async def verify(self):
try:
if self.request.method == 'GET':
token = super(self.__class__, self).get_argument('token')
elif self.request.method == 'POST':
# leggi il json della richiesta
temp = RequestObjNew(self.request.body)
if temp.error["code"] == 2:
response_obj = ResponseObj(
debugMessage=temp.error["message"], httpcode=400)
response_obj.setError('400')
logging.getLogger(
type(self).__module__ + "." +
type(self).__qualname__).error(
'Validation error. Json input error')
return response_obj
elif temp.error["code"] > 0:
raise tornado.web.HTTPError(
httpcode=503, log_message=temp.error["message"])
token = temp.request['token']
verifica = await self.dbobjJwt.execute_statment(
"verify_token('%s')" % token)
if verifica['error'] == 0:
if verifica['result'][0]['verify_token_bycod'] == None:
response_obj = ResponseObj(httpcode=404)
response_obj.setError('jwtoken101')
elif verifica['result'][0]['verify_token_bycod']['error'] == 0:
response_obj = ResponseObj(httpcode=200)
response_obj.setError('200')
response_obj.setResult(jose=verifica['result'][0]
['verify_token_bycod']['message'])
elif verifica['result'][0]['verify_token_bycod']['error'] > 0:
response_obj = ResponseObj(
httpcode=401,
devMessage=(verifica['result'][0]['verify_token_bycod']
['message']))
response_obj.setError('jwtoken100')
elif verifica['error'] > 0:
response_obj = ResponseObj(debugMessage=verifica['result'],
httpcode=500)
response_obj.setError('jwtoken105')
except tornado.web.MissingArgumentError as error:
response_obj = ResponseObj(debugMessage=error.log_message,
httpcode=error.status_code,
devMessage=error.log_message)
response_obj.setError(str(error.status_code))
logging.getLogger(
type(self).__module__ + "." + type(self).__qualname__).error(
'%s' % error, exc_info=True)
except Exception as inst:
response_obj = ResponseObj(httpcode=500)
response_obj.setError('500')
logging.getLogger(
type(self).__module__ + "." + type(self).__qualname__).error(
'Exception', exc_info=True)
if self.request.method == 'POST':
response_obj.setID(temp.id)
return response_obj
def verify(self):
try:
#connJwt = jwtoken.lib.database.Database(globalsObj.DbConnections['jwtSlavedsn'])
if self.request.method == 'GET':
token = super(self.__class__, self).get_argument('token')
elif self.request.method == 'POST':
# leggi il json della richiesta
temp = RequestObjNew(self.request.body)
if temp.error["code"] == 2:
response_obj = ResponseObj(debugMessage=temp.error["message"], httpcode=400)
response_obj.setError('400')
logging.getLogger(__name__).error('Validation error. Json input error')
return response_obj
elif temp.error["code"] > 0:
raise tornado.web.HTTPError(httpcode=503, log_message=temp.error["message"])
token = temp.request['token']
#verifica = connJwt.verifyToken(token)
verifica = self.dbobjJwt.makeQuery("EXECUTE verify_token(%s)",
[token],type = self.dbobjJwt.stmts['verify_token']['pool'], close = True)
if verifica['error'] == 0:
if verifica['result'][0] == None:
response_obj = ResponseObj(httpcode=404)
response_obj.setError('jwtoken101')
elif verifica['result'][0]['error'] == 0:
response_obj = ResponseObj(httpcode=200)
response_obj.setError('200')
response_obj.setResult(jose = verifica['result'][0]['message'])
elif verifica['result'][0]['error'] > 0:
response_obj = ResponseObj(httpcode=401, devMessage=(verifica['result'][0]['message']))
response_obj.setError('jwtoken100')
elif verifica['error'] == 1:
response_obj = ResponseObj(debugMessage=verifica['result'].pgerror, httpcode=500,
devMessage=("PostgreSQL error code: %s" % verifica['result'].pgcode))
response_obj.setError('jwtoken105')
except tornado.web.MissingArgumentError as error:
response_obj = ResponseObj(debugMessage=error.log_message, httpcode=error.status_code,
