def _validate_creds_and_get_user(request): """ Validate one of token or api_key provided either in headers or query parameters. Will returnt the User :rtype: :class:`UserDB` """ headers = request.headers query_string = request.query_string query_params = dict(urlparse.parse_qsl(query_string)) token_in_headers = headers.get(HEADER_ATTRIBUTE_NAME, None) token_in_query_params = query_params.get(QUERY_PARAM_ATTRIBUTE_NAME, None) api_key_in_headers = headers.get(HEADER_API_KEY_ATTRIBUTE_NAME, None) api_key_in_query_params = query_params.get( QUERY_PARAM_API_KEY_ATTRIBUTE_NAME, None) if ((token_in_headers or token_in_query_params) and (api_key_in_headers or api_key_in_query_params)): raise auth_exceptions.MultipleAuthSourcesError( 'Only one of Token or API key expected.') user = None if token_in_headers or token_in_query_params: token_db = auth_utils.validate_token_and_source( token_in_headers=token_in_headers, token_in_query_params=token_in_query_params) user = token_db.user elif api_key_in_headers or api_key_in_query_params: api_key_db = auth_utils.validate_api_key_and_source( api_key_in_headers=api_key_in_headers, api_key_query_params=api_key_in_query_params) user = api_key_db.user else: raise auth_exceptions.NoAuthSourceProvidedError( 'One of Token or API key required.') if not user: LOG.warn('User not found for supplied token or api-key.') return None try: return User.get(user) except StackStormDBObjectNotFoundError: # User doesn't exist - we should probably also invalidate token/apikey if # this happens. LOG.warn('User %s not found.', user) return None
def _validate_creds_and_get_user(request): """ Validate one of token or api_key provided either in headers or query parameters. Will returnt the User :rtype: :class:`UserDB` """ headers = request.headers query_string = request.query_string query_params = dict(urlparse.parse_qsl(query_string)) token_in_headers = headers.get(HEADER_ATTRIBUTE_NAME, None) token_in_query_params = query_params.get(QUERY_PARAM_ATTRIBUTE_NAME, None) api_key_in_headers = headers.get(HEADER_API_KEY_ATTRIBUTE_NAME, None) api_key_in_query_params = query_params.get(QUERY_PARAM_API_KEY_ATTRIBUTE_NAME, None) if ((token_in_headers or token_in_query_params) and (api_key_in_headers or api_key_in_query_params)): raise auth_exceptions.MultipleAuthSourcesError( 'Only one of Token or API key expected.') user = None if token_in_headers or token_in_query_params: token_db = auth_utils.validate_token_and_source( token_in_headers=token_in_headers, token_in_query_params=token_in_query_params) user = token_db.user elif api_key_in_headers or api_key_in_query_params: api_key_db = auth_utils.validate_api_key_and_source( api_key_in_headers=api_key_in_headers, api_key_query_params=api_key_in_query_params) user = api_key_db.user else: raise auth_exceptions.NoAuthSourceProvidedError('One of Token or API key required.') if not user: LOG.warn('User not found for supplied token or api-key.') return None try: return User.get(user) except StackStormDBObjectNotFoundError: # User doesn't exist - we should probably also invalidate token/apikey if # this happens. LOG.warn('User %s not found.', user) return None
def before(self, state): # OPTIONS requests doesn't need to be authenticated if state.request.method == 'OPTIONS': return token_db = self._validate_token(request=state.request) try: user_db = User.get(token_db.user) except ValueError: # User doesn't exist - we should probably also invalidate token if # this happens user_db = None # Store token and related user object in the context # Note: We also store token outside of auth dict for backward compatibility state.request.context['token'] = token_db state.request.context['auth'] = {'token': token_db, 'user': user_db} if QUERY_PARAM_ATTRIBUTE_NAME in state.arguments.keywords: del state.arguments.keywords[QUERY_PARAM_ATTRIBUTE_NAME]
def before(self, state): # OPTIONS requests doesn't need to be authenticated if state.request.method == 'OPTIONS': return token_db = self._validate_token(request=state.request) try: user_db = User.get(token_db.user) except ValueError: # User doesn't exist - we should probably also invalidate token if # this happens user_db = None # Store token and related user object in the context # Note: We also store token outside of auth dict for backward compatibility state.request.context['token'] = token_db state.request.context['auth'] = { 'token': token_db, 'user': user_db } if QUERY_PARAM_ATTRIBUTE_NAME in state.arguments.keywords: del state.arguments.keywords[QUERY_PARAM_ATTRIBUTE_NAME]