def _get_user_filter(self, request): jwt_filters = decode_jwt_filters(request.auth) for filter_type, filter_value in jwt_filters: if filter_type == 'user': if filter_value == 'me': filter_value = request.user.username.lower() return filter_value return None
def _get_user_filter(self, request): jwt_filters = decode_jwt_filters(request.auth) for filter_type, filter_value in jwt_filters: if filter_type == 'user': if filter_value == 'me': filter_value = request.user.username.lower() return filter_value return None
def has_permission(self, request, view): """ Ensure that the course_id kwarg provided to the view contains one of the organizations specified in the content provider filters in the JWT used to authenticate. """ course_key = CourseKey.from_string(view.kwargs.get('course_id')) jwt_filters = decode_jwt_filters(request.auth) for filter_type, filter_value in jwt_filters: if filter_type == 'content_org' and filter_value == course_key.org: return True log.warning( u"Permission JwtHasContentOrgFilterForRequestedCourse: no filter found for %s.", course_key.org, ) return False
def has_permission(self, request, view): """ Ensure that the course_id kwarg provided to the view contains one of the organizations specified in the content provider filters in the JWT used to authenticate. """ course_key = CourseKey.from_string(view.kwargs.get('course_id')) jwt_filters = decode_jwt_filters(request.auth) for filter_type, filter_value in jwt_filters: if filter_type == 'content_org' and filter_value == course_key.org: return True log.warning( u"Permission JwtHasContentOrgFilterForRequestedCourse: no filter found for %s.", course_key.org, ) return False
def has_permission(self, request, view): """ Ensure that the provider_id kwarg provided to the view exists exists in the tpa_provider filters in the JWT used to authenticate. """ provider_id = view.kwargs.get('provider_id') if not provider_id: log.warning("Permission JwtHasTpaProviderFilterForRequestedProvider requires a view with provider_id.") return False jwt_filters = decode_jwt_filters(request.auth) for filter_type, filter_value in jwt_filters: if filter_type == 'tpa_provider' and filter_value == provider_id: return True log.warning( "Permission JwtHasTpaProviderFilterForRequestedProvider: required filter tpa_provider:%s was not found.", provider_id, ) return False
def test_decode_jwt_filters(self, jwt_decode_handler_name, expected_filter, mock_api_settings): mock_api_settings.JWT_DECODE_HANDLER = globals( )[jwt_decode_handler_name] filters = decode_jwt_filters(self.NORMALLY_INVALID_TOKEN) self.assertEqual(filters, expected_filter)