devMessage=error.log_message)
response_obj.setError(str(error.status_code))
logging.getLogger(__name__).error('%s'% error,exc_info=True)
except ApplicationException as inst:
response_obj = ResponseObj(httpcode=500)
response_obj.setError(inst.code)
#responsejson = response_obj.jsonWrite()
logging.getLogger(__name__).error('Exception',exc_info=True)
except Exception as inst:
response_obj = ResponseObj(httpcode=500)
response_obj.setError('500')
logging.getLogger(__name__).error('Exception',exc_info=True)
finally:
logging.getLogger(__name__).warning('jwt/verify handler executed')
if self.request.method == 'POST':
response_obj.setID(temp.id)
return response_obj
def signSpMetadata(self, sp_settings):
try:
temp = RequestObjNew(self.request.body)
addKeyDescriptor = distutils.util.strtobool(
self.get_argument('addSignCert', default='true'))
addKeyValue = distutils.util.strtobool(
self.get_argument('addKeyValue', default='false'))
if temp.error["code"] == 2:
response_obj = ResponseObj(debugMessage=temp.error["message"],
httpcode=400)
response_obj.setError('400')
logging.getLogger(
type(self).__module__ + "." +
type(self).__qualname__).error(
'Validation error. Json input error')
return response_obj
elif temp.error["code"] > 0:
raise tornado.web.HTTPError(httpcode=503,
log_message=temp.error["message"])
metadata = temp.request['metadata']
if sp_settings['error'] == 0 and sp_settings['result'] is not None:
spSettings = Saml2_Settings(sp_settings['result'])
## add KeyDescriptor used to sign to xml
cert = spSettings.get_sp_cert()
if addKeyDescriptor:
metadata = OneLogin_Saml2_Metadata.add_x509_key_descriptors(
metadata, cert, True)
## get key
key = spSettings.get_sp_key()
signature_algorithm = spSettings._OneLogin_Saml2_Settings__security[
'signatureAlgorithm']
digest_algorithm = spSettings._OneLogin_Saml2_Settings__security[
'digestAlgorithm']
metadata = AddSign(metadata,
key,
cert,
debug=False,
sign_algorithm=signature_algorithm,
digest_algorithm=digest_algorithm,
addKeyValue=addKeyValue)
metadata = str(metadata, 'utf-8')
response_obj = ResponseObj(httpcode=200)
response_obj.setError('200')
response_obj.setResult(metadata=metadata)
elif sp_settings['error'] == 0 and sp_settings['result'] == None:
response_obj = ResponseObj(httpcode=404)
response_obj.setError('easyspid101')
elif sp_settings['error'] > 0:
response_obj = ResponseObj(httpcode=500,
debugMessage=sp_settings['result'])
response_obj.setError("easyspid105")
except tornado.web.MissingArgumentError as error:
response_obj = ResponseObj(debugMessage=error.log_message,
httpcode=error.status_code,
devMessage=error.log_message)
response_obj.setError(str(error.status_code))
logging.getLogger(
type(self).__module__ + "." + type(self).__qualname__).error(
'%s' % error, exc_info=True)
except Exception as inst:
response_obj = ResponseObj(httpcode=500)
response_obj.setError('500')
logging.getLogger(
type(self).__module__ + "." + type(self).__qualname__).error(
'Exception', exc_info=True)
response_obj.setID(temp.id)
return response_obj
def verifyAuthnRequest(self, prvd_settings):
try:
temp = RequestObjNew(self.request.body)
if temp.error["code"] == 2:
response_obj = ResponseObj(debugMessage=temp.error["message"], httpcode=400)
response_obj.setError('400')
logging.getLogger(type(self).__module__+"."+type(self).__qualname__).error('Validation error. Json input error')
return response_obj
elif temp.error["code"] > 0:
raise tornado.web.HTTPError(httpcode=503, log_message=temp.error["message"])
authn_request_signed = temp.request['authnrequest']
if prvd_settings['error'] == 0 and prvd_settings['result'] != None:
chk = easyspid.lib.utils.validateAssertion(authn_request_signed,
prvd_settings['result']['sp']['x509cert_fingerprint'],
