Esempio n. 1
0
    def _client_credentials(self, _request):
        _api_key = _request.get("client_id")
        _api_secret = _request.get("client_secret")
        _redis = self.application.redis
        _key = ApiInfo.__tablename__ + ".api_key." + _api_key
        _api = _redis.get(_key)
        if _api == None:
            logging.error("no api_key:%s" % _api_key)
            self.send_error(400)
            return

        _api = json.loads(_api)
        _api_uuid = _api[0]
        _api_level = _api[1]

        if _api_level != API_LEVEL.PPCOM and _api_level != API_LEVEL.PPCONSOLE and _api_level != API_LEVEL.THIRD_PARTY_CONSOLE:
            self.send_error(400)
            return
        
        if _api_level == API_LEVEL.PPCONSOLE:
            _api_level = API_LEVEL.PPCONSOLE_BEFORE_LOGIN

        if _api_secret != _api[3]:
            logging.error("client_secret not match client_id:%s, client_secret:%s, api_scecret:%s" % (_api_key, _api_secret, _api[3]))
            self.send_error(400)
            return

        _api_code = str(uuid.uuid1())
        _api_code = hashlib.sha1(_api_code).hexdigest()
        _api_code = base64.b64encode(_api_code)

        _api_token = str(uuid.uuid1())
        _api_token = hashlib.sha1(_api_token).hexdigest()
        _api_token = base64.b64encode(_api_token)
        
        _row = ApiTokenData(uuid=str(uuid.uuid1()),
                            api_code=_api_code,
                            api_token=_api_token,
                            api_uuid=_api_uuid,
                            api_level=_api_level)
        _row.async_add(_redis)
        _row.create_redis_keys(_redis)

        self.set_header("Content-Type", "application/json")
        self._header()
        _return = {
            "access_token": _api_token,
            "token_type": "Bearer",
        }
        self.write(json.dumps(_return))
        return
Esempio n. 2
0
    def post(self, *args, **kwargs):
        _redis = self.application.redis
        logging.info(self.request.body);
        _user_email = self.get_body_argument("user_email")
        _user_password = self.get_body_argument("user_password")
        _token_data_uuid = self.get_body_argument("token_data_uuid")
        _redirect_uri = self.get_body_argument("redirect_uri")
        _state = self.get_body_argument("state")
        _key = DeviceUser.__tablename__ + ".user_email." + _user_email

        if not _redis.exists(_key):
            logging.info("no such user %s" %_user_email)
            self.send_error(500)
            # self.setErrorCode(API_ERR.NO_USER)
            return
        
        _user_uuid = _redis.get(_key)
        _user = redis_hash_to_dict(_redis, DeviceUser, _user_uuid)

        if _user == None:
            logging.info("no such user %s" %_user_email)
            self.send_error(500)
            # self.setErrorCode(API_ERR.NO_USER)
            return
                
        _pass = hashlib.sha1(_user_password).hexdigest()
        if _pass != _user.get("user_password"):
            logging.info("password not match %s" %_user_email)
            self.send_error(500);
            # self.setErrorCode(API_ERR.MIS_ERR)
            return

        _row = ApiTokenData(**{ "uuid": _token_data_uuid, "is_code_authorized": True })
        _row.async_update(_redis)
        _row.update_redis_keys(_redis)
        
        _token_data = redis_hash_to_dict(_redis, ApiTokenData, _token_data_uuid)
        _code = _token_data.get("api_code")
        _redirect_target = _redirect_uri + "?code=" + _code + "&state=" + _state
        logging.info(_redirect_target)
        self.redirect(_redirect_target, permanent=True, status=301)
        return
Esempio n. 3
0
    def _client_credentials(self, _request):
        _api_key = _request.get("client_id")
        _api_secret = _request.get("client_secret")
        _redis = self.application.redis
        _key = ApiInfo.__tablename__ + ".api_key." + _api_key
        _api = _redis.get(_key)
        if _api == None:
            logging.error("no api_key:%s" % _api_key)
            self.send_error(400)
            return

