def group_finder(userid, request): secret = request.registry.settings['sndcld.secret'] ticket = parse_ticket(secret, request.cookies['auth_tkt'], '0.0.0.0', hashalg='sha512') timestamp, userid, tokens, user_data = ticket return [Authenticated]
def Api(request): """ Rest API interface """ response = request.response # authentication by token token = request.environ.get('HTTP_X_AUTH_TOKEN') if token: secret = ptah.get_settings(ptah.CFG_ID_PTAH, request.registry)['secret'] try: timestamp, userid, tokens, user_data = parse_ticket( secret, '%s!' % token, '0.0.0.0') except BadTicket: userid = None if userid: ptah.auth_service.set_userid(userid) # search service and action service = request.matchdict['service'] subpath = request.matchdict['subpath'] if subpath: action = subpath[0] arguments = subpath[1:] if ':' in action: action, arg = action.split(':', 1) arguments = (arg,) + arguments else: action = 'apidoc' arguments = () request.environ['SCRIPT_NAME'] = '/__rest__/%s' % service response.headerslist = {'Content-Type': 'application/json'} # execute action for specific service try: result = config.get_cfg_storage(ID_REST)[service]( request, action, *arguments) except WSGIHTTPException as exc: response.status = exc.status result = {'message': str(exc)} except Exception as exc: response.status = 500 out = NativeIO() traceback.print_exc(file=out) result = {'message': str(exc), 'traceback': out.getvalue()} if isinstance(result, Response): return result response.text = text_( dumps(result, indent=True, default=dthandler), 'utf-8') return response
def render(self): request = self.request # authentication by token token = request.environ.get('HTTP_X_AUTH_TOKEN') if token: try: timestamp, userid, tokens, user_data = parse_ticket( SECURITY.secret, '%s!' % token, '0.0.0.0') except BadTicket: userid = None if userid: ptah.authService.set_userid(userid) # search service and action service = request.matchdict['service'] subpath = request.matchdict['subpath'] if subpath: action = subpath[0] arguments = subpath[1:] if ':' in action: action, arg = action.split(':', 1) arguments = (arg,) + arguments else: action = 'apidoc' arguments = () request.environ['SCRIPT_NAME'] = '/__rest__/%s' % service request.response.headerslist = {'Content-Type': 'application/json'} # execute action for specific service try: result = config.get_cfg_storage(REST_ID)[service]( request, action, *arguments) except WSGIHTTPException, exc: request.response.status = exc.status result = {'message': str(exc)}
def _callFUT(self, secret, ticket, ip): from pyramid.authentication import parse_ticket return parse_ticket(secret, ticket, ip)