def get_context_data(self, **kwargs): target = self.request.GET.get('TARGET') assert defused_etree, '/samlValidate endpoint requires defusedxml to be installed' try: root = defused_etree.parse(self.request, forbid_dtd=True).getroot() ticket = root.find( './/{urn:oasis:names:tc:SAML:1.0:protocol}AssertionArtifact' ).text except (defused_etree.ParseError, ValueError, AttributeError): ticket = None try: st, attributes, pgt = validate_service_ticket(target, ticket, require_https=True) return { 'ticket': st, 'pgt': pgt, 'attributes': attributes, 'error': None } except ValidationError as e: logger.warning("%s %s" % (e.code, e)) return {'ticket': None, 'error': e}
def get(self, request): try: external_id = self.request.query_params['id'] except: return bad_request('Required parameter missing: id') username = self.request.query_params.get('username', None) token = self.request.query_params.get('token', None) if not username and not token: return bad_request('Must include either username or token') if token: try: st, attributes, pgt = validate_service_ticket( request.user.get_username() + '.com', token) token_username = st.user.get_username() except ValidationError: return bad_credentials("Token is invalid or expired") if username and username != token_username: return bad_request("Username must match token username") else: username = token_username authorized = Purchase.objects.filter( buyer__username=username, article__publisher=request.user, article__external_id=external_id).exists() return Response({"result": authorized})
def get_context_data(self, **kwargs): service = self.request.GET.get('service') ticket = self.request.GET.get('ticket') pgturl = self.request.GET.get('pgtUrl') renew = to_bool(self.request.GET.get('renew')) try: if not ticket or ticket.startswith(ProxyTicket.TICKET_PREFIX): # If no ticket parameter is present, attempt to validate it # anyway so the appropriate error is raised pt, attributes, pgt, proxies = validate_proxy_ticket( service, ticket, pgturl=pgturl) return { 'ticket': pt, 'pgt': pgt, 'attributes': attributes, 'proxies': proxies, 'error': None } else: st, attributes, pgt = validate_service_ticket(service, ticket, pgturl=pgturl, renew=renew) return { 'ticket': st, 'pgt': pgt, 'attributes': attributes, 'proxies': None, 'error': None } except ValidationError as e: logger.warning("%s %s" % (e.code, e)) return {'ticket': None, 'error': e}
def get_context_data(self, **kwargs): service = self.request.GET.get('service') ticket = self.request.GET.get('ticket') pgturl = self.request.GET.get('pgtUrl') renew = to_bool(self.request.GET.get('renew')) st, pgt, error = validate_service_ticket(service, ticket, pgturl, renew) attributes = get_attributes(st.user, st.service) if st else None return {'ticket': st, 'pgt': pgt, 'error': error, 'attributes': attributes}
def get(self, request, *args, **kwargs): service = request.GET.get('service') ticket = request.GET.get('ticket') renew = to_bool(request.GET.get('renew')) st, pgt, error = validate_service_ticket(service, ticket, None, renew) if st: content = "yes\n%s\n" % st.user.get_username() else: content = "no\n\n" return HttpResponse(content=content, content_type='text/plain')
def get(self, request, *args, **kwargs): service = request.GET.get('service') ticket = request.GET.get('ticket') renew = to_bool(request.GET.get('renew')) try: st, attributes, pgt = validate_service_ticket(service, ticket, renew=renew) content = "yes\n%s\n" % st.user.get_username() except ValidationError: content = "no\n\n" return HttpResponse(content=content, content_type='text/plain')
def get(self, request): try: token = self.request.query_params['token'] except: return bad_request('Required parameter missing: token') try: st, attributes, pgt = validate_service_ticket( request.user.get_username() + '.com', token) result = {'valid': True, 'username': st.user.get_username()} except ValidationError: result = {'valid': False} return Response(result)
def get_context_data(self, **kwargs): service = self.request.GET.get('service') ticket = self.request.GET.get('ticket') pgturl = self.request.GET.get('pgtUrl') renew = to_bool(self.request.GET.get('renew')) try: st, attributes, pgt = validate_service_ticket(service, ticket, pgturl=pgturl, renew=renew) return {'ticket': st, 'pgt': pgt, 'attributes': attributes, 'error': None} except ValidationError as e: logger.warning("%s %s" % (e.code, e)) return {'ticket': None, 'error': e}
def get_context_data(self, **kwargs): target = self.request.GET.get('TARGET') assert defused_etree, '/samlValidate endpoint requires defusedxml to be installed' try: root = defused_etree.parse(self.request, forbid_dtd=True).getroot() ticket = root.find('.//{urn:oasis:names:tc:SAML:1.0:protocol}AssertionArtifact').text except (defused_etree.ParseError, ValueError, AttributeError): ticket = None st, pgt, error = validate_service_ticket(target, ticket, None, require_https=True) attributes = get_attributes(st.user, st.service) if st else None return {'ticket': st, 'pgt': pgt, 'error': error, 'attributes': attributes}
def get_context_data(self, **kwargs): service = self.request.GET.get('service') ticket = self.request.GET.get('ticket') pgturl = self.request.GET.get('pgtUrl') renew = to_bool(self.request.GET.get('renew')) st, pgt, error = validate_service_ticket(service, ticket, pgturl, renew) attributes = get_attributes(st.user, st.service) if st else None return { 'ticket': st, 'pgt': pgt, 'error': error, 'attributes': attributes }
def get_context_data(self, **kwargs): service = self.request.GET.get('service') ticket = self.request.GET.get('ticket') pgturl = self.request.GET.get('pgtUrl') renew = to_bool(self.request.GET.get('renew')) if not ticket or ticket.startswith(ProxyTicket.TICKET_PREFIX): # If no ticket parameter is present, attempt to validate it # anyway so the appropriate error is raised t, pgt, proxies, error = validate_proxy_ticket(service, ticket, pgturl) else: t, pgt, error = validate_service_ticket(service, ticket, pgturl, renew) proxies = None attributes = get_attributes(t.user, t.service) if t else None return {'ticket': t, 'pgt': pgt, 'proxies': proxies, 'error': error, 'attributes': attributes}
def get_context_data(self, **kwargs): service = self.request.GET.get('service') ticket = self.request.GET.get('ticket') pgturl = self.request.GET.get('pgtUrl') renew = to_bool(self.request.GET.get('renew')) if not ticket or ticket.startswith(ProxyTicket.TICKET_PREFIX): # If no ticket parameter is present, attempt to validate it # anyway so the appropriate error is raised t, pgt, proxies, error = validate_proxy_ticket( service, ticket, pgturl) else: t, pgt, error = validate_service_ticket(service, ticket, pgturl, renew) proxies = None attributes = get_attributes(t.user, t.service) if t else None return { 'ticket': t, 'pgt': pgt, 'proxies': proxies, 'error': error, 'attributes': attributes }
def get_context_data(self, **kwargs): target = self.request.GET.get('TARGET') assert defused_etree, '/samlValidate endpoint requires defusedxml to be installed' try: root = defused_etree.parse(self.request, forbid_dtd=True).getroot() ticket = root.find( './/{urn:oasis:names:tc:SAML:1.0:protocol}AssertionArtifact' ).text except (defused_etree.ParseError, ValueError, AttributeError): ticket = None st, pgt, error = validate_service_ticket(target, ticket, None, require_https=True) attributes = get_attributes(st.user, st.service) if st else None return { 'ticket': st, 'pgt': pgt, 'error': error, 'attributes': attributes }