        _api = json.loads(_api)
        _app_uuid = _api[0]
        _api_uuid = _api[1]
        _api_level = _api[2]
        # _api[3] is api_secret

        if _api_level != API_LEVEL.PPCOM and _api_level != API_LEVEL.PPCONSOLE and _api_level != API_LEVEL.THIRD_PARTY_CONSOLE:
            self.send_error(400)
            return

        if _api_level == API_LEVEL.PPCONSOLE:
            _api_level = API_LEVEL.PPCONSOLE_BEFORE_LOGIN

        if _api_secret != _api[3]:
            logging.error(
                "client_secret not match client_id:%s, client_secret:%s, api_scecret:%s"
                % (_api_key, _api_secret, _api[3]))
            self.send_error(400)
            return

        _api_code = str(uuid.uuid1())
        _api_code = hashlib.sha1(_api_code).hexdigest()
        _api_code = base64.b64encode(_api_code)

        _api_token = str(uuid.uuid1())
        _api_token = hashlib.sha1(_api_token).hexdigest()
        _api_token = base64.b64encode(_api_token)

        _row = ApiTokenData(uuid=str(uuid.uuid1()),
                            api_code=_api_code,
                            api_token=_api_token,
                            app_uuid=_app_uuid,
                            api_uuid=_api_uuid,
                            api_level=_api_level)
        _row.async_add(_redis)
        _row.create_redis_keys(_redis)

        self.set_header("Content-Type", "application/json")
        self._header()
        _return = {
            "access_token": _api_token,
            "token_type": "Bearer",
        }
        self.write(json.dumps(_return))
        return
Esempio n. 4
0
 def _delete_auth_token(self):
     _key = ApiTokenData.__tablename__ + \
            ".api_token." + self.api_token
     _uuid = self.application.redis.get(_key)
     if not _uuid:
         return
     _row = ApiTokenData(uuid=_uuid)
     _row.delete_redis_keys(self.application.redis)
     _row.async_delete(self.application.redis)
     return
Esempio n. 5
0
    def post(self, *args, **kwargs):
        _redis = self.application.redis
        logging.info(self.request.body)
        _user_email = self.get_body_argument("user_email")
        _user_password = self.get_body_argument("user_password")
        _token_data_uuid = self.get_body_argument("token_data_uuid")
        _redirect_uri = self.get_body_argument("redirect_uri")
        _state = self.get_body_argument("state")
        _key = DeviceUser.__tablename__ + ".user_email." + _user_email

        if not _redis.exists(_key):
            logging.info("no such user %s" % _user_email)
            self.send_error(500)
            # self.setErrorCode(API_ERR.NO_USER)
            return

        _user_uuid = _redis.get(_key)
        _user = redis_hash_to_dict(_redis, DeviceUser, _user_uuid)

        if _user == None:
            logging.info("no such user %s" % _user_email)
            self.send_error(500)
            # self.setErrorCode(API_ERR.NO_USER)
            return

        _pass = hashlib.sha1(_user_password).hexdigest()
        if _pass != _user.get("user_password"):
            logging.info("password not match %s" % _user_email)
            self.send_error(500)
            # self.setErrorCode(API_ERR.MIS_ERR)
            return

        _row = ApiTokenData(**{
            "uuid": _token_data_uuid,
            "is_code_authorized": True
        })
        _row.async_update()
        _row.update_redis_keys(_redis)

        _token_data = redis_hash_to_dict(_redis, ApiTokenData,
                                         _token_data_uuid)
        _code = _token_data.get("api_code")
        _redirect_target = _redirect_uri + "?code=" + _code + "&state=" + _state
        logging.info(_redirect_target)
        self.redirect(_redirect_target, permanent=True, status=301)
        return
Esempio n. 6
0
    def get(self, *args, **kwargs):
        _fields = ["client_id", "redirect_uri", "state", "scope", "response_type"]
        _request_dict = {}
        for _field in _fields:
            _request_dict[_field] = self.get_query_argument(_field, default=None)

        if _request_dict.get("response_type") != "code":
            logging.error("response_type not code")
            self.send_error(501)
            return

        if _request_dict.get("client_id") == None:
            logging.error("no client_id")
            self.send_error(400)
            return

