def _inner(request, *args, **kwargs): function_wrapper = { 'basic': login_or_basic_ex(allow_cc_users=True), 'digest': login_or_digest_ex(allow_cc_users=True), }[determine_authtype_from_request(request, default=default)] if not function_wrapper: return HttpResponseForbidden() return function_wrapper(fn)(request, *args, **kwargs)
def _inner(request, *args, **kwargs): function_wrapper = { BASIC: login_or_basic_ex(allow_cc_users=True), DIGEST: login_or_digest_ex(allow_cc_users=True), API_KEY: login_or_api_key_ex(allow_cc_users=True) }[determine_authtype_from_request(request, default=default)] if not function_wrapper: return HttpResponseForbidden() return function_wrapper(fn)(request, *args, **kwargs)
def _inner(request, *args, **kwargs): authtype = determine_authtype_from_request(request, default=default) if authtype == FORMPLAYER and not allow_formplayer: return HttpResponseForbidden() function_wrapper = { BASIC: login_or_basic_ex(allow_cc_users=True), DIGEST: login_or_digest_ex(allow_cc_users=True), API_KEY: login_or_api_key_ex(allow_cc_users=True), FORMPLAYER: login_or_formplayer_ex(allow_cc_users=True), }[authtype] return function_wrapper(fn)(request, *args, **kwargs)
def _inner(request, *args, **kwargs): authtype = determine_authtype_from_request(request, default=default) if authtype == FORMPLAYER and not allow_formplayer: auth_logger.info( "Request rejected reason=%s request=%s", "formplayer_auth:not_enabled_for_request", request.path ) return HttpResponseForbidden() request.auth_type = authtype # store auth type on request for access in views function_wrapper = get_auth_decorator_map(allow_cc_users=True)[authtype] return function_wrapper(fn)(request, *args, **kwargs)
def _inner(request, domain, *args, **kwargs): response = f(request, domain, *args, **kwargs) if response.status_code == 401: auth_type = determine_authtype_from_request(request) if auth_type and auth_type == 'basic': username, _ = get_username_and_password_from_request(request) if username: valid, message, error_code = ensure_active_user_by_username(username) if not valid: return json_response({ "error": error_code, "default_response": message }, status_code=406) return response
def _inner(request, domain, *args, **kwargs): response = f(request, domain, *args, **kwargs) if response.status_code == 401: auth_type = determine_authtype_from_request(request) if auth_type and auth_type == 'basic': username, password = get_username_and_password_from_request(request) if username: valid, message, error_code = ensure_active_user_by_username(username) if not valid: return json_response({ "error": error_code, "default_response": message }, status_code=406) return response
def _inner(request, *args, **kwargs): authtype = determine_authtype_from_request(request, default=default) if authtype == FORMPLAYER and not allow_formplayer: auth_logger.info( "Request rejected reason=%s request=%s", "formplayer_auth:not_enabled_for_request", request.path ) return HttpResponseForbidden() request.auth_type = authtype # store auth type on request for access in views function_wrapper = { BASIC: login_or_basic_ex(allow_cc_users=True), DIGEST: login_or_digest_ex(allow_cc_users=True), API_KEY: login_or_api_key_ex(allow_cc_users=True), FORMPLAYER: login_or_formplayer_ex(allow_cc_users=True), }[authtype] return function_wrapper(fn)(request, *args, **kwargs)
def secure_post(request, domain, app_id=None): authtype_map = { DIGEST: _secure_post_digest, BASIC: _secure_post_basic, NOAUTH: _noauth_post, } if request.GET.get('authtype'): authtype = request.GET['authtype'] else: authtype = determine_authtype_from_request(request, default=BASIC) try: decorated_view = authtype_map[authtype] except KeyError: return HttpResponseBadRequest('authtype must be one of: {0}'.format( ','.join(authtype_map))) return decorated_view(request, domain, app_id=app_id)
def secure_post(request, domain, app_id=None): authtype_map = { 'digest': _secure_post_digest, 'basic': _secure_post_basic, 'noauth': _noauth_post, } if request.GET.get('authtype'): authtype = request.GET['authtype'] else: authtype = determine_authtype_from_request(request, default=BASIC) try: decorated_view = authtype_map[authtype] except KeyError: return HttpResponseBadRequest( 'authtype must be one of: {0}'.format(','.join(authtype_map)) ) return decorated_view(request, domain, app_id=app_id)
def secure_post(request, domain, app_id=None): authtype_map = { 'digest': _secure_post_digest, 'basic': _secure_post_basic, 'noauth': _noauth_post, } if toggles.ANONYMOUS_WEB_APPS_USAGE.enabled(domain): authtype_map['token'] = _secure_post_token if request.GET.get('authtype'): authtype = request.GET['authtype'] else: authtype = determine_authtype_from_request(request, default=BASIC) try: decorated_view = authtype_map[authtype] except KeyError: return HttpResponseBadRequest('authtype must be one of: {0}'.format( ','.join(authtype_map))) return decorated_view(request, domain, app_id=app_id)
def determine_authtype(request): if request.GET.get('authtype'): return request.GET['authtype'] return determine_authtype_from_request(request)
def test_basic_is_default(self): self.assertEqual('basic', determine_authtype_from_request(self._mock_request()))
def test_override_default(self): self.assertEqual('digest', determine_authtype_from_request(self._mock_request(), default='digest'))
def test_digest_header_overrides_default(self): self.assertEqual('digest', determine_authtype_from_request(self._mock_request(auth_header='Digest whatever')))
def test_basic_header_overrides_default(self): self.assertEqual('basic', determine_authtype_from_request(self._mock_request(auth_header='Basic whatever'), default='digest'))
def test_user_agent_beats_header(self): # todo: we may want to change the behavior of this test and have the header win. # this is currently just to make sure we don't change existing behavior self.assertEqual('basic', determine_authtype_from_request(self._mock_request(user_agent='Android', auth_header='Digest whatever')))