prvd_settings['result']['sp']['x509cert_fingerprintalg'])
if not chk['schemaValidate']:
response_obj = ResponseObj(httpcode=401)
response_obj.setError('easyspid104')
response_obj.setResult(authnValidate = chk)
elif chk['assertionName'] == 'AuthnRequest' and chk['signCheck'] is None:
response_obj = ResponseObj(httpcode=200)
response_obj.setError('easyspid119')
response_obj.setResult(assertionChk = chk)
elif not chk['signCheck']:
response_obj = ResponseObj(httpcode=401)
response_obj.setError('easyspid106')
response_obj.setResult(authnValidate = chk)
elif chk['schemaValidate'] and chk['signCheck']:
response_obj = ResponseObj(httpcode=200)
response_obj.setError('200')
response_obj.setResult(authnValid = chk)
elif prvd_settings['error'] == 0 and prvd_settings['result'] == None:
response_obj = ResponseObj(httpcode=404)
response_obj.setError('easyspid101')
elif prvd_settings['error'] > 0:
response_obj = ResponseObj(httpcode=500, debugMessage=prvd_settings['result'])
response_obj.setError("easyspid105")
except tornado.web.MissingArgumentError as error:
response_obj = ResponseObj(debugMessage=error.log_message, httpcode=error.status_code,
devMessage=error.log_message)
response_obj.setError(str(error.status_code))
logging.getLogger(type(self).__module__+"."+type(self).__qualname__).error('%s'% error,exc_info=True)
except Exception as inst:
response_obj = ResponseObj(httpcode=500)
response_obj.setError('500')
logging.getLogger(type(self).__module__+"."+type(self).__qualname__).error('Exception',exc_info=True)
response_obj.setID(temp.id)
return response_obj
def verifySpMetadata(self, sp_settings):
try:
temp = RequestObjNew(self.request.body)
if temp.error["code"] == 2:
response_obj = ResponseObj(debugMessage=temp.error["message"], httpcode=400)
response_obj.setError('400')
logging.getLogger(type(self).__module__+"."+type(self).__qualname__).error('Validation error. Json input error')
return response_obj
elif temp.error["code"] > 0:
raise tornado.web.HTTPError(httpcode=503, log_message=temp.error["message"])
metadata = temp.request['metadata']
if sp_settings['error'] == 0 and sp_settings['result'] is not None:
# genera risposta tutto ok
spSettings = Saml2_Settings(sp_settings['result'])
chk = spSettings.validate_metadata(metadata,
fingerprint = sp_settings['result']['sp']['x509cert_fingerprint'],
fingerprintalg = sp_settings['result']['sp']['x509cert_fingerprintalg'],
validatecert=False)
if not chk['schemaValidate']:
response_obj = ResponseObj(httpcode=401)
response_obj.setError('easyspid104')
response_obj.setResult(metadataValidate = chk)
elif not chk['signCheck']:
response_obj = ResponseObj(httpcode=401)
response_obj.setError('easyspid106')
response_obj.setResult(metadataValidate = chk)
elif chk['schemaValidate'] and chk['signCheck']:
response_obj = ResponseObj(httpcode=200)
response_obj.setError('200')
response_obj.setResult(metadataValidate = chk)
elif sp_settings['error'] == 0 and sp_settings['result'] == None:
response_obj = ResponseObj(httpcode=404)
response_obj.setError('easyspid101')
elif sp_settings['error'] > 0:
response_obj = ResponseObj(httpcode=500, debugMessage=sp_settings['result'])
response_obj.setError("easyspid105")
except tornado.web.MissingArgumentError as error:
response_obj = ResponseObj(debugMessage=error.log_message, httpcode=error.status_code,
devMessage=error.log_message)
response_obj.setError(str(error.status_code))
logging.getLogger(type(self).__module__+"."+type(self).__qualname__).error('%s'% error,exc_info=True)
except Exception as inst:
response_obj = ResponseObj(httpcode=500)
response_obj.setError('500')
logging.getLogger(type(self).__module__+"."+type(self).__qualname__).error('Exception',exc_info=True)
response_obj.setID(temp.id)
return response_obj