def get_context_data(self, **kwargs):
target = self.request.GET.get('TARGET')
assert defused_etree, '/samlValidate endpoint requires defusedxml to be installed'
try:
root = defused_etree.parse(self.request, forbid_dtd=True).getroot()
ticket = root.find(
'.//{urn:oasis:names:tc:SAML:1.0:protocol}AssertionArtifact'
).text
except (defused_etree.ParseError, ValueError, AttributeError):
ticket = None
try:
st, attributes, pgt = validate_service_ticket(target,
ticket,
require_https=True)
return {
'ticket': st,
'pgt': pgt,
'attributes': attributes,
'error': None
}
except ValidationError as e:
logger.warning("%s %s" % (e.code, e))
return {'ticket': None, 'error': e}
def get(self, request):
try:
external_id = self.request.query_params['id']
except:
return bad_request('Required parameter missing: id')
username = self.request.query_params.get('username', None)
token = self.request.query_params.get('token', None)
if not username and not token:
return bad_request('Must include either username or token')
if token:
try:
st, attributes, pgt = validate_service_ticket(
request.user.get_username() + '.com', token)
token_username = st.user.get_username()
except ValidationError:
return bad_credentials("Token is invalid or expired")
if username and username != token_username:
return bad_request("Username must match token username")
else:
username = token_username
authorized = Purchase.objects.filter(
buyer__username=username,
article__publisher=request.user,
article__external_id=external_id).exists()
return Response({"result": authorized})
def get_context_data(self, **kwargs):
service = self.request.GET.get('service')
ticket = self.request.GET.get('ticket')
pgturl = self.request.GET.get('pgtUrl')
renew = to_bool(self.request.GET.get('renew'))
try:
if not ticket or ticket.startswith(ProxyTicket.TICKET_PREFIX):
# If no ticket parameter is present, attempt to validate it
# anyway so the appropriate error is raised
pt, attributes, pgt, proxies = validate_proxy_ticket(
service, ticket, pgturl=pgturl)
return {
'ticket': pt,
'pgt': pgt,
'attributes': attributes,
'proxies': proxies,
'error': None
}
else:
st, attributes, pgt = validate_service_ticket(service,
ticket,
pgturl=pgturl,
renew=renew)
return {
'ticket': st,
'pgt': pgt,
'attributes': attributes,
'proxies': None,
'error': None
}
except ValidationError as e:
logger.warning("%s %s" % (e.code, e))
return {'ticket': None, 'error': e}
def get_context_data(self, **kwargs):
service = self.request.GET.get('service')
ticket = self.request.GET.get('ticket')
pgturl = self.request.GET.get('pgtUrl')
renew = to_bool(self.request.GET.get('renew'))
st, pgt, error = validate_service_ticket(service, ticket, pgturl, renew)
attributes = get_attributes(st.user, st.service) if st else None
return {'ticket': st, 'pgt': pgt, 'error': error, 'attributes': attributes}
def get(self, request, *args, **kwargs):
service = request.GET.get('service')
ticket = request.GET.get('ticket')
renew = to_bool(request.GET.get('renew'))
st, pgt, error = validate_service_ticket(service, ticket, None, renew)
if st:
content = "yes\n%s\n" % st.user.get_username()
else:
content = "no\n\n"
return HttpResponse(content=content, content_type='text/plain')
def get(self, request, *args, **kwargs):
service = request.GET.get('service')
ticket = request.GET.get('ticket')
renew = to_bool(request.GET.get('renew'))
st, pgt, error = validate_service_ticket(service, ticket, None, renew)
if st:
content = "yes\n%s\n" % st.user.get_username()
else:
content = "no\n\n"
return HttpResponse(content=content, content_type='text/plain')
def get(self, request, *args, **kwargs):
service = request.GET.get('service')
ticket = request.GET.get('ticket')
renew = to_bool(request.GET.get('renew'))
try:
st, attributes, pgt = validate_service_ticket(service, ticket, renew=renew)
content = "yes\n%s\n" % st.user.get_username()
except ValidationError:
content = "no\n\n"
return HttpResponse(content=content, content_type='text/plain')
