def group_finder(userid, request):
secret = request.registry.settings['sndcld.secret']
ticket = parse_ticket(secret, request.cookies['auth_tkt'], '0.0.0.0',
hashalg='sha512')
timestamp, userid, tokens, user_data = ticket
return [Authenticated]
def Api(request):
""" Rest API interface """
response = request.response
# authentication by token
token = request.environ.get('HTTP_X_AUTH_TOKEN')
if token:
secret = ptah.get_settings(ptah.CFG_ID_PTAH, request.registry)['secret']
try:
timestamp, userid, tokens, user_data = parse_ticket(
secret, '%s!' % token, '0.0.0.0')
except BadTicket:
userid = None
if userid:
ptah.auth_service.set_userid(userid)
# search service and action
service = request.matchdict['service']
subpath = request.matchdict['subpath']
if subpath:
action = subpath[0]
arguments = subpath[1:]
if ':' in action:
action, arg = action.split(':', 1)
arguments = (arg,) + arguments
else:
action = 'apidoc'
arguments = ()
request.environ['SCRIPT_NAME'] = '/__rest__/%s' % service
response.headerslist = {'Content-Type': 'application/json'}
# execute action for specific service
try:
result = config.get_cfg_storage(ID_REST)[service](
request, action, *arguments)
except WSGIHTTPException as exc:
response.status = exc.status
result = {'message': str(exc)}
except Exception as exc:
response.status = 500
out = NativeIO()
traceback.print_exc(file=out)
result = {'message': str(exc),
'traceback': out.getvalue()}
if isinstance(result, Response):
return result
response.text = text_(
dumps(result, indent=True, default=dthandler), 'utf-8')
return response
def render(self):
request = self.request
# authentication by token
token = request.environ.get('HTTP_X_AUTH_TOKEN')
if token:
try:
timestamp, userid, tokens, user_data = parse_ticket(
SECURITY.secret,
'%s!' % token,
'0.0.0.0')
except BadTicket:
userid = None
if userid:
ptah.authService.set_userid(userid)
# search service and action
service = request.matchdict['service']
subpath = request.matchdict['subpath']
if subpath:
action = subpath[0]
arguments = subpath[1:]
if ':' in action:
action, arg = action.split(':', 1)
arguments = (arg,) + arguments
else:
action = 'apidoc'
arguments = ()
request.environ['SCRIPT_NAME'] = '/__rest__/%s' % service
request.response.headerslist = {'Content-Type': 'application/json'}
# execute action for specific service
try:
result = config.get_cfg_storage(REST_ID)[service](
request, action, *arguments)
except WSGIHTTPException, exc:
request.response.status = exc.status
result = {'message': str(exc)}
def _callFUT(self, secret, ticket, ip):
from pyramid.authentication import parse_ticket
return parse_ticket(secret, ticket, ip)
def _callFUT(self, secret, ticket, ip):
from pyramid.authentication import parse_ticket
return parse_ticket(secret, ticket, ip)
