def invalidate_all_tokens(self, user=None): if user is None: user = self.get_user() user.uuid = getUUID() user.save() return True
def fill_payload(self, userobj, expiration=None, token_type=None): """ Informations to store inside the JWT token, starting from the user obtained from the current service Claim attributes listed here: http://blog.apcelent.com/json-web-token-tutorial-example-python.html TTL is measured in seconds """ if expiration is None: expiration = timedelta(seconds=self.longTTL) payload = {'user_id': userobj.uuid, 'jti': getUUID()} short_jwt = (Detector.get_global_var('AUTH_FULL_JWT_PAYLOAD', '').lower() == 'false') if token_type is not None: if token_type in (self.PWD_RESET, self.ACTIVATE_ACCOUNT): short_jwt = True payload["t"] = token_type if not short_jwt: now = datetime.now(pytz.utc) nbf = now # you can add a timedelta exp = now + expiration payload['iat'] = now payload['nbf'] = nbf payload['exp'] = exp return payload
def manage_missing_parameter( self, func: Any, param: str, definition: fields.Field, update: Update, context: CallbackContext[UD, CD, BD], error: List[str], ) -> None: if not update.message: # pragma log.critical( "Debug code: missing message in manage_missing_parameter") return None # Parameters without description should raise some kind of errors/warnings? if "description" in definition.metadata: description = definition.metadata["description"] else: # pragma: no cover description = "???" # Enum -> InlineKeyboardButton if definition.validate and isinstance(definition.validate, validate.OneOf): choices = definition.validate.choices labels = definition.validate.labels if len(tuple(labels)) != len(tuple(choices)): labels = choices keyboard = [] for k, val in dict(zip(choices, labels)).items(): data_key = getUUID() # Because func, update and context are not (easily) serializable they # are saved in a data_cache and the callback will access them # by using the assigned unique data_key data_cache[data_key] = { "func": func, "update": update, "context": context, "parameter": k, } # All InlineKeyboardButton are registered with one single callback # function (SIGH and SOB!!). The data_key passed as callback_data will # be used to access the specific data and call again the command func # by augmenting the parameters list with the choice from the button keyboard.append( [InlineKeyboardButton(val, callback_data=data_key)]) reply_markup = InlineKeyboardMarkup(keyboard) update.message.reply_text(description, reply_markup=reply_markup) # Other errors # Never raised during tests else: # pragma: no cover update.message.reply_text(f"{description}\n{param}: {error[0]}")
def create_group(self, groupdata: Dict[str, Any]) -> Group: groupdata.setdefault("uuid", getUUID()) group = self.db.Group(**groupdata) self.db.session.add(group) self.db.session.commit() return group
def create_group(self, groupdata: Dict[str, Any]) -> Group: groupdata.setdefault("uuid", getUUID()) groupdata.setdefault("id", groupdata["uuid"]) group = self.db.Group(**groupdata) group.save() return group
def invalidate_all_tokens(self, user=None): """ To invalidate all tokens the user uuid is changed """ if user is None: user = self._user user.uuid = getUUID() user.save() log.warning("User uuid changed to: {}", user.uuid) return True
def fill_payload( self, user: User, expiration: Optional[datetime] = None, token_type: Optional[str] = None, ) -> Tuple[Payload, Payload]: """Informations to store inside the JWT token, starting from the user obtained from the current service Claim attributes listed here: http://blog.apcelent.com/json-web-token-tutorial-example-python.html TTL is measured in seconds """ payload: Payload = {"user_id": user.uuid, "jti": getUUID()} full_payload: Payload = payload.copy() if not token_type: token_type = self.FULL_TOKEN short_token = False if token_type in ( self.PWD_RESET, self.ACTIVATE_ACCOUNT, self.UNLOCK_CREDENTIALS, ): short_token = True payload["t"] = token_type full_payload["t"] = token_type now = datetime.now(pytz.utc) if expiration is None: expiration = now + timedelta(seconds=self.DEFAULT_TOKEN_TTL) full_payload["iat"] = now full_payload["nbf"] = now # you may add a timedelta full_payload["exp"] = expiration if not short_token: payload["iat"] = full_payload["iat"] payload["nbf"] = full_payload["nbf"] payload["exp"] = full_payload["exp"] # first used for encoding # second used to store information on backend DB return payload, full_payload
def invalidate_all_tokens(self, user=None): """ To invalidate all tokens the user uuid is changed """ if user is None: user = self._user user.uuid = getUUID() try: self.db.session.add(user) self.db.session.commit() log.warning("User uuid changed to: {}", user.uuid) except BaseException as e: log.error("DB error ({}), rolling back", e) self.db.session.rollback() return True
def create_user(self, userdata: Dict[str, Any], roles: List[str]) -> User: userdata.setdefault("authmethod", "credentials") userdata.setdefault("uuid", getUUID()) if "password" in userdata: userdata["password"] = self.get_password_hash(userdata["password"]) userdata, extra_userdata = self.custom_user_properties_pre(userdata) user = self.db.User(**userdata) self.link_roles(user, roles) self.custom_user_properties_post(user, userdata, extra_userdata, self.db) self.db.session.add(user) return user
def create_user(self, userdata, roles): if "authmethod" not in userdata: userdata["authmethod"] = "credentials" if "password" in userdata: userdata["password"] = self.get_password_hash(userdata["password"]) if "uuid" not in userdata: userdata["uuid"] = getUUID() userdata = self.custom_user_properties(userdata) user = self.db.User(**userdata) self.link_roles(user, roles) self.db.session.add(user) return user
def wrapper(self: Any, *args: Any, **kwargs: Any) -> Any: out = None try: out = func(self, *args, **kwargs) # Catch the exception requested by the user except RestApiException as e: if e.is_warning: log.warning(e) else: log.exception(e) log.error(e) return self.response( e.args[0], code=e.status_code, force_json=True, ) except werkzeug.exceptions.BadRequest: # pragma: no cover # do not stop werkzeug BadRequest raise except werkzeug.exceptions.UnprocessableEntity: # do not stop werkzeug UnprocessableEntity, it will be # catched by handle_marshmallow_errors raise # raised in case of malformed Range header except werkzeug.exceptions.RequestedRangeNotSatisfiable: raise # Catch any other exception # errors with RabbitMQ credentials raised when sending Celery tasks except AccessRefused as e: # pragma: no cover log.error(e) return self.response("Unexpected Server Error", code=500, force_json=True) except Exception as e: if SENTRY_URL is not None: # pragma: no cover capture_exception(e) excname = e.__class__.__name__ message = str(e) if not message: # pragma: no cover message = "Unknown error" error_id = getUUID() log.error("Catched {} exception with ID {}: {}", excname, error_id, message) log.exception(message) if excname in ["SystemError"]: # pragma: no cover return self.response("Unexpected Server Error", code=500, force_json=True) return self.response( { excname: f"There was an unexpected error. ErrorID: {error_id}" }, code=400, ) return out
def custom_user_properties(self, userdata): new_userdata = super(Authentication, self).custom_user_properties(userdata) if not new_userdata.get('uuid'): new_userdata['uuid'] = getUUID() return new_userdata