def verify_auth_token(data): """ Verifies a Auth Token in a QueryDict. Returns a django.contrib.auth.models.User instance if successful or False. """ if "auth_token" not in data: return False if "request_token" not in data: return False auth_token = data["auth_token"] params = [("auth_token", auth_token), ("key", settings.SIMPLE_SSO_KEY)] signature = build_signature(params, settings.SIMPLE_SSO_SECRET) params.append(("signature", signature)) url = urljoin(settings.SIMPLE_SSO_SERVER, "verify") + "/" response = requests.get(url, dict(params)) if response.status_code != 200: return False data = QueryDict(response.content) if "signature" not in data: return False if "user" not in data: return False params = [(key, value) for key, value in data.items() if key != "signature"] if not verify_signature(params, data["signature"], settings.SIMPLE_SSO_SECRET): return False return load_json_user(data["user"])
def verify_auth_token(data): """ Verifies a Auth Token in a QueryDict. Returns a django.contrib.auth.models.User instance if successful or False. """ if 'auth_token' not in data: return False if 'request_token' not in data: return False auth_token = data['auth_token'] params = [('auth_token', auth_token), ('key', settings.SIMPLE_SSO_KEY)] signature = build_signature(params, settings.SIMPLE_SSO_SECRET) params.append(('signature', signature)) url = urljoin(settings.SIMPLE_SSO_SERVER, 'verify') + '/' response = requests.get(url, params=dict(params)) if response.status_code != 200: return False data = QueryDict(response.content) if 'signature' not in data: return False if 'user' not in data: return False params = [(key, value) for key,value in data.items() if key != 'signature'] if not verify_signature(params, data['signature'], settings.SIMPLE_SSO_SECRET): return False return load_json_user(data['user'])
def verify_auth_token(data): """ Verifies a Auth Token in a QueryDict. Returns a django.contrib.auth.models.User instance if successful or False. """ if 'auth_token' not in data: return False if 'request_token' not in data: return False auth_token = data['auth_token'] params = [('auth_token', auth_token), ('key', settings.SIMPLE_SSO_KEY)] signature = build_signature(params, settings.SIMPLE_SSO_SECRET) params.append(('signature', signature)) url = urljoin(settings.SIMPLE_SSO_SERVER, 'verify') + '/' response = requests.get(url, params=dict(params)) if response.status_code != 200: return False data = QueryDict(response.content) if 'signature' not in data: return False if 'user' not in data: return False params = [(key, value) for key, value in data.items() if key != 'signature'] if not verify_signature(params, data['signature'], settings.SIMPLE_SSO_SECRET): return False return load_json_user(data['user'])
def clean(self): data = super(BaseForm, self).clean() parameters = [(key, value) for key, value in data.items() if key != 'signature'] client_key = data['key'] self.client = Client.objects.get(key=client_key) secret = self.client.secret signature = data['signature'] if not verify_signature(parameters, signature, secret): raise forms.ValidationError('Invalid signature') self.invalid_signature = False return data
def clean(self): data = super(BaseForm, self).clean() parameters = [(key, value) for key, value in data.items() if key != 'signature'] client_key = data['key'] try: self.client = Client.objects.get(key=client_key) except Client.DoesNotExist: raise forms.ValidationError('Invalid client key') secret = self.client.secret signature = data['signature'] if not verify_signature(parameters, signature, secret): self.invalid_signature = True raise forms.ValidationError('Invalid signature') return data
def get_request_token(): """ Requests a Request Token from the SSO Server. Returns False if the request failed. """ params = [("key", settings.SIMPLE_SSO_KEY)] signature = build_signature(params, settings.SIMPLE_SSO_SECRET) params.append(("signature", signature)) url = urljoin(settings.SIMPLE_SSO_SERVER, "request-token") + "/" response = requests.get(url, dict(params)) if response.status_code != 200: return False data = QueryDict(response.content) if "signature" not in data: return False if "request_token" not in data: return False params = [(key, value) for key, value in data.items() if key != "signature"] if not verify_signature(params, data["signature"], settings.SIMPLE_SSO_SECRET): return False return data["request_token"]
def get_request_token(): """ Requests a Request Token from the SSO Server. Returns False if the request failed. """ params = [('key', settings.SIMPLE_SSO_KEY)] signature = build_signature(params, settings.SIMPLE_SSO_SECRET) params.append(('signature', signature)) url = urljoin(settings.SIMPLE_SSO_SERVER, 'request-token') + '/' response = requests.get(url, params=dict(params)) if response.status_code != 200: return False data = QueryDict(response.content) if 'signature' not in data: return False if 'request_token' not in data: return False params = [(key, value) for key,value in data.items() if key != 'signature'] if not verify_signature(params, data['signature'], settings.SIMPLE_SSO_SECRET): return False return data['request_token']
def get_request_token(): """ Requests a Request Token from the SSO Server. Returns False if the request failed. """ params = [('key', settings.SIMPLE_SSO_KEY)] signature = build_signature(params, settings.SIMPLE_SSO_SECRET) params.append(('signature', signature)) url = urljoin(settings.SIMPLE_SSO_SERVER, 'request-token') + '/' response = requests.get(url, params=dict(params)) if response.status_code != 200: return False data = QueryDict(response.content) if 'signature' not in data: return False if 'request_token' not in data: return False params = [(key, value) for key, value in data.items() if key != 'signature'] if not verify_signature(params, data['signature'], settings.SIMPLE_SSO_SECRET): return False return data['request_token']