Example #1
0
def authenticate(token_id: str):
    """Finalize the authentication process.  It will be shown on web browser.

    :param token_id: token id created by :func:`create_access_token()`
    :type token_id: :class:`str`
    :status 400: when authentication is failed
    :status 404: when the given ``token_id`` doesn't exist
    :status 403: when the ``token_id`` is already finalized
    :status 200: when authentication is successfully done

    """
    token_store = get_token_store()
    team = get_team()
    token_expire = app.config['TOKEN_EXPIRE']
    if not isinstance(token_expire, datetime.timedelta):
        raise RuntimeError(
            'TOKEN_EXPIRE configuration must be an instance of '
            'datetime.timedelta, not {!r}'.format(token_expire)
        )
    try:
        state = token_store.get(token_id)
        current_app.logger.debug(
            'stored AuthenticationContinuation.state: %r',
            state
        )
    except TypeError:
        raise NotFound()
    if not isinstance(state, tuple) or state[0] != 'auth-state':
        raise Forbidden()
    requested_redirect_url = url_for(
        'authenticate',
        token_id=token_id,
        _external=True
    )
    try:
        identity = team.authenticate(
            state[1],
            requested_redirect_url,
            request.environ
        )
    except AuthenticationError as e:
        current_app.logger.debug(e, exc_info=1)
        raise BadRequest()
    expires_at = datetime.datetime.now(datetime.timezone.utc) + token_expire
    token_store.set(token_id, ('token', Token(identity, expires_at)),
                    timeout=int(token_expire.total_seconds()))
    return '<!DOCTYPE html>\n' + html.html(
        html.head(
            html.meta(charset='utf-8'),
            html.title('Geofront: Authentication success')
        ),
        html.body(
            html.h1(html.dfn('Geofront:'), ' Authentication success'),
            html.p('You may close the browser, and go back to the CLI.')
        )
    )
Example #2
0
def oauth2_callback():
    """Finalize the authentication process.  It will be shown on web browser.

    :status 400: when authentication is failed
    :status 404: when the given ``token_id`` doesn't exist
    :status 403: when the ``token_id`` is already finalized
    :status 200: when authentication is successfully done

    """
    token_id = request.args.get('token_id', '')
    token_store = get_token_store()
    team = get_team()
    token_expire = app.config['TOKEN_EXPIRE']
    if not isinstance(token_expire, datetime.timedelta):
        raise RuntimeError('TOKEN_EXPIRE configuration must be an instance of '
                           'datetime.timedelta, not {!r}'.format(token_expire))
    try:
        state = token_store.get(token_id)
        current_app.logger.debug('stored AuthenticationContinuation.state: %r',
                                 state)
    except TypeError:
        raise NotFound()
    if not isinstance(state, tuple) or state[0] != 'auth-state':
        raise Forbidden()

    if getattr(team, 'allow_callback_url_params', True):
        requested_redirect_url = url_for('authenticate',
                                         token_id=token_id,
                                         _external=True)
    else:
        requested_redirect_url = url_for('oauth2_callback',
                                         token_id=token_id,
                                         _external=True)
    try:
        identity = team.authenticate(state[1], requested_redirect_url,
                                     request.environ)
    except AuthenticationError as e:
        current_app.logger.debug(e, exc_info=1)
        raise BadRequest()
    expires_at = datetime.datetime.now(datetime.timezone.utc) + token_expire
    token_store.set(token_id, ('token', Token(identity, expires_at)),
                    timeout=int(token_expire.total_seconds()))
    return '<!DOCTYPE html>\n' + html.html(
        html.head(html.meta(charset='utf-8'),
                  html.title('Geofront: Authentication success')),
        html.body(
            html.h1(html.dfn('Geofront:'), ' Authentication success'),
            html.p('You may close the browser, and go back to the CLI.')))
Example #3
0
    def render_html(self, title, body, stylesheets=None, scripts=None, end=()):
        if stylesheets is None:
            stylesheets = self.STYLESHEETS

        if scripts is None:
            scripts = self.SCRIPTS

        return html.html(
            lang='en',
            *[
                html.head(
                    html.title(title), *[
                        html.link(rel='stylesheet', href=href)
                        for href in stylesheets
                    ]),
                html.body(*(body +
                            tuple(html.script(src=src)
                                  for src in scripts) + end)),
            ])
Example #4
0
def authenticate(token_id: str):
    """Finalize the authentication process.  It will be shown on web browser.

