Esempio n. 1
0
    def setup(self):
        super(TestStoreAuthz, self).setup()
        self.app = annotator.app.test_client()

        self.anno_id = '123'
        self.permissions = {
            'read': ['alice', 'bob'],
            'update': ['alice', 'charlie'],
            'admin': ['alice']
        }

        ann = Annotation(id=self.anno_id,
                         user='******',
                         text='Foobar',
                         permissions=self.permissions)
        ann.save()

        self.consumer = Consumer('test-consumer-key')
        save(self.consumer)

        self.user = '******'

        for u in ['alice', 'bob', 'charlie']:
            token = auth.generate_token(self.consumer.key, u)
            setattr(self, '%s_headers' % u, auth.headers_for_token(token))
Esempio n. 2
0
def add_consumer():
    _require_user()

    c = Consumer()
    g.user.consumers.append(c)

    db.session.commit()

    return redirect(url_for('.home'))
Esempio n. 3
0
    def setup(self):
        super(TestStore, self).setup()

        self.app = annotator.app.test_client()
        self.consumer = Consumer('test-consumer-key')
        save(self.consumer)

        self.user = '******'

        token = auth.generate_token(self.consumer.key, self.user)
        self.headers = auth.headers_for_token(token)
Esempio n. 4
0
def generate_token(key, user_id):
    consumer = Consumer.fetch(key)

    if consumer is None:
        raise Exception, "Cannot generate token: invalid consumer key specified"

    issue_time = datetime.datetime.now(UTC).isoformat()
    token = hashlib.sha256(consumer.secret + user_id + issue_time).hexdigest()

    return dict(consumerKey=key,
                authToken=token,
                authTokenIssueTime=issue_time,
                authTokenTTL=consumer.ttl,
                userId=user_id)
Esempio n. 5
0
def generate_token(key, user_id):
    consumer = Consumer.fetch(key)

    if consumer is None:
        raise Exception, "Cannot generate token: invalid consumer key specified"

    issue_time = datetime.datetime.now(UTC).isoformat()
    token = hashlib.sha256(consumer.secret + user_id + issue_time).hexdigest()

    return dict(
        consumerKey=key,
        authToken=token,
        authTokenIssueTime=issue_time,
        authTokenTTL=consumer.ttl,
        userId=user_id
    )
Esempio n. 6
0
def verify_token(token, key, user_id, issue_time):
    consumer = Consumer.fetch(key)

    if consumer is None:
        return False # invalid account key

    computed_token = hashlib.sha256(consumer.secret + user_id + issue_time).hexdigest()

    if computed_token != token:
        return False # Token inauthentic: computed hash doesn't match.

    validity = iso8601.parse_date(issue_time)
    expiry = validity + datetime.timedelta(seconds=consumer.ttl)

    if validity > datetime.datetime.now(UTC):
        return False # Token not yet valid

    if expiry < datetime.datetime.now(UTC):
        return False # Token expired: issue_time + ttl > now

    return True
Esempio n. 7
0
def verify_token(token, key, user_id, issue_time):
    consumer = Consumer.fetch(key)

    if consumer is None:
        return False  # invalid account key

    computed_token = hashlib.sha256(consumer.secret + user_id +
                                    issue_time).hexdigest()

    if computed_token != token:
        return False  # Token inauthentic: computed hash doesn't match.

    validity = iso8601.parse_date(issue_time)
    expiry = validity + datetime.timedelta(seconds=consumer.ttl)

    if validity > datetime.datetime.now(UTC):
        return False  # Token not yet valid

    if expiry < datetime.datetime.now(UTC):
        return False  # Token expired: issue_time + ttl > now

    return True
Esempio n. 8
0
    def test_key(self):
        c = Consumer(key='foo')
        save(c)

        c = Consumer.fetch('foo')
        h.assert_equal(c.key, 'foo')
Esempio n. 9
0
    def test_secret(self):
        c = Consumer(key='foo')
        save(c)

        assert c.secret, 'Consumer secret should be set!'
Esempio n. 10
0
    def test_key(self):
        c = Consumer(key='foo')
        save(c)

        c = Consumer.fetch('foo')
        h.assert_equal(c.key, 'foo')
Esempio n. 11
0
    password = ''
    while not password:
        password = getpass("Admin password: "******"Primary consumer key [annotateit]: ").strip()
    if not ckey:
        ckey = 'annotateit'

    with annotator.app.test_request_context():

        print("\nCreating admin user... ", end="")

        u = User(username, email, password)

        annotator.db.session.add(u)
        annotator.db.session.commit()

        print("done.")

        print("Creating primary consumer... ", end="")

        c = Consumer(ckey)
        c.user_id = u.id

        annotator.db.session.add(c)
        annotator.db.session.commit()

        print("done.\n")

        print("Primary consumer secret: %s" % c.secret)
Esempio n. 12
0
    password = ""
    while not password:
        password = getpass("Admin password: "******"Primary consumer key [annotateit]: ").strip()
    if not ckey:
        ckey = "annotateit"

    with annotator.app.test_request_context():

        print("\nCreating admin user... ", end="")

        u = User(username, email, password)

        annotator.db.session.add(u)
        annotator.db.session.commit()

        print("done.")

        print("Creating primary consumer... ", end="")

        c = Consumer(ckey)
        c.user_id = u.id

        annotator.db.session.add(c)
        annotator.db.session.commit()

        print("done.\n")

        print("Primary consumer secret: %s" % c.secret)