def test_userid_from_api_token_returns_userid_for_valid_tokens():
token = models.Token('acct:[email protected]')
db.Session.add(token)
result = tokens.userid_from_api_token(token.value)
assert result == 'acct:[email protected]'
def test_userid_from_api_token_returns_userid_for_valid_tokens():
token = models.Token('acct:[email protected]')
db.Session.add(token)
result = tokens.userid_from_api_token(token.value)
assert result == 'acct:[email protected]'
def unauthenticated_userid(self, request):
"""
Return the userid implied by the token in the passed request, if any.
This function inspects the passed request for bearer tokens, and
attempts to interpret any found tokens as either API tokens or JWTs,
in that order.
:param request: a request object
:type request: pyramid.request.Request
:returns: the userid authenticated for the passed request or None
:rtype: unicode or None
"""
try:
header = request.headers['Authorization']
except KeyError:
return None
if not header.startswith('Bearer '):
return None
token = text_type(header[len('Bearer '):]).strip()
# If the token is empty at this point, it is clearly invalid and we
# should reject it.
if not token:
return None
return (tokens.userid_from_api_token(token, request)
or tokens.userid_from_jwt(token, request))
def unauthenticated_userid(self, request):
"""
Return the userid implied by the token in the passed request, if any.
This function inspects the passed request for bearer tokens, and
attempts to interpret any found tokens as either API tokens or JWTs,
in that order.
:param request: a request object
:type request: pyramid.request.Request
:returns: the userid authenticated for the passed request or None
:rtype: unicode or None
"""
try:
header = request.headers['Authorization']
except KeyError:
return None
if not header.startswith('Bearer '):
return None
token = text_type(header[len('Bearer '):]).strip()
# If the token is empty at this point, it is clearly invalid and we
# should reject it.
if not token:
return None
return (tokens.userid_from_api_token(token) or
tokens.userid_from_jwt(token, request))
def test_userid_from_api_token_returns_None_for_nonexistent_tokens():
request = mock_request()
madeuptoken = models.Token.prefix + '123abc'
result = tokens.userid_from_api_token(madeuptoken, request)
assert result is None
def test_userid_from_api_token_returns_userid_for_valid_tokens(pyramid_request):
token = models.Token('acct:[email protected]')
pyramid_request.db.add(token)
result = tokens.userid_from_api_token(token.value, pyramid_request)
assert result == 'acct:[email protected]'
def test_userid_from_api_token_returns_None_when_token_doesnt_start_with_prefix():
"""
As a sanity check, don't even attempt to look up tokens that don't start
with the expected prefix.
"""
token = models.Token('acct:[email protected]')
token.value = u'abc123'
db.Session.add(token)
result = tokens.userid_from_api_token(u'abc123')
assert result is None
def test_userid_from_api_token_returns_None_for_nonexistent_tokens():
madeuptoken = models.Token.prefix + '123abc'
result = tokens.userid_from_api_token(madeuptoken)
assert result is None
def authenticated_userid(self, request):
if _is_api_request(request):
token = bearer_token(request)
return (tokens.userid_from_api_token(token) or
tokens.userid_from_jwt(token, request))
return self.session_policy.authenticated_userid(request)
def authenticated_userid(self, request):
if _is_api_request(request):
token = bearer_token(request)
return (tokens.userid_from_api_token(token)
or tokens.userid_from_jwt(token, request))
return self.session_policy.authenticated_userid(request)