        _redis = self.application.redis
        _key = ApiInfo.__tablename__ + ".api_key." + _request_dict.get("client_id")
        _api = _redis.get(_key)
        if _api == None:
            logging.error("no api_key:%s" % _request_dict.get("client_id"))
            self.send_error(404)
            return

        _api = json.loads(_api)
        _app_uuid = _api[0]
        _api_uuid = _api[1]
        _api_level = _api[2]

        _api_code = str(uuid.uuid1())
        _api_code = hashlib.sha1(_api_code).hexdigest()
        _api_code = base64.b64encode(_api_code)

        _api_token = str(uuid.uuid1())
        _api_token = hashlib.sha1(_api_token).hexdigest()
        _api_token = base64.b64encode(_api_token)
        
        _row = ApiTokenData(uuid=str(uuid.uuid1()), api_code=_api_code, api_token=_api_token,
                            app_uuid=_app_uuid, api_uuid=_api_uuid, api_level=_api_level)
        _row.async_add(_redis)
        _row.create_redis_keys(_redis)

        if _request_dict.get("redirect_uri") != None:
            loader = Loader(os.path.abspath(os.path.dirname(__file__)) + "/static/templates")
            login_form = loader.load("login_form.html").generate(**{
                "state": _request_dict.get("state"),
                "redirect_uri": _request_dict.get("redirect_uri"),
                "token_data_uuid": _row.uuid
            })
            self.write(login_form)
            return

        if _request_dict.get("redirect_uri") == None:
            self.set_header("Content-Type", "application/json")
            self._header()
            _return = {
                "state": _request_dict.get("state"),
                "code": _row.api_code,
            }
            self.write(json.dumps(_return))
            return
        
        return
Esempio n. 7
0
    def _password(self, _request):
        _api_key = _request.get("client_id")
        _user_email = _request.get("user_email")
        _user_password = _request.get("user_password")

        _redis = self.application.redis
        _key = ApiInfo.__tablename__ + ".api_key." + _api_key
        _api = _redis.get(_key)
        if _api == None:
            logging.error("no api_key:%s" % _api_key)
            self._write_error()
            return

        _api = json.loads(_api)
        _app_uuid = _api[0]
        _api_uuid = _api[1]
        _api_level = _api[2]
        # _api[3] is api_secret

        if _api_level != API_LEVEL.PPKEFU and _api_level != API_LEVEL.PPCONSOLE:
            logging.error("only PPKEFU / PPCONSOLE use password mode")
            self._write_error()
            return

        _key = DeviceUser.__tablename__ + ".user_email." + _user_email
        _user_uuid = _redis.get(_key)
        if _user_uuid == None:
            logging.error("no such user %s" % _user_email)
            self._write_error()
            return

        _key = DeviceUser.__tablename__ + ".uuid." + _user_uuid
        _password = _redis.hget(_key, "user_password")
        if _user_password != _password:
            logging.error("password not match in:%s, real:%s" % (_user_password, _password))
            self._write_error()
            return

        _api_code = str(uuid.uuid1())
        _api_code = hashlib.sha1(_api_code).hexdigest()
        _api_code = base64.b64encode(_api_code)

        _api_token = str(uuid.uuid1())
        _api_token = hashlib.sha1(_api_token).hexdigest()
        _api_token = base64.b64encode(_api_token)
        
        _row = ApiTokenData(uuid=str(uuid.uuid1()), api_code=_api_code, api_token=_api_token,
                            app_uuid=_app_uuid, api_uuid=_api_uuid, api_level=_api_level)
        _row.async_add(_redis)
        _row.create_redis_keys(_redis)

        self.set_header("Content-Type", "application/json")
        self._header()
        _return = {
            "error_code": 0,
            "access_token": _api_token,
            "user_uuid": _user_uuid,
            "token_type": "Bearer",
        }
        self.write(json.dumps(_return))
        return
Esempio n. 8
0
    def get(self, *args, **kwargs):
        _fields = [
            "client_id", "redirect_uri", "state", "scope", "response_type"
        ]
        _request_dict = {}
        for _field in _fields:
            _request_dict[_field] = self.get_query_argument(_field,
                                                            default=None)

        if _request_dict.get("response_type") != "code":
            logging.error("response_type not code")
            self.send_error(501)
            return

        if _request_dict.get("client_id") == None:
            logging.error("no client_id")
            self.send_error(400)
            return