def get(self, request):
try:
token = self.request.query_params['token']
except:
return bad_request('Required parameter missing: token')
try:
st, attributes, pgt = validate_service_ticket(
request.user.get_username() + '.com', token)
result = {'valid': True, 'username': st.user.get_username()}
except ValidationError:
result = {'valid': False}
return Response(result)
def get_context_data(self, **kwargs):
service = self.request.GET.get('service')
ticket = self.request.GET.get('ticket')
pgturl = self.request.GET.get('pgtUrl')
renew = to_bool(self.request.GET.get('renew'))
try:
st, attributes, pgt = validate_service_ticket(service, ticket, pgturl=pgturl, renew=renew)
return {'ticket': st, 'pgt': pgt, 'attributes': attributes, 'error': None}
except ValidationError as e:
logger.warning("%s %s" % (e.code, e))
return {'ticket': None, 'error': e}
def get_context_data(self, **kwargs):
target = self.request.GET.get('TARGET')
assert defused_etree, '/samlValidate endpoint requires defusedxml to be installed'
try:
root = defused_etree.parse(self.request, forbid_dtd=True).getroot()
ticket = root.find('.//{urn:oasis:names:tc:SAML:1.0:protocol}AssertionArtifact').text
except (defused_etree.ParseError, ValueError, AttributeError):
ticket = None
st, pgt, error = validate_service_ticket(target, ticket, None, require_https=True)
attributes = get_attributes(st.user, st.service) if st else None
return {'ticket': st, 'pgt': pgt, 'error': error, 'attributes': attributes}
def get_context_data(self, **kwargs):
service = self.request.GET.get('service')
ticket = self.request.GET.get('ticket')
pgturl = self.request.GET.get('pgtUrl')
renew = to_bool(self.request.GET.get('renew'))
st, pgt, error = validate_service_ticket(service, ticket, pgturl,
renew)
attributes = get_attributes(st.user, st.service) if st else None
return {
'ticket': st,
'pgt': pgt,
'error': error,
'attributes': attributes
}
def get_context_data(self, **kwargs):
service = self.request.GET.get('service')
ticket = self.request.GET.get('ticket')
pgturl = self.request.GET.get('pgtUrl')
renew = to_bool(self.request.GET.get('renew'))
if not ticket or ticket.startswith(ProxyTicket.TICKET_PREFIX):
# If no ticket parameter is present, attempt to validate it
# anyway so the appropriate error is raised
t, pgt, proxies, error = validate_proxy_ticket(service, ticket, pgturl)
else:
t, pgt, error = validate_service_ticket(service, ticket, pgturl, renew)
proxies = None
attributes = get_attributes(t.user, t.service) if t else None
return {'ticket': t, 'pgt': pgt, 'proxies': proxies,
'error': error, 'attributes': attributes}
def get_context_data(self, **kwargs):
service = self.request.GET.get('service')
ticket = self.request.GET.get('ticket')
pgturl = self.request.GET.get('pgtUrl')
renew = to_bool(self.request.GET.get('renew'))
if not ticket or ticket.startswith(ProxyTicket.TICKET_PREFIX):
# If no ticket parameter is present, attempt to validate it
# anyway so the appropriate error is raised
t, pgt, proxies, error = validate_proxy_ticket(
service, ticket, pgturl)
else:
t, pgt, error = validate_service_ticket(service, ticket, pgturl,
renew)
proxies = None
attributes = get_attributes(t.user, t.service) if t else None
return {
'ticket': t,
'pgt': pgt,
'proxies': proxies,
'error': error,
'attributes': attributes
}
def get_context_data(self, **kwargs):
target = self.request.GET.get('TARGET')
assert defused_etree, '/samlValidate endpoint requires defusedxml to be installed'
try:
root = defused_etree.parse(self.request, forbid_dtd=True).getroot()
ticket = root.find(
'.//{urn:oasis:names:tc:SAML:1.0:protocol}AssertionArtifact'
).text
except (defused_etree.ParseError, ValueError, AttributeError):
ticket = None
st, pgt, error = validate_service_ticket(target,
ticket,
None,
require_https=True)
attributes = get_attributes(st.user, st.service) if st else None
return {
'ticket': st,
'pgt': pgt,
'error': error,
'attributes': attributes
}
