def shorten(matchobj): url = matchobj.group(0) settings = getMAXSettings(request) bitly_username = settings.get('max_bitly_username', '') bitly_api_key = settings.get('max_bitly_api_key', '') return shortenURL(url, bitly_username, bitly_api_key, secure=request.url.startswith('https://'))
def new_function(*args, **kw): nkargs = [a for a in args] context, request = isinstance(nkargs[0], Root) and tuple(nkargs) or tuple(nkargs[::-1]) # Extract the username and token from request headers # It will be like: # headers = {"X-Oauth-Token": "jfa1sDF2SDF234", "X-Oauth-Username": "******", "X-Oauth-Scope": "widgetcli"} settings = getMAXSettings(request) oauth_token = request.headers.get("X-Oauth-Token", "") username = request.headers.get("X-Oauth-Username", "") scope = request.headers.get("X-Oauth-Scope", "") if not oauth_token or not username: raise Unauthorized, "No auth headers found." if allowed_scopes: if scope not in allowed_scopes: raise Unauthorized, "The specified scope is not allowed for this resource." # Validate access token payload = {"oauth_token": oauth_token, "user_id": username} if scope: payload["scope"] = scope r = requests.post(settings["max_oauth_check_endpoint"], data=payload, verify=False) if r.status_code == 200: # Valid token, proceed. return view_function(*args, **kw) else: raise Unauthorized, "Invalid token."
def _validate_user(self, request): """ Extracts and validates user from the request. Performs several checks that will result on Unauthorized exceptions if failed. At the end the successfully authenticated username is returned. """ oauth_token, username, scope = request.auth_headers if scope not in self.allowed_scopes: raise Unauthorized('The specified scope is not allowed for this resource.') settings = getMAXSettings(request) valid = check_token( settings['max_oauth_check_endpoint'], username, oauth_token, scope, asbool(settings.get('max_oauth_standard', True))) if not valid: raise Unauthorized('Invalid token.') request.__authenticated_userid__ = username return username
def __init__(self, request): self.request = request settings = getMAXSettings(request) self.url = settings.get('max_rabbitmq', '') self.message_defaults = settings.get('max_message_defaults', {}) self.enabled = True client_properties = { "product": "max", "version": pkg_resources.require('max')[0].version, "platform": 'Python {0.major}.{0.minor}.{0.micro}'.format(sys.version_info), "server": settings.get('max_server', '') } try: self.client = RabbitClient(self.url, client_properties=client_properties) except AttributeError: self.enabled = False except socket_error: raise ConnectionError("Could not connect to rabbitmq broker")
def new_function(*args, **kw): nkargs = [a for a in args] context, request = isinstance( nkargs[0], Root) and tuple(nkargs) or tuple(nkargs[::-1]) # Extract the username and token from request headers # It will be like: # headers = {"X-Oauth-Token": "jfa1sDF2SDF234", "X-Oauth-Username": "******", "X-Oauth-Scope": "widgetcli"} settings = getMAXSettings(request) oauth_token = request.headers.get('X-Oauth-Token', '') username = request.headers.get('X-Oauth-Username', '') scope = request.headers.get('X-Oauth-Scope', '') if not oauth_token or not username: raise Unauthorized, 'No auth headers found.' if allowed_scopes: if scope not in allowed_scopes: raise Unauthorized, 'The specified scope is not allowed for this resource.' # Validate access token payload = { "oauth_token": oauth_token, "user_id": username, } if scope: payload['scope'] = scope r = requests.post(settings['max_oauth_check_endpoint'], data=payload, verify=False) if r.status_code == 200: # Valid token, proceed. return view_function(*args, **kw) else: raise Unauthorized, 'Invalid token.'