    :param token_id: token id created by :func:`create_access_token()`
    :type token_id: :class:`str`
    :status 400: when authentication is failed
    :status 404: when the given ``token_id`` doesn't exist
    :status 403: when the ``token_id`` is already finalized
    :status 200: when authentication is successfully done

    """
    token_store = get_token_store()
    team = get_team()
    token_expire = app.config['TOKEN_EXPIRE']
    if not isinstance(token_expire, datetime.timedelta):
        raise RuntimeError('TOKEN_EXPIRE configuration must be an instance of '
                           'datetime.timedelta, not {!r}'.format(token_expire))
    try:
        auth_nonce = token_store.get(token_id)
        current_app.logger.debug('stored auth_nonce: %r', auth_nonce)
    except TypeError:
        raise NotFound()
    if not isinstance(auth_nonce, str):
        raise Forbidden()
    requested_redirect_url = url_for('authenticate',
                                     token_id=token_id,
                                     _external=True)
    try:
        identity = team.authenticate(auth_nonce, requested_redirect_url,
                                     request.environ)
    except AuthenticationError:
        raise BadRequest()
    expires_at = datetime.datetime.now(datetime.timezone.utc) + token_expire
    token_store.set(token_id,
                    Token(identity, expires_at),
                    timeout=int(token_expire.total_seconds()))
    return '<!DOCTYPE html>\n' + html.html(
        html.head(html.meta(charset='utf-8'),
                  html.title('Geofront: Authentication success')),
        html.body(
            html.h1(html.dfn('Geofront:'), ' Authentication success'),
            html.p('You may close the browser, and go back to the CLI.')))
Example #5
0
def authenticate(token_id: str):
    """Finalize the authentication process.  It will be shown on web browser.

    :param token_id: token id created by :func:`create_access_token()`
    :type token_id: :class:`str`
    :status 400: when authentication is failed
    :status 404: when the given ``token_id`` doesn't exist
    :status 403: when the ``token_id`` is already finalized
    :status 200: when authentication is successfully done

    """
    token_store = get_token_store()
    team = get_team()
    token_expire = app.config["TOKEN_EXPIRE"]
    if not isinstance(token_expire, datetime.timedelta):
        raise RuntimeError(
            "TOKEN_EXPIRE configuration must be an instance of " "datetime.timedelta, not {!r}".format(token_expire)
        )
    try:
        auth_nonce = token_store.get(token_id)
        current_app.logger.debug("stored auth_nonce: %r", auth_nonce)
    except TypeError:
        raise NotFound()
    if not isinstance(auth_nonce, str):
        raise Forbidden()
    requested_redirect_url = url_for("authenticate", token_id=token_id, _external=True)
    try:
        identity = team.authenticate(auth_nonce, requested_redirect_url, request.environ)
    except AuthenticationError:
        raise BadRequest()
    expires_at = datetime.datetime.now(datetime.timezone.utc) + token_expire
    token_store.set(token_id, Token(identity, expires_at), timeout=int(token_expire.total_seconds()))
    return "<!DOCTYPE html>\n" + html.html(
        html.head(html.meta(charset="utf-8"), html.title("Geofront: Authentication success")),
        html.body(
            html.h1(html.dfn("Geofront:"), " Authentication success"),
            html.p("You may close the browser, and go back to the CLI."),
        ),
    )