Example #1
0
def verify_auth_token(data):
    """
    Verifies a Auth Token in a QueryDict. Returns a
    django.contrib.auth.models.User instance if successful or False.
    """
    if 'auth_token' not in data:
        return False
    if 'request_token' not in data:
        return False
    auth_token = data['auth_token']
    params = [('auth_token', auth_token), ('key', settings.SIMPLE_SSO_KEY)]
    signature = build_signature(params, settings.SIMPLE_SSO_SECRET)
    params.append(('signature', signature))
    url = urljoin(settings.SIMPLE_SSO_SERVER, 'verify') + '/'
    response = requests.get(url, params=dict(params))
    if response.status_code != 200:
        return False
    data = QueryDict(response.content)
    if 'signature' not in data:
        return False
    if 'user' not in data:
        return False
    params = [(key, value) for key,value in data.items() if key != 'signature']
    if not verify_signature(params, data['signature'], settings.SIMPLE_SSO_SECRET):
        return False
    return load_json_user(data['user'])
Example #2
0
def verify_auth_token(data):
    """
    Verifies a Auth Token in a QueryDict. Returns a
    django.contrib.auth.models.User instance if successful or False.
    """
    if "auth_token" not in data:
        return False
    if "request_token" not in data:
        return False
    auth_token = data["auth_token"]
    params = [("auth_token", auth_token), ("key", settings.SIMPLE_SSO_KEY)]
    signature = build_signature(params, settings.SIMPLE_SSO_SECRET)
    params.append(("signature", signature))
    url = urljoin(settings.SIMPLE_SSO_SERVER, "verify") + "/"
    response = requests.get(url, dict(params))
    if response.status_code != 200:
        return False
    data = QueryDict(response.content)
    if "signature" not in data:
        return False
    if "user" not in data:
        return False
    params = [(key, value) for key, value in data.items() if key != "signature"]
    if not verify_signature(params, data["signature"], settings.SIMPLE_SSO_SECRET):
        return False
    return load_json_user(data["user"])
Example #3
0
def verify_auth_token(data):
    """
    Verifies a Auth Token in a QueryDict. Returns a
    django.contrib.auth.models.User instance if successful or False.
    """
    if 'auth_token' not in data:
        return False
    if 'request_token' not in data:
        return False
    auth_token = data['auth_token']
    params = [('auth_token', auth_token), ('key', settings.SIMPLE_SSO_KEY)]
    signature = build_signature(params, settings.SIMPLE_SSO_SECRET)
    params.append(('signature', signature))
    url = urljoin(settings.SIMPLE_SSO_SERVER, 'verify') + '/'
    response = requests.get(url, params=dict(params))
    if response.status_code != 200:
        return False
    data = QueryDict(response.content)
    if 'signature' not in data:
        return False
    if 'user' not in data:
        return False
    params = [(key, value) for key, value in data.items()
              if key != 'signature']
    if not verify_signature(params, data['signature'],
                            settings.SIMPLE_SSO_SECRET):
        return False
    return load_json_user(data['user'])
Example #4
0
 def test_load_json_user(self):
     userdata = {
         'username': '******',
         'password': '******',
         'first_name': 'mytestuser',
         'last_name': 'mytestuser',
         'email': '*****@*****.**',
         'is_staff': True,
         'is_superuser': False,
         'permissions': []
     }
     jsondata = simplejson.dumps(userdata)
     user = load_json_user(jsondata)
     for key in SIMPLE_KEYS:
         self.assertEqual(getattr(user, key), userdata[key])
     self.assertFalse(user.check_password('testpassword'))
Example #5
0
 def test_load_json_user(self):
     userdata = {
         'username': '******',
         'password': '******',
         'first_name': 'mytestuser',
         'last_name': 'mytestuser',
         'email': '*****@*****.**',
         'is_staff': True,
         'is_superuser': False,
         'permissions': []
     }
     jsondata = simplejson.dumps(userdata)
     user = load_json_user(jsondata)
     for key in SIMPLE_KEYS:
         self.assertEqual(getattr(user, key), userdata[key])
     self.assertFalse(user.check_password('testpassword'))
Example #6
0
 def test_load_json_user(self):
     userdata = {
         "username": "******",
         "password": "******",
         "first_name": "mytestuser",
         "last_name": "mytestuser",
         "email": "*****@*****.**",
         "is_staff": True,
         "is_superuser": False,
         "permissions": [],
     }
     jsondata = simplejson.dumps(userdata)
     user = load_json_user(jsondata)
     for key in SIMPLE_KEYS:
         self.assertEqual(getattr(user, key), userdata[key])
     self.assertFalse(user.check_password("testpassword"))
Example #7
0
 def test_load_json_user_with_permissions(self):
     userdata = {
         'username': '******',
         'password': '******',
         'first_name': 'mytestuser',
         'last_name': 'mytestuser',
         'email': '*****@*****.**',
         'is_staff': True,
         'is_superuser': False,
         'permissions': [
             {'codename': 'add_logentry', 'content_type': ['admin', 'logentry']}, 
             {'codename': 'change_logentry', 'content_type': ['admin', 'logentry']}, 
             {'codename': 'delete_logentry', 'content_type': ['admin', 'logentry']}
         ]
     }
     jsondata = simplejson.dumps(userdata)
     user = load_json_user(jsondata)
     for key in SIMPLE_KEYS:
         self.assertEqual(getattr(user, key), userdata[key])
     self.assertFalse(user.check_password('testpassword'))