_profile() profile.funf_password = json.loads(request.raw_post_data)['key'] profile.save() response_content = json.dumps({'status': 'success'}) response = HttpResponse(content=response_content) except Exception as ex: print "EXCEPTION:" print ex response = HttpResponseBadRequest('failed to write funf key') return response
def write_key(request): '''write the password used to encrypt funf database files to your PDS''' response = None try: token = request.GET['bearer_token'] scope = "funf_write" print "POST data" scope = AccessRange.objects.get(key="funf_write") authenticator = Authenticator(scope=scope) try: # Validate the request. authenticator.validate(request) except AuthenticationException: # Return an error response. return authenticator.error_response(content="You didn't authenticate.") username = authenticator.user.get_profile().funf_password profile = authenticator.user.get_profile() profile.funf_password = json.loads(request.raw_post_data)['key'] profile.save() response_content = json.dumps({'status':'success'}) response = HttpResponse(content=response_content) except Exception as ex: print "EXCEPTION:" print ex response = HttpResponseBadRequest('failed to write funf key') return response
def email_str(request): authenticator = Authenticator() try: authenticator.validate(request) except AuthenticationException: return authenticator.error_response() return HttpResponse(authenticator.user.email)
def email_str(request): authenticator = Authenticator() try: authenticator.validate(request) except AuthenticationException: return authenticator.error_response() return HttpResponse(authenticator.user.email)
def last_name_str(request): scope = AccessRange.objects.get(key="last_name") authenticator = Authenticator(scope=scope) try: authenticator.validate(request) except AuthenticationException: return authenticator.error_response() return HttpResponse(authenticator.user.last_name)
def first_and_last_name_str(request): scope = AccessRange.objects.filter(key__in=["first_name", "last_name"]) authenticator = Authenticator(scope=scope) try: authenticator.validate(request) except AuthenticationException: return authenticator.error_response() return HttpResponse(authenticator.user.first_name + " " + authenticator.user.last_name)
def last_name_str(request): scope = AccessRange.objects.get(key="last_name") authenticator = Authenticator(scope=scope) try: authenticator.validate(request) except AuthenticationException: return authenticator.error_response() return HttpResponse(authenticator.user.last_name)
def first_and_last_name_str(request): scope = AccessRange.objects.filter(key__in=["first_name", "last_name"]) authenticator = Authenticator(scope=scope) try: authenticator.validate(request) except AuthenticationException: return authenticator.error_response() return HttpResponse(authenticator.user.first_name + " " + authenticator.user.last_name)
def process_request(self, request): authenticator = Authenticator() try: authenticator.validate(request) except AuthenticationException as e: if authenticator.bearer_token or authenticator.auth_type in ['bearer', 'mac']: return authenticator.error_response(content="You didn't authenticate.") else: request.user = OAuth2ProxyUser(authenticator.access_token)
def check(request): """"Page accessed by check script to verify router has token. """ authenticator = Authenticator() try: # Validate the request. authenticator.validate(request) except AuthenticationException: # Return an error response. return authenticator.error_response(content="You didn't authenticate.") username = authenticator.user.email return HttpResponse(content="good token %s" % username)
def check(request): """"Page accessed by check script to verify router has token. """ authenticator = Authenticator() try: # Validate the request. authenticator.validate(request) except AuthenticationException: # Return an error response. return authenticator.error_response(content="You didn't authenticate.") username = authenticator.user.email return HttpResponse(content="good token %s" % username)
def storage(request, acct, path=""): # Fast-path for CORS preflight requests if ( request.method == "OPTIONS" and request.META.get("HTTP_ORIGIN") and request.META.get("HTTP_ACCESS_CONTROL_REQUEST_METHOD") ): # Mirror response headers response = HttpResponse("") response["Access-Control-Allow-Origin"] = request.META["HTTP_ORIGIN"] response["Access-Control-Allow-Methods"] = request.META["HTTP_ACCESS_CONTROL_REQUEST_METHOD"] response["Access-Control-Allow-Headers"] = request.META.get("HTTP_ACCESS_CONTROL_REQUEST_HEADERS", "*") return response authenticator = Authenticator() try: authenticator.validate(request) except AuthenticationException: auth_fail = authenticator.error_response( content="OAuth2 authentication failure," ' see "WWW-Authenticate" header for details.' ) else: auth_fail = None # It's also possible to check that acct==user here, # but I'm not sure about how and when it's actually useful # Normalize the path path = "/".join(it.ifilter(None, path.split("/"))) # Check if access to path is authorized for this token category = dirname(path) path_caps, auth_required = caps(request.method) path_caps = list("{}:{}".format(category, cap) for cap in path_caps) log.debug(("(acct: {}, path: {}) required" " cap (any): {}").format(acct, path, ", ".join(path_caps))) if auth_fail: # One special case - "public:r" access, otherwise 401 if auth_required or "public:r" not in path_caps: return auth_fail user = User.objects.get(username=acct) elif not authenticator.scope.filter(key__in=path_caps).exists(): # Authorized clients get 403 instead log.debug( ("(acct: {}, path: {}) access denied," " caps available: {}").format( acct, path, ", ".join(authenticator.scope.values_list("key", flat=True)) ) ) return HttpResponseForbidden( "Access (method: {})" ' to path "{}" is forbidden for this token.'.format(request.method, path) ) else: user = authenticator.user return storage_api(request, StoredObject.objects.user_path(user, path))
def attributes(request): authenticator = Authenticator() requested_attributes = request.REQUEST.get('attributes', '').split(',') try: authenticator.validate(request) except AuthenticationException: return authenticator.error_response(content="You didn't authenticate.") scope = authenticator.scope user = authenticator.user response = {} for attribute in requested_attributes: try: a = Attribute.objects.get(attribute=attribute) except Attribute.DoesNotExist: continue if a.scope in scope: try: response[attribute] = eval('user.'+attribute) except: pass return HttpResponse(json.dumps(response))
def attributes(request): authenticator = Authenticator() requested_attributes = request.REQUEST.get('attributes', '').split(',') try: authenticator.validate(request) except AuthenticationException: return authenticator.error_response(content="You didn't authenticate.") scope = authenticator.scope user = authenticator.user response = {} for attribute in requested_attributes: try: a = Attribute.objects.get(attribute=attribute) except Attribute.DoesNotExist: continue if a.scope in scope: try: response[attribute] = eval('user.' + attribute) except: pass return HttpResponse(json.dumps(response))
def automatic_error_str(request): authenticator = Authenticator() return authenticator.error_response()
def automatic_error_str(request): authenticator = Authenticator() return authenticator.error_response()