def _validate_creds_and_get_user(request):
"""
Validate one of token or api_key provided either in headers or query parameters.
Will returnt the User
:rtype: :class:`UserDB`
"""
headers = request.headers
query_string = request.query_string
query_params = dict(urlparse.parse_qsl(query_string))
token_in_headers = headers.get(HEADER_ATTRIBUTE_NAME, None)
token_in_query_params = query_params.get(QUERY_PARAM_ATTRIBUTE_NAME,
None)
api_key_in_headers = headers.get(HEADER_API_KEY_ATTRIBUTE_NAME, None)
api_key_in_query_params = query_params.get(
QUERY_PARAM_API_KEY_ATTRIBUTE_NAME, None)
if ((token_in_headers or token_in_query_params)
and (api_key_in_headers or api_key_in_query_params)):
raise auth_exceptions.MultipleAuthSourcesError(
'Only one of Token or API key expected.')
user = None
if token_in_headers or token_in_query_params:
token_db = auth_utils.validate_token_and_source(
token_in_headers=token_in_headers,
token_in_query_params=token_in_query_params)
user = token_db.user
elif api_key_in_headers or api_key_in_query_params:
api_key_db = auth_utils.validate_api_key_and_source(
api_key_in_headers=api_key_in_headers,
api_key_query_params=api_key_in_query_params)
user = api_key_db.user
else:
raise auth_exceptions.NoAuthSourceProvidedError(
'One of Token or API key required.')
if not user:
LOG.warn('User not found for supplied token or api-key.')
return None
try:
return User.get(user)
except StackStormDBObjectNotFoundError:
# User doesn't exist - we should probably also invalidate token/apikey if
# this happens.
LOG.warn('User %s not found.', user)
return None
def _validate_creds_and_get_user(request):
"""
Validate one of token or api_key provided either in headers or query parameters.
Will returnt the User
:rtype: :class:`UserDB`
"""
headers = request.headers
query_string = request.query_string
query_params = dict(urlparse.parse_qsl(query_string))
token_in_headers = headers.get(HEADER_ATTRIBUTE_NAME, None)
token_in_query_params = query_params.get(QUERY_PARAM_ATTRIBUTE_NAME, None)
api_key_in_headers = headers.get(HEADER_API_KEY_ATTRIBUTE_NAME, None)
api_key_in_query_params = query_params.get(QUERY_PARAM_API_KEY_ATTRIBUTE_NAME, None)
if ((token_in_headers or token_in_query_params) and
(api_key_in_headers or api_key_in_query_params)):
raise auth_exceptions.MultipleAuthSourcesError(
'Only one of Token or API key expected.')
user = None
if token_in_headers or token_in_query_params:
token_db = auth_utils.validate_token_and_source(
token_in_headers=token_in_headers,
token_in_query_params=token_in_query_params)
user = token_db.user
elif api_key_in_headers or api_key_in_query_params:
api_key_db = auth_utils.validate_api_key_and_source(
api_key_in_headers=api_key_in_headers,
api_key_query_params=api_key_in_query_params)
user = api_key_db.user
else:
raise auth_exceptions.NoAuthSourceProvidedError('One of Token or API key required.')
if not user:
LOG.warn('User not found for supplied token or api-key.')
return None
try:
return User.get(user)
except StackStormDBObjectNotFoundError:
# User doesn't exist - we should probably also invalidate token/apikey if
# this happens.
LOG.warn('User %s not found.', user)
return None
def before(self, state):
# OPTIONS requests doesn't need to be authenticated
if state.request.method == 'OPTIONS':
return
token_db = self._validate_token(request=state.request)
try:
user_db = User.get(token_db.user)
except ValueError:
# User doesn't exist - we should probably also invalidate token if
# this happens
user_db = None
# Store token and related user object in the context
# Note: We also store token outside of auth dict for backward compatibility
state.request.context['token'] = token_db
state.request.context['auth'] = {'token': token_db, 'user': user_db}
if QUERY_PARAM_ATTRIBUTE_NAME in state.arguments.keywords:
del state.arguments.keywords[QUERY_PARAM_ATTRIBUTE_NAME]
def before(self, state):
# OPTIONS requests doesn't need to be authenticated
if state.request.method == 'OPTIONS':
return
token_db = self._validate_token(request=state.request)
try:
user_db = User.get(token_db.user)
except ValueError:
# User doesn't exist - we should probably also invalidate token if
# this happens
user_db = None
# Store token and related user object in the context
# Note: We also store token outside of auth dict for backward compatibility
state.request.context['token'] = token_db
state.request.context['auth'] = {
'token': token_db,
'user': user_db
}
if QUERY_PARAM_ATTRIBUTE_NAME in state.arguments.keywords:
del state.arguments.keywords[QUERY_PARAM_ATTRIBUTE_NAME]
