def authenticate_key(self, creds, bot_creds):
"""
TODO: Docstring
"""
token = False
response = self._http_request("GET",
self.cfg.auth_url,
path="/auth/v1/key",
header=creds.requests())
if response == requests.codes.ok:
token = response.json().get("token", False)
if token is not False:
token = St2UserToken(token)
return token
def authenticate_token(self, creds, bot_creds):
"""
TODO: Docstring
"""
token = False
response = self._http_request("GET",
self.cfg.auth_url,
path="/tokens/validate",
headers=bot_creds.requests(),
payload=creds.st2client())
if response == requests.codes.ok:
token = response.json().get("token", False)
if token is not False:
token = St2UserToken(token)
return token
def authenticate_user(self, creds, bot_creds):
"""
Validate supplied credetials with StackStorm
"""
response = self._http_request('POST',
self.cfg.auth_url,
path="/tokens",
headers=creds.requests(),
payload={"ttl": 86400})
if response.status_code in [requests.codes.created]:
return St2UserToken(response.json().get("token"))
else:
LOG.info('API response to token = {} {}'.format(
response.status_code, response.reason))
return False
def _request_user_token(self, chat_user, bot_creds):
"""
TODO: Docstring
"""
token = False
response = self._http_request("GET",
self.cfg.auth_url,
path="/tokens/validate",
headers=bot_creds.requests(),
payload={"user": chat_user})
if response == requests.codes.ok:
token = response.json().get("token", False)
if token is not False:
token = St2UserToken(token)
return token
def authenticate_user(self, st2_creds):
"""
TODO: Docstring
"""
response = self._http_request('POST',
self.cfg.auth_url,
path="/tokens",
headers=st2_creds.requests(),
payload={"ttl": 86400})
if response.status_code in [requests.codes.created]:
return St2UserToken(response.json().get("token"))
else:
LOG.info('API response to token = {} {}'.format(
response.status_code, response.reason))
return False
def authenticate_user(self, st2_creds):
"""
Validate the supplied Stackstorm user/password against the API.
Returns a StackStorm token on successful authentication otherwise False.
"""
response = self._http_request('POST',
self.cfg.auth_url,
path="/tokens",
headers=st2_creds.requests(),
payload={"ttl": 86400})
if response.status_code in [requests.codes.created]:
return St2UserToken(response.json().get("token"))
else:
LOG.info('API response to token = {} {}'.format(
response.status_code, response.reason))
return False
def authenticate_token(self, st2_creds):
"""
TODO: Docstring
"""
token = False
response = self._http_request("GET",
self.cfg.auth_url,
path="/api/v1/token/validate",
headers=st2_creds.requests())
if response.status_code in [requests.codes.created]:
token = response.json().get("token", False)
if token:
token = St2UserToken(token)
else:
LOG.warning("Token not found in reponse {}".format(response))
else:
LOG.info('API response to token = {} {}'.format(
response.status_code, response.reason))
return token
def authenticate_token(self, st2_creds):
"""
Validate the supplied StackStorm Token against the API.
Returns the token if validation was successful otherwise False.
"""
token = False
response = self._http_request("GET",
self.cfg.auth_url,
path="/token/validate",
headers=st2_creds.requests())
if response.status_code in [requests.codes.created]:
token = response.json().get("token", False)
if token:
token = St2UserToken(token)
else:
LOG.warning("Token not found in reponse {}".format(response))
else:
LOG.info('API response to token = {} {}'.format(
response.status_code, response.reason))
return token
def login_auth(self, request, uuid):
# WARNING: Sensitive security information will be loggged, uncomment only when necessary.
# LOG.debug("Request: {}".format(request))
r = SimpleNamespace(
**{
"authenticated": False,
"return_code": 0,
"message": "Successfully associated StackStorm credentials"
})
try:
self.accessctl.consume_session(uuid)
except (SessionConsumedError, SessionExpiredError,
SessionInvalidError) as e:
r.return_code = 2
r.message = "Session '{}' {}".format(uuid, str(e))
except Exception as e:
r.return_code = 90
r.message = "Session unexpected error: {}".format(str(e))
if r.return_code == 0:
try:
shared_word = request.get("shared_word", None)
if self.accessctl.match_secret(uuid, shared_word) is False:
r.return_code = 5
r.message = "Invalid credentials"
except Exception as e:
r.return_code = 91
r.message = "Credentials unexpected error: {}".format(str(e))
if r.return_code == 0:
# Get the user associated with the session id.
user = self.accessctl.get_session_userid(uuid)
LOG.debug(
"Matched chat user {} for credential association".format(user))
if "username" in request:
username = request.get("username", "")
password = request.get("password", "")
if self.accessctl.associate_credentials(
user, St2UserCredentials(username, password),
self.cfg.bot_creds):
r.authenticated = True
else:
r.message = "Invalid credentials"
r.return_code = 6
elif "user_token" in request:
user_token = request.get("user_token", None)
if self.accessctl.associate_credentials(
user, St2UserToken(user_token), self.cfg.bot_creds):
r.authenticated = True
else:
r.message = "Invalid token"
r.return_code = 6
elif "api_key" in request:
api_key = request.get("api_key", None)
if self.accessctl.associate_credentials(
user, St2ApiKey(api_key), self.cfg.bot_creds):
r.authenticated = True
else:
r.message = "Invalid api key"
r.return_code = 6
if (r.authenticated is False
or shared_word is None) and r.return_code == 0:
r.return_code = 3
r.message = "Invalid authentication payload"
if r.authenticated is False:
LOG.warning(r.message)
return json.dumps(vars(r))