        _redis = self.application.redis
        _key = ApiInfo.__tablename__ + ".api_key." + _request_dict.get(
            "client_id")
        _api = _redis.get(_key)
        if _api == None:
            logging.error("no api_key:%s" % _request_dict.get("client_id"))
            self.send_error(404)
            return

        _api = json.loads(_api)
        _app_uuid = _api[0]
        _api_uuid = _api[1]
        _api_level = _api[2]

        _api_code = str(uuid.uuid1())
        _api_code = hashlib.sha1(_api_code).hexdigest()
        _api_code = base64.b64encode(_api_code)

        _api_token = str(uuid.uuid1())
        _api_token = hashlib.sha1(_api_token).hexdigest()
        _api_token = base64.b64encode(_api_token)

        _row = ApiTokenData(uuid=str(uuid.uuid1()),
                            api_code=_api_code,
                            api_token=_api_token,
                            app_uuid=_app_uuid,
                            api_uuid=_api_uuid,
                            api_level=_api_level)
        _row.async_add()
        _row.create_redis_keys(_redis)

        if _request_dict.get("redirect_uri") != None:
            loader = Loader(
                os.path.abspath(os.path.dirname(__file__)) +
                "/static/templates")
            login_form = loader.load("login_form.html").generate(
                **{
                    "state": _request_dict.get("state"),
                    "redirect_uri": _request_dict.get("redirect_uri"),
                    "token_data_uuid": _row.uuid
                })
            self.write(login_form)
            return

        if _request_dict.get("redirect_uri") == None:
            self.set_header("Content-Type", "application/json")
            self._header()
            _return = {
                "state": _request_dict.get("state"),
                "code": _row.api_code,
            }
            self.write(json.dumps(_return))
            return

        return
Esempio n. 9
0
    def _password(self, _request):
        _api_key = _request.get("client_id")
        _user_email = _request.get("user_email")
        _user_password = _request.get("user_password")

        _redis = self.application.redis
        _key = ApiInfo.__tablename__ + ".api_key." + _api_key
        _api = _redis.get(_key)
        if _api == None:
            logging.error("no api_key:%s" % _api_key)
            self._write_error()
            return

        _api = json.loads(_api)
        _app_uuid = _api[0]
        _api_uuid = _api[1]
        _api_level = _api[2]
        # _api[3] is api_secret

        if _api_level != API_LEVEL.PPKEFU and _api_level != API_LEVEL.PPCONSOLE:
            logging.error("only PPKEFU / PPCONSOLE use password mode")
            self._write_error()
            return

        _key = DeviceUser.__tablename__ + ".user_email." + _user_email
        _user_uuid = _redis.get(_key)
        if _user_uuid == None:
            logging.error("no such user %s" % _user_email)
            self._write_error()
            return

        _key = DeviceUser.__tablename__ + ".uuid." + _user_uuid
        _password = _redis.hget(_key, "user_password")
        if _user_password != _password:
            logging.error("password not match in:%s, real:%s" %
                          (_user_password, _password))
            self._write_error()
            return

        _api_code = str(uuid.uuid1())
        _api_code = hashlib.sha1(_api_code).hexdigest()
        _api_code = base64.b64encode(_api_code)

        _api_token = str(uuid.uuid1())
        _api_token = hashlib.sha1(_api_token).hexdigest()
        _api_token = base64.b64encode(_api_token)

        _row = ApiTokenData(uuid=str(uuid.uuid1()),
                            api_code=_api_code,
                            api_token=_api_token,
                            app_uuid=_app_uuid,
                            api_uuid=_api_uuid,
                            api_level=_api_level)
        _row.async_add(_redis)
        _row.create_redis_keys(_redis)

        self.set_header("Content-Type", "application/json")
        self._header()
        _return = {
            "error_code": 0,
            "access_token": _api_token,
            "user_uuid": _user_uuid,
            "token_type": "Bearer",
        }
        self.write(json.dumps(_return))
        return