def introspection_endpoint_(self, request="", requestor="", **kwargs):
"""
The endpoint URI at which the resource server introspects an RPT
presented to it by a client.
"""
logger.debug("requestor: %s, request: %s" % (requestor, request))
ir = IntrospectionRequest().from_json(request)
try:
_info = self.session.get(ir["token"])
irep = IntrospectionResponse(
valid=True,
expires_at=_info["expires_at"],
)
try:
#requestor = self.rpt[ir["token"]]["requestor"]
perms = self.permit.get_accepted(requestor, ir["token"])
except KeyError:
pass
else:
if perms:
irep["permissions"] = perms
else:
logger.info("No permissions bound to this RPT")
logger.debug("response: %s" % irep.to_json())
response = Response(irep.to_json(), content="application/json")
except ToOld:
logger.info("RPT expired")
irep = IntrospectionResponse(valid=False)
response = Response(irep.to_json(), content="application/json")
except KeyError:
response = BadRequest()
return response
def introspection_endpoint_(self, user, **kwargs):
"""
The endpoint URI at which the resource server introspects an RPT
presented to it by a client.
"""
request = kwargs["request"]
logger.debug("requestor: %s, request: %s" % (user, request))
ir = IntrospectionRequest().from_json(request)
adb = self.get_adb(kwargs["client_id"])
try:
try:
# requestor = self.rpt[ir["token"]]["requestor"]
perms = adb.permit.get_accepted_by_rpt(user, ir["token"])
except KeyError:
response = BadRequest()
else:
if perms:
irep = IntrospectionResponse(active=True,
exp=perms[0]["exp"],
permissions=perms)
logger.debug("response: %s" % irep.to_json())
response = Response(irep.to_json(),
content="application/json")
else:
logger.info("No permissions bound to this RPT")
response = BadRequest()
except ToOld:
logger.info("RPT expired")
irep = IntrospectionResponse(valid=False)
response = Response(irep.to_json(), content="application/json")
except KeyError:
response = BadRequest()
return response
def introspection_endpoint_(self, entity, **kwargs):
"""
The endpoint URI at which the resource server introspects an RPT
presented to it by a client.
"""
request = kwargs["request"]
logger.debug("requestor: %s, request: %s" % (entity, request))
ir = IntrospectionRequest().from_json(request)
owner = safe_name(entity, kwargs["client_id"])
try:
try:
# requestor = self.rpt[ir["token"]]["requestor"]
perms = self.permit.get_accepted(owner, ir["token"])
except KeyError:
response = BadRequest()
else:
if perms:
irep = IntrospectionResponse(active=True, exp=perms[0]["exp"], permissions=perms)
logger.debug("response: %s" % irep.to_json())
response = Response(irep.to_json(), content="application/json")
else:
logger.info("No permissions bound to this RPT")
response = BadRequest()
except ToOld:
logger.info("RPT expired")
irep = IntrospectionResponse(valid=False)
response = Response(irep.to_json(), content="application/json")
except KeyError:
response = BadRequest()
return response
def test_introspection_response():
msg = """{
"valid": true,
"expires_at": 1256953732,
"issued_at": 1256912345,
"permissions": [
{
"resource_set_id": "112210f47de98100",
"scopes": [
"http://photoz.example.com/dev/actions/view",
"http://photoz.example.com/dev/actions/all"
],
"expires_at" : 1256923456
}
]
}"""
ir = IntrospectionResponse().from_json(msg)
print(ir)
assert ir["valid"] is True
assert ir["expires_at"] == 1256953732
perm = ir["permissions"]
assert len(perm) == 1
assert perm[0]["resource_set_id"] == "112210f47de98100"
resp = ir.to_json()
print(resp)
assert resp
ir2 = IntrospectionResponse(**ir.to_dict())
assert ir2["valid"] is True
assert ir2["expires_at"] == 1256953732
perm = ir2["permissions"]
assert len(perm) == 1
assert perm[0]["resource_set_id"] == "112210f47de98100"
def test_introspection_response():
msg = """{
"valid": true,
"expires_at": 1256953732,
"issued_at": 1256912345,
"permissions": [
{
"resource_set_id": "112210f47de98100",
"scopes": [
"http://photoz.example.com/dev/actions/view",
"http://photoz.example.com/dev/actions/all"
],
"expires_at" : 1256923456
}
]
}"""
ir = IntrospectionResponse().from_json(msg)
print(ir)
assert ir["valid"] is True
assert ir["expires_at"] == 1256953732
perm = ir["permissions"]
assert len(perm) == 1
assert perm[0]["resource_set_id"] == "112210f47de98100"
resp = ir.to_json()
print(resp)
assert resp
ir2 = IntrospectionResponse(**ir.to_dict())
assert ir2["valid"] is True
assert ir2["expires_at"] == 1256953732
perm = ir2["permissions"]
assert len(perm) == 1
assert perm[0]["resource_set_id"] == "112210f47de98100"
