def authenticate_key(self, creds, bot_creds): """ TODO: Docstring """ token = False response = self._http_request("GET", self.cfg.auth_url, path="/auth/v1/key", header=creds.requests()) if response == requests.codes.ok: token = response.json().get("token", False) if token is not False: token = St2UserToken(token) return token
def authenticate_token(self, creds, bot_creds): """ TODO: Docstring """ token = False response = self._http_request("GET", self.cfg.auth_url, path="/tokens/validate", headers=bot_creds.requests(), payload=creds.st2client()) if response == requests.codes.ok: token = response.json().get("token", False) if token is not False: token = St2UserToken(token) return token
def authenticate_user(self, creds, bot_creds): """ Validate supplied credetials with StackStorm """ response = self._http_request('POST', self.cfg.auth_url, path="/tokens", headers=creds.requests(), payload={"ttl": 86400}) if response.status_code in [requests.codes.created]: return St2UserToken(response.json().get("token")) else: LOG.info('API response to token = {} {}'.format( response.status_code, response.reason)) return False
def _request_user_token(self, chat_user, bot_creds): """ TODO: Docstring """ token = False response = self._http_request("GET", self.cfg.auth_url, path="/tokens/validate", headers=bot_creds.requests(), payload={"user": chat_user}) if response == requests.codes.ok: token = response.json().get("token", False) if token is not False: token = St2UserToken(token) return token
def authenticate_user(self, st2_creds): """ TODO: Docstring """ response = self._http_request('POST', self.cfg.auth_url, path="/tokens", headers=st2_creds.requests(), payload={"ttl": 86400}) if response.status_code in [requests.codes.created]: return St2UserToken(response.json().get("token")) else: LOG.info('API response to token = {} {}'.format( response.status_code, response.reason)) return False
def authenticate_user(self, st2_creds): """ Validate the supplied Stackstorm user/password against the API. Returns a StackStorm token on successful authentication otherwise False. """ response = self._http_request('POST', self.cfg.auth_url, path="/tokens", headers=st2_creds.requests(), payload={"ttl": 86400}) if response.status_code in [requests.codes.created]: return St2UserToken(response.json().get("token")) else: LOG.info('API response to token = {} {}'.format( response.status_code, response.reason)) return False
def authenticate_token(self, st2_creds): """ TODO: Docstring """ token = False response = self._http_request("GET", self.cfg.auth_url, path="/api/v1/token/validate", headers=st2_creds.requests()) if response.status_code in [requests.codes.created]: token = response.json().get("token", False) if token: token = St2UserToken(token) else: LOG.warning("Token not found in reponse {}".format(response)) else: LOG.info('API response to token = {} {}'.format( response.status_code, response.reason)) return token
def authenticate_token(self, st2_creds): """ Validate the supplied StackStorm Token against the API. Returns the token if validation was successful otherwise False. """ token = False response = self._http_request("GET", self.cfg.auth_url, path="/token/validate", headers=st2_creds.requests()) if response.status_code in [requests.codes.created]: token = response.json().get("token", False) if token: token = St2UserToken(token) else: LOG.warning("Token not found in reponse {}".format(response)) else: LOG.info('API response to token = {} {}'.format( response.status_code, response.reason)) return token
def login_auth(self, request, uuid): # WARNING: Sensitive security information will be loggged, uncomment only when necessary. # LOG.debug("Request: {}".format(request)) r = SimpleNamespace( **{ "authenticated": False, "return_code": 0, "message": "Successfully associated StackStorm credentials" }) try: self.accessctl.consume_session(uuid) except (SessionConsumedError, SessionExpiredError, SessionInvalidError) as e: r.return_code = 2 r.message = "Session '{}' {}".format(uuid, str(e)) except Exception as e: r.return_code = 90 r.message = "Session unexpected error: {}".format(str(e)) if r.return_code == 0: try: shared_word = request.get("shared_word", None) if self.accessctl.match_secret(uuid, shared_word) is False: r.return_code = 5 r.message = "Invalid credentials" except Exception as e: r.return_code = 91 r.message = "Credentials unexpected error: {}".format(str(e)) if r.return_code == 0: # Get the user associated with the session id. user = self.accessctl.get_session_userid(uuid) LOG.debug( "Matched chat user {} for credential association".format(user)) if "username" in request: username = request.get("username", "") password = request.get("password", "") if self.accessctl.associate_credentials( user, St2UserCredentials(username, password), self.cfg.bot_creds): r.authenticated = True else: r.message = "Invalid credentials" r.return_code = 6 elif "user_token" in request: user_token = request.get("user_token", None) if self.accessctl.associate_credentials( user, St2UserToken(user_token), self.cfg.bot_creds): r.authenticated = True else: r.message = "Invalid token" r.return_code = 6 elif "api_key" in request: api_key = request.get("api_key", None) if self.accessctl.associate_credentials( user, St2ApiKey(api_key), self.cfg.bot_creds): r.authenticated = True else: r.message = "Invalid api key" r.return_code = 6 if (r.authenticated is False or shared_word is None) and r.return_code == 0: r.return_code = 3 r.message = "Invalid authentication payload" if r.authenticated is False: LOG.warning(r.message) return json.dumps(vars(r))