def write_key(request):
'''write the password used to encrypt funf database files to your PDS'''
response = None
try:
token = request.GET['bearer_token']
scope = "funf_write"
scope = AccessRange.objects.get(key="funf_write")
authenticator = Authenticator(scope=scope)
try:
# Validate the request.
authenticator.validate(request)
except AuthenticationException:
# Return an error response.
return authenticator.error_response(
content="You didn't authenticate.")
profile = authenticator.user.get_profile()
profile.funf_password = json.loads(request.raw_post_data)['key']
profile.save()
response_content = json.dumps({'status': 'success'})
response = HttpResponse(content=response_content)
except Exception as ex:
print "EXCEPTION:"
print ex
response = HttpResponseBadRequest('failed to write funf key')
return response
def write_key(request):
'''write the password used to encrypt funf database files to your PDS'''
response = None
try:
token = request.GET['bearer_token']
scope = "funf_write"
print "POST data"
scope = AccessRange.objects.get(key="funf_write")
authenticator = Authenticator(scope=scope)
try:
# Validate the request.
authenticator.validate(request)
except AuthenticationException:
# Return an error response.
return authenticator.error_response(content="You didn't authenticate.")
username = authenticator.user.get_profile().funf_password
profile = authenticator.user.get_profile()
profile.funf_password = json.loads(request.raw_post_data)['key']
profile.save()
response_content = json.dumps({'status':'success'})
response = HttpResponse(content=response_content)
except Exception as ex:
print "EXCEPTION:"
print ex
response = HttpResponseBadRequest('failed to write funf key')
return response
def email_str(request):
authenticator = Authenticator()
try:
authenticator.validate(request)
except AuthenticationException:
return authenticator.error_response()
return HttpResponse(authenticator.user.email)
def email_str(request):
authenticator = Authenticator()
try:
authenticator.validate(request)
except AuthenticationException:
return authenticator.error_response()
return HttpResponse(authenticator.user.email)
def last_name_str(request):
scope = AccessRange.objects.get(key="last_name")
authenticator = Authenticator(scope=scope)
try:
authenticator.validate(request)
except AuthenticationException:
return authenticator.error_response()
return HttpResponse(authenticator.user.last_name)
def first_and_last_name_str(request):
scope = AccessRange.objects.filter(key__in=["first_name", "last_name"])
authenticator = Authenticator(scope=scope)
try:
authenticator.validate(request)
except AuthenticationException:
return authenticator.error_response()
return HttpResponse(authenticator.user.first_name + " " + authenticator.user.last_name)
def last_name_str(request):
scope = AccessRange.objects.get(key="last_name")
authenticator = Authenticator(scope=scope)
try:
authenticator.validate(request)
except AuthenticationException:
return authenticator.error_response()
return HttpResponse(authenticator.user.last_name)
def first_and_last_name_str(request):
scope = AccessRange.objects.filter(key__in=["first_name", "last_name"])
authenticator = Authenticator(scope=scope)
try:
authenticator.validate(request)
except AuthenticationException:
return authenticator.error_response()
return HttpResponse(authenticator.user.first_name + " " +
authenticator.user.last_name)
def process_request(self, request):
authenticator = Authenticator()
try:
authenticator.validate(request)
except AuthenticationException as e:
if authenticator.bearer_token or authenticator.auth_type in ['bearer', 'mac']:
return authenticator.error_response(content="You didn't authenticate.")
else:
request.user = OAuth2ProxyUser(authenticator.access_token)
def check(request):
""""Page accessed by check script to verify router has token. """
authenticator = Authenticator()
try:
# Validate the request.
authenticator.validate(request)
except AuthenticationException:
# Return an error response.
return authenticator.error_response(content="You didn't authenticate.")
username = authenticator.user.email
return HttpResponse(content="good token %s" % username)
def check(request):
""""Page accessed by check script to verify router has token. """
authenticator = Authenticator()
try:
# Validate the request.
authenticator.validate(request)
except AuthenticationException:
# Return an error response.
return authenticator.error_response(content="You didn't authenticate.")
username = authenticator.user.email
return HttpResponse(content="good token %s" % username)
def storage(request, acct, path=""):
# Fast-path for CORS preflight requests
if (
request.method == "OPTIONS"
and request.META.get("HTTP_ORIGIN")
and request.META.get("HTTP_ACCESS_CONTROL_REQUEST_METHOD")
):
# Mirror response headers
response = HttpResponse("")
response["Access-Control-Allow-Origin"] = request.META["HTTP_ORIGIN"]
response["Access-Control-Allow-Methods"] = request.META["HTTP_ACCESS_CONTROL_REQUEST_METHOD"]
response["Access-Control-Allow-Headers"] = request.META.get("HTTP_ACCESS_CONTROL_REQUEST_HEADERS", "*")
return response
authenticator = Authenticator()
try:
authenticator.validate(request)
except AuthenticationException:
auth_fail = authenticator.error_response(
content="OAuth2 authentication failure," ' see "WWW-Authenticate" header for details.'
)
else:
auth_fail = None
# It's also possible to check that acct==user here,
# but I'm not sure about how and when it's actually useful
# Normalize the path
path = "/".join(it.ifilter(None, path.split("/")))
# Check if access to path is authorized for this token
category = dirname(path)
path_caps, auth_required = caps(request.method)
path_caps = list("{}:{}".format(category, cap) for cap in path_caps)
log.debug(("(acct: {}, path: {}) required" " cap (any): {}").format(acct, path, ", ".join(path_caps)))
if auth_fail:
# One special case - "public:r" access, otherwise 401
if auth_required or "public:r" not in path_caps:
return auth_fail
user = User.objects.get(username=acct)
elif not authenticator.scope.filter(key__in=path_caps).exists():
# Authorized clients get 403 instead
log.debug(
("(acct: {}, path: {}) access denied," " caps available: {}").format(
acct, path, ", ".join(authenticator.scope.values_list("key", flat=True))
)
)
return HttpResponseForbidden(
"Access (method: {})" ' to path "{}" is forbidden for this token.'.format(request.method, path)
)
else:
user = authenticator.user
return storage_api(request, StoredObject.objects.user_path(user, path))
def attributes(request):
authenticator = Authenticator()
requested_attributes = request.REQUEST.get('attributes', '').split(',')
try:
authenticator.validate(request)
except AuthenticationException:
return authenticator.error_response(content="You didn't authenticate.")
scope = authenticator.scope
user = authenticator.user
response = {}
for attribute in requested_attributes:
try: a = Attribute.objects.get(attribute=attribute)
except Attribute.DoesNotExist: continue
if a.scope in scope:
try: response[attribute] = eval('user.'+attribute)
except: pass
return HttpResponse(json.dumps(response))
def attributes(request):
authenticator = Authenticator()
requested_attributes = request.REQUEST.get('attributes', '').split(',')
try:
authenticator.validate(request)
except AuthenticationException:
return authenticator.error_response(content="You didn't authenticate.")
scope = authenticator.scope
user = authenticator.user
response = {}
for attribute in requested_attributes:
try:
a = Attribute.objects.get(attribute=attribute)
except Attribute.DoesNotExist:
continue
if a.scope in scope:
try:
response[attribute] = eval('user.' + attribute)
except:
pass
return HttpResponse(json.dumps(response))
def automatic_error_str(request):
authenticator = Authenticator()
return authenticator.error_response()
def automatic_error_str(request):
authenticator = Authenticator()
return authenticator.error_response()
