def verify_auth_token(data):
    """
    Verifies a Auth Token in a QueryDict. Returns a
    django.contrib.auth.models.User instance if successful or False.
    """
    if "auth_token" not in data:
        return False
    if "request_token" not in data:
        return False
    auth_token = data["auth_token"]
    params = [("auth_token", auth_token), ("key", settings.SIMPLE_SSO_KEY)]
    signature = build_signature(params, settings.SIMPLE_SSO_SECRET)
    params.append(("signature", signature))
    url = urljoin(settings.SIMPLE_SSO_SERVER, "verify") + "/"
    response = requests.get(url, dict(params))
    if response.status_code != 200:
        return False
    data = QueryDict(response.content)
    if "signature" not in data:
        return False
    if "user" not in data:
        return False
    params = [(key, value) for key, value in data.items() if key != "signature"]
    if not verify_signature(params, data["signature"], settings.SIMPLE_SSO_SECRET):
        return False
    return load_json_user(data["user"])
def verify_auth_token(data):
    """
    Verifies a Auth Token in a QueryDict. Returns a
    django.contrib.auth.models.User instance if successful or False.
    """
    if 'auth_token' not in data:
        return False
    if 'request_token' not in data:
        return False
    auth_token = data['auth_token']
    params = [('auth_token', auth_token), ('key', settings.SIMPLE_SSO_KEY)]
    signature = build_signature(params, settings.SIMPLE_SSO_SECRET)
    params.append(('signature', signature))
    url = urljoin(settings.SIMPLE_SSO_SERVER, 'verify') + '/'
    response = requests.get(url, params=dict(params))
    if response.status_code != 200:
        return False
    data = QueryDict(response.content)
    if 'signature' not in data:
        return False
    if 'user' not in data:
        return False
    params = [(key, value) for key,value in data.items() if key != 'signature']
    if not verify_signature(params, data['signature'], settings.SIMPLE_SSO_SECRET):
        return False
    return load_json_user(data['user'])
Exemple #3
0
def verify_auth_token(data):
    """
    Verifies a Auth Token in a QueryDict. Returns a
    django.contrib.auth.models.User instance if successful or False.
    """
    if 'auth_token' not in data:
        return False
    if 'request_token' not in data:
        return False
    auth_token = data['auth_token']
    params = [('auth_token', auth_token), ('key', settings.SIMPLE_SSO_KEY)]
    signature = build_signature(params, settings.SIMPLE_SSO_SECRET)
    params.append(('signature', signature))
    url = urljoin(settings.SIMPLE_SSO_SERVER, 'verify') + '/'
    response = requests.get(url, params=dict(params))
    if response.status_code != 200:
        return False
    data = QueryDict(response.content)
    if 'signature' not in data:
        return False
    if 'user' not in data:
        return False
    params = [(key, value) for key, value in data.items()
              if key != 'signature']
    if not verify_signature(params, data['signature'],
                            settings.SIMPLE_SSO_SECRET):
        return False
    return load_json_user(data['user'])
 def clean(self):
     data = super(BaseForm, self).clean()
     parameters = [(key, value) for key, value in data.items() if key != 'signature']
     client_key = data['key']
     self.client = Client.objects.get(key=client_key)
     secret = self.client.secret
     signature = data['signature']
     if not verify_signature(parameters, signature, secret):
         raise forms.ValidationError('Invalid signature')
     self.invalid_signature = False
     return data
Exemple #5
0
 def clean(self):
     data = super(BaseForm, self).clean()
     parameters = [(key, value) for key, value in data.items() if key != 'signature']
     client_key = data['key']
     try:
         self.client = Client.objects.get(key=client_key)
     except Client.DoesNotExist:
         raise forms.ValidationError('Invalid client key')
     secret = self.client.secret
     signature = data['signature']
     if not verify_signature(parameters, signature, secret):
         self.invalid_signature = True
         raise forms.ValidationError('Invalid signature')
     return data
def get_request_token():
    """
    Requests a Request Token from the SSO Server. Returns False if the request
    failed.
    """
    params = [("key", settings.SIMPLE_SSO_KEY)]
    signature = build_signature(params, settings.SIMPLE_SSO_SECRET)
    params.append(("signature", signature))
    url = urljoin(settings.SIMPLE_SSO_SERVER, "request-token") + "/"
    response = requests.get(url, dict(params))
    if response.status_code != 200:
        return False
    data = QueryDict(response.content)
    if "signature" not in data:
        return False
    if "request_token" not in data:
        return False
    params = [(key, value) for key, value in data.items() if key != "signature"]
    if not verify_signature(params, data["signature"], settings.SIMPLE_SSO_SECRET):
        return False
    return data["request_token"]
def get_request_token():
    """
    Requests a Request Token from the SSO Server. Returns False if the request
    failed.
    """
    params = [('key', settings.SIMPLE_SSO_KEY)]
    signature = build_signature(params, settings.SIMPLE_SSO_SECRET)
    params.append(('signature', signature))
    url = urljoin(settings.SIMPLE_SSO_SERVER, 'request-token') + '/'
    response = requests.get(url, params=dict(params))
    if response.status_code != 200:
        return False
    data = QueryDict(response.content)
    if 'signature' not in data:
        return False
    if 'request_token' not in data:
        return False
    params = [(key, value) for key,value in data.items() if key != 'signature']
    if not verify_signature(params, data['signature'], settings.SIMPLE_SSO_SECRET):
        return False
    return data['request_token']
Exemple #8
0
def get_request_token():
    """
    Requests a Request Token from the SSO Server. Returns False if the request
    failed.
    """
    params = [('key', settings.SIMPLE_SSO_KEY)]
    signature = build_signature(params, settings.SIMPLE_SSO_SECRET)
    params.append(('signature', signature))
    url = urljoin(settings.SIMPLE_SSO_SERVER, 'request-token') + '/'
    response = requests.get(url, params=dict(params))
    if response.status_code != 200:
        return False
    data = QueryDict(response.content)
    if 'signature' not in data:
        return False
    if 'request_token' not in data:
        return False
    params = [(key, value) for key, value in data.items()
              if key != 'signature']
    if not verify_signature(params, data['signature'],
                            settings.SIMPLE_SSO_SECRET):
        return False
    return data['request_token']